Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject


Log-Analyse und Auswertung: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.01.2014, 10:41   #1
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject


Hallo liebe Trojanerboard-Gemeinde,
ihr habt mir schonmal sehr geholfen und nun brauche ich wieder eure Hilfe.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-01-2014 01
Ran by Jonas (administrator) on SANDWICH on 25-01-2014 19:37:26
Running from C:\Users\Jonas\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(David Harris) D:\PMAIL\Programs\winpm-32.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fi.search.yahoo.com?type=902615&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSF&bmod=FTSF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {828C7727-01C2-42AC-A24B-6A139986C36E} URL = hxxp://fi.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {828C7727-01C2-42AC-A24B-6A139986C36E} URL = hxxp://fi.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {9770A850-5BCC-44A8-B701-B798F7714A31} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - D:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - d:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 84.2.46.1 84.2.44.1
Tcpip\..\Interfaces\{6637010D-FE57-40B9-AF26-FDD8DB274CAA}: [NameServer]192.168.1.8,192.168.1.7

FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-303729831-1353264561-2017775160-1001\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-12]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-15]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google-Suche) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (avast! WebRep) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-11-15]
CHR Extension: (Google Mail) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-11-15]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2013-03-06]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-08-09] (SANDBOXIE L.T.D)
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-05] (DT Soft Ltd)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-17] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [143464 2010-08-09] (SANDBOXIE L.T.D)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-25 19:37 - 2014-01-25 19:38 - 00023799 _____ C:\Users\Jonas\Desktop\FRST.txt
2014-01-25 19:37 - 2014-01-25 19:37 - 00000000 ____D C:\FRST
2014-01-25 19:36 - 2014-01-25 19:36 - 00000472 _____ C:\Users\Jonas\Downloads\defogger_disable.log
2014-01-25 19:36 - 2014-01-25 19:36 - 00000000 _____ C:\Users\Jonas\defogger_reenable
2014-01-25 19:34 - 2014-01-25 19:34 - 00370971 _____ C:\Users\Jonas\Desktop\gmer_2.1.19355.zip
2014-01-25 19:33 - 2014-01-25 19:34 - 02077696 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-01-25 19:33 - 2014-01-25 19:33 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2014-01-24 10:19 - 2014-01-24 10:19 - 00001985 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-20 17:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 17:03 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 17:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 17:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-20 17:02 - 2014-01-20 17:03 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-19 00:25 - 2014-01-19 00:25 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1(1).exe
2014-01-18 17:32 - 2014-01-19 00:27 - 00020396 _____ C:\Windows\unins000.dat
2014-01-18 17:32 - 2014-01-19 00:26 - 00993347 _____ C:\Windows\unins000.exe
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Jonas\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Administrator\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pegasus Mail
2014-01-18 17:18 - 2014-01-18 17:18 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1.exe
2014-01-18 14:25 - 2014-01-18 14:26 - 07624424 _____ (IObit                                                       ) C:\Users\Jonas\Downloads\smart-defrag-v3.exe
