Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner: Please update to continue...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.05.2014, 23:26   #1
woo__
 
Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Hallo,

ich habe heute beim surfen auf meinem iphone feststellen müssen, dass sich facebook nicht mehr öffnen ließ. Nach einigen Stunden habe ich ein neuen Versuch unternommen, diesmal erschien beim öffnen von Facebook die Fehlermeldung:

Warning! Internet Explorer is currently out of date. Please update to continue

Ich habe mir nicht viel dabei gedacht, bis auf die Tatsache, dass das Phone kein IE verwendet...

Ich habe dann über meinen Laptop (Windows Vista) Facebook geöffnet, doch einige Stunden später ging auch hier nichts mehr.

Beim Öffnen des Internet Explorers erscheint ebenfalls die Meldung:

Warning! Internet Explorer is currently out of date. Please update to continue

Manchmal werde ich auch aufgefordert nicht den IE sondern den Flash Player zu aktualisieren.

Wie können sich beide Geräte infiziert haben, obwohl sie nicht direkt miteinander Verbunden waren, zumindestens nicht über Hardware. Beide Geräte verwenden das gleiche WLAN Netz.
Kann das eine mögliche Ursache sein?

Wie kann ich den Trojaner vom Laptop entfernen, und vor allem, wie kriege ich ihn vom iPhone weg?
Ich dachte, dass OS nicht anfällig für Viren und Trojaner ist...

Alt 20.05.2014, 05:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



hi,

setz mal den Router auf Werkseinstellungen zurück. Dann beim rechner:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.05.2014, 19:18   #3
woo__
 
Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Hallo,

danke für deine Hilfe.

Hier die gewünschen log files:

FRST.txt


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014
Ran by Andrzej (administrator) on COMPUTER on 20-05-2014 11:58:23
Running from C:\Users\Andrzej\Downloads
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HiTRSUT) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(HiTRUST) C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
(CyberLink) C:\Acer\Empowering Technology\eAudio\eAudio.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Behringer Spezielle Studiotechnik GmbH) C:\Windows\System32\bcd2kcpan.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(EasyBits Software AS) C:\ProgramData\GameXN\GameXNGO.exe
(Acer) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Realtek Semiconductor Corp.) C:\Users\Andrzej\AppData\Local\Temp\RtkBtMnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNMTray.exe
(Acer Inc.) C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe
(Acer Inc.) C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Acer) C:\Program Files\Acer\Acer VCM\VC.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [865840 2007-05-09] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [eDataSecurity Loader] => C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [457216 2007-04-25] (HiTRUST)
HKLM\...\Run: [eAudio] => C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-04-26] (CyberLink)
HKLM\...\Run: [Acer Tour] => [X]
HKLM\...\Run: [PLFSet] => C:\Windows\PLFSet.dll [45056 2007-03-09] ( )
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [SetPanel] => C:\Acer\APanel\APanel.cmd
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [502544 2007-05-04] (Dritek System Inc.)
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [206952 2007-05-03] (CyberLink Corp.)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-05-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [WarReg_PopUp] => C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.)
HKLM\...\Run: [eRecoveryService] => [X]
HKLM\...\Run: [Acer Tour Reminder] => C:\Acer\AcerTour\Reminder.exe [151552 2007-02-15] (Acer Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Yahoo Messenger] => [X]
HKLM\...\Run: [BCD2000] => C:\Windows\system32\bcd2kcpan.exe [532480 2011-03-20] (Behringer Spezielle Studiotechnik GmbH)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
HKLM\...\Policies\Explorer\Run: [] => 1 No File
HKU\.DEFAULT\...\Run: [Acer Tour Reminder] => C:\Acer\AcerTour\Reminder.exe [151552 2007-02-15] (Acer Inc.)
HKU\.DEFAULT\...\RunOnce: [] - [X]
HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\RunOnce: [] - [X]
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\RunOnce: [] - [X]
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Run: [GameXN GO] => C:\ProgramData\GameXN\GameXNGO.exe [347008 2012-02-16] (EasyBits Software AS)
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\MountPoints2: {3c39fdbd-ed2c-11df-8340-bef623f62fe1} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\MountPoints2: {57bc52db-ecb9-11df-adf3-a42f81b72e99} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\MountPoints2: {620096e3-103e-11e0-ba58-81eed42a4ba1} - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\recycle.exe
HKU\S-1-5-21-1272694512-3354926786-2580265685-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1272694512-3354926786-2580265685-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1272694512-3354926786-2580265685-1002\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [27432 2007-04-26] ()
HKU\S-1-5-21-1272694512-3354926786-2580265685-1002\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: acaptuser32.dll => C:\Windows\system32\acaptuser32.dll [111992 2008-06-12] (Adobe Systems, Inc.)
AppInit_DLLs:  eNetHook.dll => C:\Windows\system32\eNetHook.dll [90112 2007-05-22] (acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -  No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll (HiTRUST)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 23.253.94.129 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\qbgdtnwk.default
FF user.js: detected! => C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\qbgdtnwk.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\qbgdtnwk.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-12-13]
FF Extension: YouTube Unblocker - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\qbgdtnwk.default\Extensions\youtubeunblocker@unblocker.yt.xpi [2013-07-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{E634117B-33A8-4C70-8210-198010F03834}] - C:\Users\Andrzej\AppData\Roaming\12003.107
FF Extension: Java Link Helper - C:\Users\Andrzej\AppData\Roaming\12003.107 [2013-07-11]

