Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?

Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?


Plagegeister aller Art und deren Bekämpfung: Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.06.2014, 11:21   #3
maxi3736
 
Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun? - Standard

Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2014 02
Ran by maxi3736 (administrator) on MAXI3736-PC on 15-06-2014 12:19:30
Running from C:\Users\maxi3736\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Interactive Digital Media) C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Toshiba) C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4911104 2008-01-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [NDSTray.exe] => NDSTray.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [topi] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1836544 2008-02-18] (Google)
HKLM\...\Run: [Desktop SMS] => C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328 2007-06-18] (Interactive Digital Media)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-11-01] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [712704 2008-01-22] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [571024 2007-05-04] (Toshiba)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-915002811-3731293011-2392533767-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] ()
HKU\S-1-5-21-915002811-3731293011-2392533767-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-915002811-3731293011-2392533767-1000\...\Run: [EPSON SX210 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE [199680 2008-11-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-915002811-3731293011-2392533767-1000\...\MountPoints2: {e92c46b6-545c-11e3-9956-806e6f6e6963} - E:\AutoMenu.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
ShortcutTarget: Packer.exe.lnk -> C:\Users\maxi3736\AppData\Roaming\OpenCandy\7319EA3361624EC9A63343A144B75A35\Packer.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\maxi3736\AppData\Roaming\Mozilla\Firefox\Profiles\c96u2p3m.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\maxi3736\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\maxi3736\AppData\Roaming\Mozilla\Firefox\Profiles\c96u2p3m.default\Extensions\ich@maltegoetz.de [2014-05-10]
FF Extension: Yahoo Community Smartbar - C:\Users\maxi3736\AppData\Roaming\Mozilla\Firefox\Profiles\c96u2p3m.default\Extensions\{b1b0e4ce-6e4e-4c50-a451-c69a9aff1f21} [2014-06-14]
FF Extension: DownloadHelper - C:\Users\maxi3736\AppData\Roaming\Mozilla\Firefox\Profiles\c96u2p3m.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-02]
FF Extension: Personas Plus - C:\Users\maxi3736\AppData\Roaming\Mozilla\Firefox\Profiles\c96u2p3m.default\Extensions\personas@christopher.beard.xpi [2014-05-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2007-12-25] (TOSHIBA CORPORATION) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1836544 2008-02-18] (Google) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TOSHIBA SMART Log Service; c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-14] (Malwarebytes Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36560 2006-09-27] (Sonic Solutions) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-15 12:15 - 2014-06-15 12:19 - 00014311 _____ () C:\Users\maxi3736\Desktop\FRST.txt
2014-06-15 01:17 - 2014-06-15 01:17 - 00000000 ____D () C:\zoek_backup
2014-06-15 01:17 - 2014-05-21 08:31 - 01414867 _____ () C:\Users\maxi3736\Desktop\zoek.scr
2014-06-15 01:17 - 2014-05-21 08:31 - 01414867 _____ () C:\Users\maxi3736\Desktop\zoek.pif
2014-06-15 01:17 - 2014-05-21 08:31 - 01414867 _____ () C:\Users\maxi3736\Desktop\zoek.com
2014-06-15 00:32 - 2014-06-15 12:19 - 00000000 ____D () C:\Users\maxi3736\Desktop\Antivirenpogamme
2014-06-14 23:15 - 2014-06-14 23:15 - 01073152 _____ (Farbar) C:\Users\maxi3736\Downloads\FRST.exe
2014-06-14 22:33 - 2014-06-14 22:33 - 01333465 _____ () C:\Users\maxi3736\Downloads\adwcleaner_3.212.exe
2014-06-14 22:14 - 2014-06-14 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-14 22:14 - 2014-06-14 22:14 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-06-14 22:14 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-14 22:14 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-14 22:05 - 2014-06-14 22:05 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-06-14 22:02 - 2014-06-14 22:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\maxi3736\Downloads\revosetup95.exe
2014-06-14 17:58 - 2014-06-14 21:59 - 89974542 _____ () C:\Users\maxi3736\Downloads\Pferd.und.Pony.Western.Star.GERMAN-SiLENTGATE.part1.rar.part
2014-06-14 17:47 - 2014-06-14 17:47 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\DAEMON Tools Lite
2014-06-14 17:45 - 2014-06-14 17:46 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-14 17:38 - 2014-06-14 17:38 - 00076448 _____ (AppWork GmbH) C:\Users\maxi3736\Downloads\WebInstaller_2002.exe
2014-06-13 21:41 - 2014-06-14 23:16 - 00026290 _____ () C:\Users\maxi3736\Downloads\FRST.txt
2014-06-13 21:40 - 2014-06-13 21:40 - 01073152 _____ (Farbar) C:\Users\maxi3736\Desktop\FRST.exe
2014-06-13 21:11 - 2014-06-13 21:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\maxi3736\Downloads\mbar-1.07.0.1012.exe
2014-06-13 21:03 - 2014-06-13 21:03 - 00000955 _____ () C:\Users\maxi3736\Desktop\Photo Transport.lnk
2014-06-13 21:03 - 2014-06-13 21:03 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO
2014-06-04 20:11 - 2014-06-04 22:56 - 00003575 _____ () C:\Windows\setupact.log
2014-06-04 20:11 - 2014-06-04 20:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 19:54 - 2014-06-04 19:54 - 00000000 ____D () C:\Program Files\CASIO
2014-06-01 10:19 - 2014-06-01 10:19 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-01 10:18 - 2014-06-01 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-01 10:18 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-01 10:18 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-01 10:18 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-01 10:18 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-01 10:16 - 2014-06-01 10:18 - 00004551 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-05-21 13:22 - 2014-05-21 13:27 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\NCH Software
2014-05-21 13:22 - 2014-05-21 13:22 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2014-05-21 13:22 - 2014-05-21 13:22 - 00000928 _____ () C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2014-05-21 13:22 - 2014-05-21 13:22 - 00000000 ____D () C:\ProgramData\NCH Software
2014-05-21 13:22 - 2014-05-21 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-05-21 13:22 - 2014-05-21 13:22 - 00000000 ____D () C:\Program Files\NCH Software
2014-05-21 13:21 - 2014-05-21 13:21 - 01003568 _____ (NCH Software) C:\Users\maxi3736\Downloads\wpsetup-555.exe
2014-05-19 21:11 - 2014-05-19 21:11 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-17 10:51 - 2014-05-17 10:51 - 00003372 _____ () C:\Users\maxi3736\AppData\Local\recently-used.xbel