2014-01-15 02:15 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 02:15 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 02:15 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 11:54 - 2014-01-10 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-25 19:38 - 2014-01-25 19:37 - 00023799 _____ C:\Users\Jonas\Desktop\FRST.txt
2014-01-25 19:37 - 2014-01-25 19:37 - 00000000 ____D C:\FRST
2014-01-25 19:36 - 2014-01-25 19:36 - 00000472 _____ C:\Users\Jonas\Downloads\defogger_disable.log
2014-01-25 19:36 - 2014-01-25 19:36 - 00000000 _____ C:\Users\Jonas\defogger_reenable
2014-01-25 19:36 - 2010-09-22 16:12 - 00000000 ____D C:\Users\Jonas
2014-01-25 19:35 - 2010-09-23 10:19 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Skype
2014-01-25 19:34 - 2014-01-25 19:34 - 00370971 _____ C:\Users\Jonas\Desktop\gmer_2.1.19355.zip
2014-01-25 19:34 - 2014-01-25 19:33 - 02077696 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-01-25 19:33 - 2014-01-25 19:33 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2014-01-25 19:10 - 2012-04-18 12:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 19:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-25 18:57 - 2013-04-09 19:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-25 18:57 - 2010-09-22 16:00 - 02005730 _____ C:\Windows\WindowsUpdate.log
2014-01-25 10:37 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 10:37 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 10:30 - 2013-11-14 00:03 - 00002610 _____ C:\Windows\setupact.log
2014-01-25 10:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 10:21 - 2010-09-22 16:07 - 00000000 ____D C:\ProgramData\Adobe
2014-01-24 10:20 - 2010-09-22 16:12 - 00000000 ____D C:\Users\Jonas\AppData\Local\Adobe
2014-01-24 10:19 - 2014-01-24 10:19 - 00001985 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-24 10:19 - 2010-09-22 16:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-20 22:38 - 2013-07-27 17:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-20 22:38 - 2010-09-23 10:19 - 00000000 ____D C:\ProgramData\Skype
2014-01-20 22:19 - 2013-11-18 14:47 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 17:03 - 2014-01-20 17:02 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 17:03 - 2013-03-06 11:11 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 00:27 - 2014-01-18 17:32 - 00020396 _____ C:\Windows\unins000.dat
2014-01-19 00:26 - 2014-01-18 17:32 - 00993347 _____ C:\Windows\unins000.exe
2014-01-19 00:25 - 2014-01-19 00:25 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1(1).exe
2014-01-18 22:54 - 2012-10-20 18:34 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\foobar2000
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Jonas\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Administrator\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pegasus Mail
2014-01-18 17:18 - 2014-01-18 17:18 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1.exe
2014-01-18 17:18 - 2012-04-18 12:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 17:18 - 2012-04-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 17:18 - 2012-04-18 12:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 14:26 - 2014-01-18 14:25 - 07624424 _____ (IObit                                                       ) C:\Users\Jonas\Downloads\smart-defrag-v3.exe
2014-01-15 20:22 - 2013-11-14 00:02 - 03017952 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 03:03 - 2010-09-23 11:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 03:02 - 2013-07-27 18:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 03:00 - 2010-09-28 11:41 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 02:57 - 2012-05-05 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 11:54 - 2014-01-10 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