========================== Services (Whitelisted) =================

R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512 2007-04-25] (HiTRSUT)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-03-14] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [135168 2007-05-22] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-02-13] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-05-10] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [107008 2006-11-24] ()
R2 NIS; C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2218600 2011-04-08] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] ()
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [163840 2007-05-16] (acer)
S2 Automatisches LiveUpdate - Scheduler; "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [X]
S2 HitmanPro37CrusaderBoot; "F:\HitmanPro.exe" /crusader:boot [X]

==================== Drivers (Whitelisted) ====================

S3 BCD2000; C:\Windows\System32\Drivers\BCD2000.SYS [42400 2011-03-20] (Behringer Spezielle Studiotechnik GmbH)
S3 BCD2000WDM; C:\Windows\System32\Drivers\BCD2000WDM.SYS [21632 2011-03-20] (Behringer Spezielle Studiotechnik GmbH)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx86.sys [995488 2012-10-24] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1405000.01C\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
S2 E4LOADER; C:\Windows\System32\Drivers\e4ldr.sys [69656 2007-01-04] (Analog Deivces)
S3 e4usbaw; C:\Windows\System32\DRIVERS\e4usbaw.sys [104344 2007-01-04] (Analog Devices Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-11-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-11-10] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20121123.001\IDSvix86.sys [386720 2012-11-09] (Symantec Corporation)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-05-20] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20121125.006\NAVENG.SYS [92704 2012-11-10] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20121125.006\NAVEX15.SYS [1601184 2012-11-10] (Symantec Corporation)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20264 2007-04-12] (HiTRUST)
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-04-25] (HiTRUST)
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-04-12] (HiTRUST)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-07] ()
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1405000.01C\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1405000.01C\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1405000.01C\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1405000.01C\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1405000.01C\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1405000.01C\SYMTDIV.SYS [352344 2013-04-25] (Symantec Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-04-19] (Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U5 ERSvc; C:\Windows\System32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
U3 navapsvc; 
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 SAVRT; 
U1 SAVRTPEL; 
U0 sr; 
U2 srservice; %SystemRoot%\system32\svchost.exe -k netsvcs
U3 TlntSvr; 
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-20 11:58 - 2014-05-20 11:58 - 00027631 _____ () C:\Users\Andrzej\Downloads\FRST.txt
2014-05-20 11:58 - 2014-05-20 11:58 - 00000000 ____D () C:\FRST
2014-05-20 11:56 - 2014-05-20 11:56 - 01056768 _____ (Farbar) C:\Users\Andrzej\Downloads\FRST.exe
2014-05-20 01:10 - 2014-05-20 01:10 - 00000000 ____D () C:\Users\Andrzej\Downloads\backups
2014-05-20 01:08 - 2014-05-20 01:08 - 00013251 _____ () C:\Users\Andrzej\Desktop\hijackthis.log
2014-05-20 01:07 - 2014-05-20 01:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrzej\Downloads\HiJackThis204.exe
2014-05-20 00:26 - 2014-05-20 00:26 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-05-16 10:50 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 10:50 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 10:50 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 09:37 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-02 20:52 - 2014-05-02 20:54 - 00000000 ____D () C:\Users\Andrzej\Desktop\Hanna
2014-05-01 21:45 - 2014-05-02 13:00 - 00000000 ____D () C:\Users\Andrzej\AppData\Local\{507B2FAE-7EF8-6968-2A4E-431B09C0CDDA}