Files to move or delete:
====================
C:\ProgramData\hpe52B2.dll


Some content of TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-20 17:34

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2014 01
Ran by Jonas at 2014-01-25 19:38:22
Running from C:\Users\Jonas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft) <==== ATTENTION
64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x32 Version:  - )
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637 - Adobe Systems, Inc.)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH) Hidden
AllDup 3.4.12 (x32 Version: 3.4.12 - Michael Thummerer Software Design)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.) <==== ATTENTION
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12 - BOM Development Team)
Bluetooth Feature Pack 5.0 (Version: 5.0.14 - CSR Plc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 4.04 - Piriform)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0327 - DT Soft Ltd)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
DVBViewer TERRATEC Edition (x32 Version:  - CM&V)
ESET Online Scanner v3 (x32 Version:  - )
Evernote v. 4.6.2 (x32 Version: 4.6.2.7927 - Evernote Corp.)
FileZilla Client 3.5.3 (x32 Version: 3.5.3 - FileZilla Project)
foobar2000 v1.1.16 (x32 Version: 1.1.16 - Peter Pawlowski)
Free Download Manager 3.9.2 (x32 Version:  - FreeDownloadManager.ORG)
Fujitsu Display Manager (Version: 7.01.00.210 - FUJITSU LIMITED) Hidden
Fujitsu Display Manager (x32 Version:  - )
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000 - Ihr Firmenname) Hidden <==== ATTENTION
Fujitsu MobilityCenter Extension Utility (x32 Version:  - ) <==== ATTENTION
Fujitsu System Extension Utility (Version: 3.1.1.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version:  - )
inSSIDer 3 (x32 Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2025 - Intel Corporation) <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
iTunes (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.5.0 (64-bit) (Version: 9.5.0 - )
K-Lite Codec Pack 9.5.0 (Basic) (x32 Version: 9.5.0 - )
LifeBook Application Panel (Version: 8.1.0.0 - FUJITSU LIMITED) Hidden
LifeBook Application Panel (x32 Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
mediscript_gk1_0312 (x32 Version: 2.59 - Elsevier)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden <==== ATTENTION
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden <==== ATTENTION
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MiniTool Partition Wizard Home Edition 7.5 (x32 Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) <==== ATTENTION
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.4 - F.J. Wechselberger)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
Pegasus Mail (x32 Version:  - David Harris)
Pegasus Mail HTML Renderer 2.4.7.2 (x32 Version:  - Micha's Midnight Manufacture)
Pegasus Mail v4.63 Release 1, Build 325 (Deutsche Komplettversi (x32 Version:  - Tech Soft GmbH)
Power Saving Utility (Version: 31.01.11.013 - FUJITSU LIMITED) Hidden
Power Saving Utility (x32 Version:  - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Remote Control Server (x32 Version: 1.6.0.5 - Steppschuh)
Sandboxie 3.48 (64-bit) (Version:  - )
SDFormatter (x32 Version: 3.1.0 - SD Association)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 2 (x32 Version: 2.8 - IObit)
Sony Ericsson PC Suite 6.011.00 (x32 Version: 6.011.00 - Sony Ericsson)
SpeedFan (remove only) (x32 Version:  - )
Spyder3Pro (x32 Version:  - )
StreamTransport version: 1.0.2.2171 (x32 Version:  - )
Stronghold (x32 Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated) <==== ATTENTION
SystemDiagnostics (x32 Version: 2.04.0006 - Fujitsu Technology Solutions)
TERRATEC H6 (64 Bit) (x32 Version: 5.09.1202.00 - TERRATEC)
TreeSize Free V2.7 (x32 Version: 2.7 - JAM Software)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft) <==== ATTENTION
utility version 2.05.03 (x32 Version:  - )
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.4 (x32 Version: 2.0.4 - VideoLAN)
Walter de Gruyter - Pschyrembel (x32 Version:  - )
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation) <==== ATTENTION
Windows-Treiberpaket - TERRATEC  (USB28xxBGA) Media  (12/02/2009 5.09.1202.00) (Version: 12/02/2009 5.09.1202.00 - TERRATEC )
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
Wireless Selector (Version: 4.01.00.101 - FUJITSU LIMITED) Hidden
Wireless Selector (x32 Version:  - )
ZENcast Organizer (x32 Version:  - )

==================== Restore Points  =========================

25-01-2014 11:50:42 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-10 11:29 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B7138B2-E1A4-492A-AF21-5CF8BD373EC4} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1C85CBAD-38E9-46DF-951B-33AB5F7AB87D} - System32\Tasks\{FA46A87F-A937-465C-97F9-B700920641BE} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/en/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {510B51DA-0B88-475B-94CE-560823739814} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {5DDF0FCD-233F-4E65-BDF8-5A06C91AE8A4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6A6EC652-C59D-4829-9367-C3D42F98FC86} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {73267FFA-C627-4399-8DFD-4C66A4C1B66C} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {7EA2747A-4681-48A8-8E53-EAD1F0AF2072} - System32\Tasks\{D0D938DB-DE23-445F-8A68-C7F7BF41CFFF} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {972089C4-742E-454B-83BF-A242825B72A4} - System32\Tasks\{6F54EEE4-5FAB-40D5-BAE7-24C788D13342} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {E96A91AA-7623-4EDF-95BF-53E330F9F810} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-14] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-06 12:24 - 2013-03-06 12:24 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00135168 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Appearance Pak.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00147456 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RegEx.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00892928 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RBScript.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00098304 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Shell.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 01167312 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\XML.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00335872 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CGamma.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00131072 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CSensor.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00028672 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSRegistrationPlugin15968.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00025600 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin15968.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2014-01-10 11:54 - 2014-01-10 11:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-19 00:27 - 2011-05-19 10:37 - 00565827 _____ () D:\PMAIL\Programs\sqlite3.dll
2014-01-18 17:18 - 2014-01-18 17:18 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2014 04:31:53 PM) (Source: Application Hang) (User: )
Description: Programm winpm-32.exe, Version 4.6.3.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: af8

Startzeit: 01cf19e27887548c

Endzeit: 4

Anwendungspfad: D:\PMAIL\Programs\winpm-32.exe

Berichts-ID: ccebb23f-85d5-11e3-a888-b482fe9d84ea

Error: (01/25/2014 00:22:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15260454

Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15260454

Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4071

Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4071

Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/24/2014 10:09:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042

Error: (01/24/2014 10:09:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042


System errors:
=============
Error: (01/25/2014 02:35:08 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/24/2014 01:40:15 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/24/2014 08:34:30 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{D7A43002-C446-490F-B4F6-FD5F276E834F}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (01/23/2014 03:20:51 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/23/2014 07:07:53 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/22/2014 11:32:02 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/22/2014 10:27:13 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/21/2014 10:05:57 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/18/2014 11:06:52 PM) (Source: NetBT) (User: )
Description: Der Name "SANDWICH       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.222
registriert werden. Der Computer mit IP-Adresse 192.168.1.231 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/18/2014 11:06:52 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{D7A43002-C446-490F-B4F6-FD5F276E834F} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.


Microsoft Office Sessions:
=========================
Error: (11/12/2013 05:20:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 344 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-25 12:22:19.863
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.863
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.863
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.843
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.843
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.374
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.372
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.370
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.357
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 58%
Total physical RAM: 3892.55 MB
Available physical RAM: 1624.85 MB
Total Pagefile: 7783.29 MB
Available Pagefile: 5185.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:50 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:246.08 GB) (Free:95.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8E760A6D)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=246 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Code:
ATTFilter
GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-26 10:31:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0001 298,09GB
Running: gmer.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\kgtcypob.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                00000000759b1465 2 bytes [9B, 75]
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                               00000000759b14bb 2 bytes [9B, 75]
.text    ...                                                                                                                                                                                         * 2
---- Processes - GMER 2.1 ----

Library  C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [3680]                                                                        000007fef66e0000
Process  C:\Users\Jonas\AppData\Local\Temp\Temp1_gmer_2.1.19355.zip\gmer.exe (*** suspicious ***) @ C:\Users\Jonas\AppData\Local\Temp\Temp1_gmer_2.1.19355.zip\gmer.exe [1496](2014-01-21 20:56:24)  0000000000400000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea                                                                                                                 
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@58b035980427                                                                                                    0x63 0x1E 0xCC 0x6B ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@00164e5dc685                                                                                                    0xFF 0x03 0x2B 0x6E ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@60a10a8a2fb7                                                                                                    0x66 0x04 0xE6 0x04 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@001e45be0619                                                                                                    0x6D 0x95 0x92 0x31 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@002376649d5c                                                                                                    0x09 0xEE 0x46 0x51 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea (not active ControlSet)                                                                                             
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@58b035980427                                                                                                        0x63 0x1E 0xCC 0x6B ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@00164e5dc685                                                                                                        0xFF 0x03 0x2B 0x6E ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@60a10a8a2fb7                                                                                                        0x66 0x04 0xE6 0x04 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@001e45be0619                                                                                                        0x6D 0x95 0x92 0x31 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@002376649d5c                                                                                                        0x09 0xEE 0x46 0x51 ...