==================== One Month Modified Files and Folders =======

2014-05-20 11:58 - 2014-05-20 11:58 - 00027631 _____ () C:\Users\Andrzej\Downloads\FRST.txt
2014-05-20 11:58 - 2014-05-20 11:58 - 00000000 ____D () C:\FRST
2014-05-20 11:57 - 2012-02-16 22:32 - 00000000 ____D () C:\ProgramData\GameXN
2014-05-20 11:56 - 2014-05-20 11:56 - 01056768 _____ (Farbar) C:\Users\Andrzej\Downloads\FRST.exe
2014-05-20 11:38 - 2013-08-07 14:57 - 01957339 _____ () C:\Windows\WindowsUpdate.log
2014-05-20 11:37 - 2012-02-16 22:32 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\go
2014-05-20 11:35 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 11:35 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 11:35 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 01:11 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 01:10 - 2014-05-20 01:10 - 00000000 ____D () C:\Users\Andrzej\Downloads\backups
2014-05-20 01:08 - 2014-05-20 01:08 - 00013251 _____ () C:\Users\Andrzej\Desktop\hijackthis.log
2014-05-20 01:07 - 2014-05-20 01:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrzej\Downloads\HiJackThis204.exe
2014-05-20 01:05 - 2010-11-16 15:05 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Skype
2014-05-20 00:54 - 2011-07-30 14:36 - 00000000 ____D () C:\Users\Andrzej\Desktop\Wirtschaftsingenieurwesesn Fachliteratur
2014-05-20 00:26 - 2014-05-20 00:26 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-05-19 19:46 - 2011-04-13 20:57 - 00000000 ____D () C:\Users\Andrzej\AppData\Local\QuickPar
2014-05-19 19:46 - 2010-11-11 03:03 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\UseNeXT
2014-05-19 19:43 - 2010-11-10 02:24 - 00192000 _____ () C:\Users\Andrzej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-19 18:08 - 2012-07-10 11:15 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\vlc
2014-05-18 13:56 - 2006-11-02 12:33 - 01567294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 15:20 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-16 11:00 - 2013-09-04 21:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 10:57 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-16 10:55 - 2010-11-10 13:00 - 00000000 ____D () C:\Program Files\DivX
2014-05-16 10:55 - 2010-11-10 12:59 - 00000000 ____D () C:\ProgramData\DivX
2014-05-16 10:54 - 2013-10-10 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-14 13:11 - 2012-01-16 18:26 - 00000000 ____D () C:\Users\Andrzej\Desktop\Neuer Ordner (11)
2014-05-13 09:36 - 2012-11-11 16:48 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-05-13 09:36 - 2012-11-11 16:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-12 16:39 - 2010-11-10 12:37 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Winamp
2014-05-10 16:38 - 2012-04-05 21:49 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-10 16:38 - 2011-05-13 00:01 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-09 18:59 - 2013-11-11 10:35 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Mp3tag
2014-05-06 01:32 - 2014-05-16 10:50 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-16 10:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 01:14 - 2014-05-16 10:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-02 20:54 - 2014-05-02 20:52 - 00000000 ____D () C:\Users\Andrzej\Desktop\Hanna
2014-05-02 16:38 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\security
2014-05-02 13:00 - 2014-05-01 21:45 - 00000000 ____D () C:\Users\Andrzej\AppData\Local\{507B2FAE-7EF8-6968-2A4E-431B09C0CDDA}
2014-05-02 13:00 - 2010-11-10 01:59 - 00000000 ____D () C:\Windows\ACER
2014-04-20 17:04 - 2010-11-24 03:09 - 00000000 ____D () C:\Windows\Minidump
2014-04-20 16:24 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool

Files to move or delete:
====================
C:\Users\Andrzej\AppData\Roaming\settings.ini


Some content of TEMP:
====================
C:\Users\Andrzej\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Andrzej 1\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Andrzej 1\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 11:40

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-05-2014
Ran by Andrzej at 2014-05-20 11:58:56
Running from C:\Users\Andrzej\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Acer Arcade Deluxe (HKLM\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.1.4107 - CyberLink Corp.)
Acer Crystal Eye webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.7.26.500-1.0 - Sonix)
Acer Crystal Eye webcam (HKLM\...\{AA047D7C-5E7C-4878-B75C-77589151B563}) (Version: 1.0.7 - SUYIN)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 2.5.4008 - )
Acer eDataSecurity Management (HKLM\...\{AEEAE013-92F1-4515-B278-139F1A692A36}) (Version: 2.5.4241 - HiTRUST Inc.)
Acer eLock Management (HKLM\...\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}) (Version: 2.5.4005 - Acer Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4006 - Acer Inc.)
Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.6.4007 - Acer Inc.)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.5.4014 - Acer Inc.)
Acer ePresentation Management (HKLM\...\{BF839132-BD43-4056-ACBF-4377F4A88E2A}) (Version: 2.5.4002 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4008 - Acer Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.67.522 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.3003 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.11.20070427 - Acer Inc.)
Acer Tour (HKLM\...\{94389919-B0AA-4882-9BE8-9F0B004ECA35}) (Version: 2.0.1001 - Acer Inc.)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 2.05.3001.7175 - Acer)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0 - Adobe Systems) Hidden
Adobe Captivate Quiz Results Analyzer (HKLM\...\QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Captivate Quiz Results Analyzer (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Captivate Reviewer (HKLM\...\AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Captivate Reviewer (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.0.626 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version:  - )
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version:  - )
Canon MP210 series Benutzerregistrierung (HKLM\...\Canon MP210 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.13 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
Content Manager 2 (HKLM\...\Content Manager 2) (Version: 3.18.0.342250 - NNG Llc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
DVDStyler v1.8.2 (HKLM\...\DVDStyler_is1) (Version:  - )
GameXN GO (HKCU\...\Game Organizer) (Version:  - GameXN AS)
GoldWave v4.26 (HKLM\...\GoldWave v4.26) (Version:  - )
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version:  - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel(R) Corporation)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Launch Manager (HKLM\...\LManager) (Version:  - )
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.58 (HKLM\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Norton Internet Security (HKLM\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
NTI Backup NOW! 4.7 (HKLM\...\{67ADE9AF-5CD9-4089-8825-55DE4B366799}) (Version: 4 - NewTech Infosystems)
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Controller Driver (Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 270.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 270.61 - NVIDIA Corporation)
NVIDIA Grafiktreiber 270.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 270.61 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.270.54.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 270.61 (Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA Update 1.1.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.1.34 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.1.34 - NVIDIA Corporation) Hidden
Open Freely (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66C3}_is1) (Version: 1.0 - Download Freely, LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5413 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
SAGEM F@st 800-840 (HKLM\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version: 4.06.000 - SAGEM)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Skype™ 5.8 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SolveigMM AVI Trimmer (HKLM\...\SolveigMM AVI Trimmer 2.1.1307.29) (Version: 2.1.1307.29 - Solveig Multimedia)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.2.3.1 - Synaptics)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Virtual DJ Pro Full - Atomix Productions (HKLM\...\Virtual DJ Pro Full - Atomix Productions) (Version:  - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WAV To MP3 V2 (HKLM\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
Winamp (HKLM\...\Winamp) (Version: 5.581  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winbond CIR Drivers (HKLM\...\{427967BF-09F8-46D5-9275-37001CCBBA5D}) (Version: 7.60.1002 - Winbond Electronics)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

19-05-2014 18:36:42 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-02-16 11:51 - 2012-02-16 12:11 - 00001436 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90 
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com
127.0.0.1       localhost


==================== Scheduled Tasks (whitelisted) =============

Task: {16F8BDA3-7655-4326-9464-F8D28C552FC6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42531BDA-46AE-4580-8B6E-562EC2A8DE20} - System32\Tasks\{6C2F4E46-CCED-42F0-B628-740F45CDC476} => C:\Program Files\Skype\\Phone\Skype.exe [2012-02-29] (Skype Technologies S.A.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4ACB49C5-F70E-4074-BC32-653157FE9018} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {732D99CD-909C-469E-86E8-280FB5A27C64} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8BA73728-0748-4C84-B4AF-B18F13E16D0B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: {907B89C4-1E0F-45B6-81E6-16755736A124} - System32\Tasks\Microsoft\Windows\RestartManager\{D4D59F45-5DA6-4f65-80FC-ADF95544E99B} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {B4C9283A-6241-4A66-881B-36052C6DA83F} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {C0F5D93B-A14A-4010-A5F3-B97CF4303EE6} - System32\Tasks\Microsoft\Windows\RestartManager\{11CFBEAC-7E9F-4d98-8CFA-B4D6CC76D257} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {CC09FEE8-7193-4BEA-B68F-C64E6609E078} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-11-11] ()

==================== Loaded Modules (whitelisted) =============

2008-10-16 17:57 - 2008-10-16 17:57 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-05-11 07:03 - 2006-11-24 12:57 - 00107008 _____ () C:\Acer\Mobility Center\MobilityService.exe
2007-05-11 07:03 - 2006-10-24 10:54 - 00033280 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2007-05-11 07:08 - 2006-07-19 20:36 - 00262247 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2010-11-10 02:17 - 2007-02-13 07:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
2010-11-10 02:17 - 2007-02-13 07:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\IERYETF.dll
2010-11-10 02:09 - 2007-05-10 15:05 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2010-11-10 02:09 - 2007-05-10 15:05 - 00114688 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2010-11-10 02:09 - 2007-05-10 15:05 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2010-11-10 02:09 - 2007-05-10 15:05 - 00114688 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2010-11-10 02:09 - 2007-05-10 15:05 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2014-05-02 13:28 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
2007-04-25 17:30 - 2007-04-25 17:30 - 00063488 _____ () C:\Windows\system32\ShowErrMsg.dll
2007-04-25 17:31 - 2007-04-25 17:31 - 00028672 _____ () C:\Windows\system32\BatchCrypto.dll
2007-05-11 07:12 - 2007-02-07 10:25 - 00208896 _____ () C:\Acer\Empowering Technology\EPOWER\SysHook.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2010-11-10 02:16 - 2006-10-16 16:51 - 00618496 _____ () C:\Program Files\Acer\Acer VCM\AcerControl.dll
2011-05-12 23:49 - 2013-12-03 16:06 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2007-05-11 07:11 - 2007-04-25 11:35 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2007-05-11 07:10 - 2007-04-25 11:35 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2007-05-11 07:16 - 2007-04-26 17:54 - 00106496 _____ () C:\Acer\Empowering Technology\eAudio\eAudioUI.dll
2007-05-11 07:16 - 2007-03-22 11:51 - 00003584 _____ () C:\Acer\Empowering Technology\eAudio\de\eAudioUI.resources.dll
2007-05-11 07:13 - 2007-04-11 16:42 - 00307200 _____ () C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
2007-05-11 07:13 - 2007-04-11 15:07 - 00077824 _____ () C:\Acer\Empowering Technology\ePresentation\de\ePresentationCTL.resources.dll
2007-05-11 07:16 - 2007-03-14 11:00 - 00831488 _____ () C:\Acer\Empowering Technology\eLock\eLockCTL.dll
2007-05-11 07:16 - 2007-03-14 11:00 - 00135168 _____ () C:\Acer\Empowering Technology\eLock\de\eLockCTL.resources.dll
2007-05-11 07:17 - 2007-05-10 15:05 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2007-05-11 07:17 - 2007-05-10 15:05 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2007-05-11 07:17 - 2007-05-10 15:05 - 00983040 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2007-05-11 07:17 - 2007-05-10 15:05 - 00143360 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2007-05-11 07:14 - 2007-05-22 16:00 - 00249856 _____ () C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
2007-05-11 07:17 - 2007-05-10 15:05 - 00003584 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Plugin.resources.dll
2007-05-11 07:17 - 2007-05-10 15:05 - 00010752 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Presenter.resources.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Malwarebytes' Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/11/2014 05:08:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16545 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1550
Anfangszeit: 01cf6d2a83af7407
Zeitpunkt der Beendigung: 387