---- EOF - GMER 2.1 ----
Code:
ATTFilter
Type: Trojan program (21)	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 11:53:17	D:\PMAIL\MAIL\ADMIN20h34\PDQ9U5BP.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.ewjg	Detected; not processed	22.01.2014 11:53:16	D:\PMAIL\MAIL\ADMIN20h34\PDIY88E5.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0178(copy).jpg.zip//	DSC_0178(copy).jpg.exe	
Backdoor.Win32.ZAccess.evqp	Detected; not processed	22.01.2014 11:53:50	D:\PMAIL\MAIL\ADMIN20h34\PLUUAJF3.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_2397414914891203_289342ap.pdf.exe	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 12:01:28	D:\usb\PMAIL\MAIL\ADMIN\PDQ9U5BP.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.evlz	Detected; not processed	22.01.2014 12:02:47	D:\usb\PMAIL\MAIL\ADMIN\PQBKMU6Z.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23942312841029_23973odf.pdf.exe	
Backdoor.Win32.ZAccess.evlz	Detected; not processed	22.01.2014 11:54:05	D:\PMAIL\MAIL\ADMIN20h34\PQBKMU6Z.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23942312841029_23973odf.pdf.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 11:53:36	D:\PMAIL\MAIL\ADMIN20h34\PIV1YT75.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Backdoor.Win32.ZAccess.eykc	Detected; not processed	22.01.2014 11:53:23	D:\PMAIL\MAIL\ADMIN20h34\PF9KOTH7.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23479102487120_9412049102op.pdf.exe	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 12:00:32	D:\usb\PMAIL\MAIL\ADMIN\P6I92XCT.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.etmp	Detected; not processed	22.01.2014 12:00:54	D:\usb\PMAIL\MAIL\ADMIN\P81YGYEL.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_231094781247_164912812039iop.pdf.exe	
Backdoor.Win32.ZAccess.eykc	Detected; not processed	22.01.2014 12:01:37	D:\usb\PMAIL\MAIL\ADMIN\PF9KOTH7.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23479102487120_9412049102op.pdf.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 12:02:00	D:\usb\PMAIL\MAIL\ADMIN\PIV1YT75.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 11:53:54	D:\PMAIL\MAIL\ADMIN20h34\PN4YP8U8.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 11:52:50	D:\PMAIL\MAIL\ADMIN20h34\P6I92XCT.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.etmp	Detected; not processed	22.01.2014 11:52:56	D:\PMAIL\MAIL\ADMIN20h34\P81YGYEL.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_231094781247_164912812039iop.pdf.exe	
Backdoor.Win32.ZAccess.evqp	Detected; not processed	22.01.2014 12:02:22	D:\usb\PMAIL\MAIL\ADMIN\PLUUAJF3.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_2397414914891203_289342ap.pdf.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 12:02:29	D:\usb\PMAIL\MAIL\ADMIN\PN4YP8U8.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Backdoor.Win32.ZAccess.ewjg	Detected; not processed	22.01.2014 12:01:27	D:\usb\PMAIL\MAIL\ADMIN\PDIY88E5.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0178(copy).jpg.zip//	DSC_0178(copy).jpg.exe	
Trojan.Win32.Inject.hhnv	Deleted	22.01.2014 11:50:54	D:\PMAIL\MAIL\ADMIN\P9VIKNLK.CNM//2014_01rechnung_8825477220.pdf.zip//	2014_01rechnung_8740094773.pdf.exe	
Trojan.Win32.Inject.hhnv	Deleted	22.01.2014 11:52:08	D:\PMAIL\MAIL\ADMIN\PWUAAN7T.CNM//2014_01rechnung_6441889933.pdf.zip//	2014_01rechnung_8740094773.pdf.exe	
Trojan.Win32.Inject.hhnv	Deleted	22.01.2014 11:50:58	D:\PMAIL\MAIL\ADMIN\PB2USQYK.CNM//2014_01rechnung_4446867251.pdf.zip//	2014_01rechnung_8740094773.pdf.exe	
Type: Unknown (3)	
P9VIKNLK.CNM	Disinfected	22.01.2014 11:50:54	D:\PMAIL\MAIL\ADMIN\	P9VIKNLK.CNM	
PB2USQYK.CNM	Disinfected	22.01.2014 11:50:58	D:\PMAIL\MAIL\ADMIN\	PB2USQYK.CNM	
PWUAAN7T.CNM	Disinfected	22.01.2014 11:52:08	D:\PMAIL\MAIL\ADMIN\	PWUAAN7T.CNM
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.26.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jonas :: SANDWICH [Administrator]