Error: (05/09/2014 06:52:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16545, Zeitstempel 0x531a4f73, fehlerhaftes Modul Flash32_13_0_0_182.ocx, Version 13.0.0.182, Zeitstempel 0x533390a3, Ausnahmecode 0xc0000005, Fehleroffset 0x0021e9f7,
Prozess-ID 0x22e0, Anwendungsstartzeit iexplore.exe0.

Error: (05/09/2014 03:48:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Acrobat.exe, Version 9.0.0.332, Zeitstempel 0x4850eb76, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18277, Zeitstempel 0x4c28d53e, Ausnahmecode 0xc0000005, Fehleroffset 0x00047456,
Prozess-ID 0x2284, Anwendungsstartzeit Acrobat.exe0.

Error: (04/18/2014 09:01:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung spoolsv.exe, Version 6.0.6002.18294, Zeitstempel 0x4c6a9898, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x7a4, Anwendungsstartzeit spoolsv.exe0.

Error: (04/18/2014 07:04:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Wordconv.exe, Version 12.0.6014.5000, Zeitstempel 0x4601e185, fehlerhaftes Modul wordcnv.dll_unloaded, Version 0.0.0.0, Zeitstempel 0x4601e167, Ausnahmecode 0xc0000005, Fehleroffset 0x5ce6d488,
Prozess-ID 0x1b08, Anwendungsstartzeit Wordconv.exe0.

Error: (04/13/2014 09:40:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 187966

Error: (04/13/2014 09:40:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 187966

Error: (04/13/2014 09:40:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2014 09:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6365

Error: (04/13/2014 09:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6365


System errors:
=============
Error: (05/20/2014 11:36:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/20/2014 11:36:10 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/20/2014 11:35:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: rimmptsk%%1058

Error: (05/20/2014 11:35:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Automatisches LiveUpdate - Scheduler%%3

Error: (05/20/2014 11:35:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (05/20/2014 11:35:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: HitmanPro 3.7 Crusader (Boot)%%3

Error: (05/20/2014 11:35:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: General Purpose USB Driver (e4ldr.sys)%%1058

Error: (05/20/2014 00:54:18 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/20/2014 00:53:59 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/20/2014 00:53:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Automatisches LiveUpdate - Scheduler%%3


Microsoft Office Sessions:
=========================
Error: (05/11/2014 05:08:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.16545155001cf6d2a83af7407387