26.01.2014 10:42:03
mbam-log-2014-01-26 (10-42-03).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 336247
Laufzeit: 6 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Vielen, vielen, vielen Dank!
eiskorn.
Geändert von eiskorn (26.01.2014 um 10:50 Uhr)

 

Themen zu Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
ad-aware, association, bonjour, browser, combofix, converter, coupons, device driver, ebanking, email, excel, fehler, firefox, flash player, free download, ftp, homepage, iexplore.exe, kaspersky, klelam.sys, mozilla, netzwerk, programm, realtek, registry, rundll, scan, security, sehr geholfen, services.exe, software, svchost.exe


« XP Laptop: Probleme nach trash.gen australianbrewingcompany Trojaner / keine Tastatur oder schwarzer Bildschirm | Vista-Befall mit Trojan:Win32\Necurs.A und PUP.OfferBundler.ST »


Ähnliche Themen: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject


  1. Microsoft Security Essentials findet wiederholt Trojan:Win32 und BrowserModifier:Win32
    Plagegeister aller Art und deren Bekämpfung - 15.08.2015 (13)
  2. Win 7, Zonealarm findet Trojan-Spy.Win32.VB.qu und Worm.Win32.VB.fp auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (9)
  3. Windows 8.1: Trojan:Win32/Meredrop, Trojan:Win32/Malagent, Trojan:Win32/Matsnu.L und Worm:Win32/Ainslot.A
    Log-Analyse und Auswertung - 19.01.2014 (5)
  4. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  5. Win7 ransomware wgsdgsdgdsgsd.dll, Win32/Reveton!lnk (runctf.lnk), Trojan.Ransom.Win32.Foreign.AMN (A)
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (9)
  6. Exploit.Script.Generic, Exploit.JS.Pdfka.gfa, Backdoor.Win32.ZAccess.ypw, Backdoor.Win32.ZAccess.yqi, Trojan.Win32.Miner.dw und weitere
    Log-Analyse und Auswertung - 02.10.2012 (7)
  7. TR/Ransom.294912 (Antivir) / Trojan-Ransom.Win32.Gimemo.vyp (Kaspersky)
    Log-Analyse und Auswertung - 20.07.2012 (18)
  8. Backdoor.Win32.ZAccess.mbg und Trojan.Win32.Small.bmph
    Log-Analyse und Auswertung - 10.07.2012 (28)
  9. Trojan:Win32/Alureon.FL | PWS:Win32/Fareit.A | Trojan:Win32/Sirefef.P....Auch MBR infiziert?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (7)
  10. Backdoor:Win32/Cbot.B - Trojan:Win32/FakeSysdef
    Log-Analyse und Auswertung - 04.05.2011 (32)
  11. Kaspersky findet trojanisches Programm Trojan.Win32.FakeAV.tcu
    Plagegeister aller Art und deren Bekämpfung - 09.01.2011 (21)
  12. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  13. Trojan-Spy.Win32.Pophot.gzv / Trojan.Win32.Buzus.alwl / Virus.Win32.Virut.ce
    Plagegeister aller Art und deren Bekämpfung - 19.02.2009 (1)
  14. eventuell noch trojaner? Trojan-PSW.Win32.Delf.cqp, Backdoor.Win32.Poison.jmo
    Log-Analyse und Auswertung - 21.11.2008 (0)
  15. Kaspersky findet Trojaner Trojan-Downloader.Win32-Zlob.xjd
    Plagegeister aller Art und deren Bekämpfung - 02.09.2008 (7)
  16. Trojan.Win32.Sphinx.a+Backdoor.Win32.agent.zq+HJT-log
    Plagegeister aller Art und deren Bekämpfung - 01.12.2006 (1)
  17. brauch hilfe bei: Win32/Oleloa.gen!, Trojan.Win32.Golid.g, Trojan.Win32.Small.ev
    Plagegeister aller Art und deren Bekämpfung - 29.11.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Hallo liebe Trojanerboard-Gemeinde, ihr habt mir schonmal sehr geholfen und nun brauche ich wieder eure Hilfe. FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool - Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject...
Archiv
Du betrachtest: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55