Error: (05/09/2014 06:52:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16545531a4f73Flash32_13_0_0_182.ocx13.0.0.182533390a3c00000050021e9f722e001cf6ba712ab4290

Error: (05/09/2014 03:48:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Acrobat.exe9.0.0.3324850eb76ole32.dll6.0.6002.182774c28d53ec000000500047456228401cf6b86ee64ff40

Error: (04/18/2014 09:01:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: spoolsv.exe6.0.6002.182944c6a9898unknown0.0.0.000000000c0000005000000007a401cf5b2712d84f4a

Error: (04/18/2014 07:04:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Wordconv.exe12.0.6014.50004601e185wordcnv.dll_unloaded0.0.0.04601e167c00000055ce6d4881b0801cf5b284e6ab060

Error: (04/13/2014 09:40:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 187966

Error: (04/13/2014 09:40:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 187966

Error: (04/13/2014 09:40:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2014 09:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6365

Error: (04/13/2014 09:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6365


CodeIntegrity Errors:
===================================
  Date: 2014-05-20 00:29:15.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:14.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:14.671
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:14.437
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:14.187
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:13.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:13.049
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:12.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:12.565
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 00:29:12.315
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 2045.68 MB
Available physical RAM: 753.91 MB
Total Pagefile: 4332.37 MB
Available Pagefile: 2644.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.25 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:69.77 GB) (Free:11.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:66.27 GB) (Free:4.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: B2E0DF8B)
Partition 1: (Not Active) - (Size=10 GB) - (Type=12)
Partition 2: (Active) - (Size=70 GB) - (Type=06)
Partition 3: (Not Active) - (Size=66 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=17)

==================== End Of Log ============================
         
Sorry, hab euere Anleitung erst eben gelesen... soll ich als nächstes den Schritt mit GMER Scan ausführen?





Ein weiterer Hinweis:

Die besagten Probleme sind auf einmal weg.

IE lässt sich ganz regulär öffnen, Outlook hat zugriff auf das Internet (heute ist mir aufgefallen, dass Outlook keine Verbindung aufbauen konnte) und das iPhone kann auch wieder Facebook öffnen...

Bis auf den ausschließlichen Scan mit Farber's Recovery Scan Tool wurde nichts weiter gemacht...

Die log files wurden gegen 13:00 Uhr gepostet. Zu dem Zeitpunkt bestand das Problem immer noch.
Als ich heute gegen 16:00 Uhr den Rechner erneut hogefahren habe, ist die Fehlermeldung nicht mehr erschienen.





Nachtrag 20:20 Uhr

Die Probleme sind wieder aufgetaucht, der IE funktioniert nicht richtig und auch das iPhone ist betroffen. Outlook kann wieder keine Verbindung aufbauen.

Firefox funktioniert ohne Einschränkungen.
__________________

Geändert von woo__ (20.05.2014 um 15:21 Uhr)

Alt 21.05.2014, 08:59   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Router zurückgesetzt wie oben beschrieben? Wir haben hier aber ein anderes problem ( neben dem total verseuchten Rechner.....)
Zitat:
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.05.2014, 11:50   #5
woo__
 
Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Hallo,

nein den Router habe ich nicht zurückgesetzt... warum auch immer, aber ich habe es einfach überlesen.

Das war ein großer Fehler, denn nach dem der Router jetzt zurückgesetzt wurde funktioniert alles wieder.

Woran lag das Problem?

Ich verstehe zwar, dass sich Router aufhängen und dann gar nichts mehr geht, aber warum zeigt der Rechner dann die Meldung an, dass der IE oder der Flash Player aktualisiert werden soll?

Du hast mir geschrieben, dass mein Rechner toal verseucht ist, danke für den Hinweis.
Ich habe bereits mit der Datensicherung angefangen und werden Windows neu installieren.

Ich würde nach Möglichkeit keine verseuchten Dateien sichern. Mit welchen Programm kann ich meine Dateien scanen und sicher gehen, dass ich keine Vieren und Trojaner mit der Sicherung auf das neu installierte System mitnehme?


Alt 22.05.2014, 08:45   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Du hast mein obiges Zitat aus deiner Hostfile gesehen?

Der Router hat sich nit aufgehängt, der Router war infiziert.
__________________
--> Trojaner: Please update to continue...

Alt 22.05.2014, 10:13   #7
woo__
 
Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Hallo,

ich habe das Zitat gesehen, konnte es aber nicht wirklich deuten.

Ich wusste gar nicht, dass der Router sich infizieren kann. Das erklärt, warum ich mich nicht mit meiem Passwort im Router einloggen konnte.

Woran sieht man das in der Logfile? Sind es bestimmte IP Adressen die dann vom Router automatisch angewählt werden?

Ist von einer Gefahr auf andere Geräte auszugehen, die über den Router mit dem Internet verbunden waren?

Danke für deine Geduld.

Alt 23.05.2014, 10:52   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner: Please update to continue... - Standard

Trojaner: Please update to continue...



Zitat:
ich habe das Zitat gesehen, konnte es aber nicht wirklich deuten.
Das ist ein Crack um die Registrierung des geklauten Adobe Produktes zu umgehen. Und bei sowas wird der Support eingestellt bis alles gecrackte gelöscht ist.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Trojaner: Please update to continue...
direkt, ebenfalls, entfernen, explorer, fehlermeldung, flash player, infiziert, internet, internet explorer, laptop, neue, neuen, nicht mehr, nichts, player, please, surfen, trojaner, update, viren, vista, windows, windows vista, wlan, öffnen




Ähnliche Themen: Trojaner: Please update to continue...


  1. Windows 7/8: Continue Live Installation (und mehr?) eingefangen
    Plagegeister aller Art und deren Bekämpfung - 02.10.2015 (15)
  2. Continue live installation
    Plagegeister aller Art und deren Bekämpfung - 22.03.2015 (17)
  3. Continue Live Installation meldung
    Log-Analyse und Auswertung - 22.03.2015 (17)
  4. Continue Live Installation
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (13)
  5. Windows 8.1: Continue Live Installation
    Log-Analyse und Auswertung - 19.11.2014 (12)
  6. Continue Live Installation Entfernen
    Log-Analyse und Auswertung - 22.10.2014 (1)
  7. Continue Live Installation
    Plagegeister aller Art und deren Bekämpfung - 01.10.2014 (17)
  8. Click to Continue by Youtube Lyrics - Virus?
    Log-Analyse und Auswertung - 03.12.2013 (12)
  9. Click to Continue entfernen
    Log-Analyse und Auswertung - 16.07.2013 (9)
  10. Click to Continue by CouponDropDown
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (15)
  11. Click to Continue by browse to save - maleware
    Plagegeister aller Art und deren Bekämpfung - 08.04.2013 (3)
  12. 2x | Click to Continue by browse to save - maleware
    Mülltonne - 08.04.2013 (1)
  13. Click to Continue by CouponDropDown bekomm ich nicht weg
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (7)
  14. click to continue by savings sidekick
    Plagegeister aller Art und deren Bekämpfung - 04.03.2013 (3)
  15. click and continue zum Zweiten
    Plagegeister aller Art und deren Bekämpfung - 10.02.2013 (15)
  16. click and continue
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (28)
  17. click to continue by savings sidekick
    Plagegeister aller Art und deren Bekämpfung - 02.12.2012 (21)

Zum Thema Trojaner: Please update to continue... - Hallo, ich habe heute beim surfen auf meinem iphone feststellen müssen, dass sich facebook nicht mehr öffnen ließ. Nach einigen Stunden habe ich ein neuen Versuch unternommen, diesmal erschien beim - Trojaner: Please update to continue......
Archiv
Du betrachtest: Trojaner: Please update to continue... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.