==================== One Month Modified Files and Folders =======

2014-06-15 12:19 - 2014-06-15 12:15 - 00014311 _____ () C:\Users\maxi3736\Desktop\FRST.txt
2014-06-15 12:19 - 2014-06-15 00:32 - 00000000 ____D () C:\Users\maxi3736\Desktop\Antivirenpogamme
2014-06-15 12:19 - 2013-11-25 16:55 - 00000000 ____D () C:\FRST
2014-06-15 12:19 - 2013-11-23 19:31 - 00000000 ____D () C:\Users\maxi3736\AppData\Local\Temp
2014-06-15 12:18 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-15 12:18 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-15 10:45 - 2013-11-23 21:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 10:34 - 2013-11-23 19:28 - 01122494 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 01:17 - 2014-06-15 01:17 - 00000000 ____D () C:\zoek_backup
2014-06-15 00:39 - 2008-01-21 09:16 - 01445310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 00:32 - 2013-12-18 19:14 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-06-15 00:31 - 2014-04-02 13:29 - 00114826 _____ () C:\Windows\PFRO.log
2014-06-15 00:31 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 00:30 - 2006-11-02 15:01 - 00023742 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 23:16 - 2014-06-13 21:41 - 00026290 _____ () C:\Users\maxi3736\Downloads\FRST.txt
2014-06-14 23:15 - 2014-06-14 23:15 - 01073152 _____ (Farbar) C:\Users\maxi3736\Downloads\FRST.exe
2014-06-14 22:57 - 2013-11-25 16:37 - 00000000 ____D () C:\AdwCleaner
2014-06-14 22:45 - 2006-11-02 14:47 - 00326264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-14 22:33 - 2014-06-14 22:33 - 01333465 _____ () C:\Users\maxi3736\Downloads\adwcleaner_3.212.exe
2014-06-14 22:15 - 2013-12-24 01:46 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 22:14 - 2014-06-14 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-14 22:14 - 2014-06-14 22:14 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-06-14 22:14 - 2013-11-25 14:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-14 22:11 - 2013-11-25 14:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-14 22:05 - 2014-06-14 22:05 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-06-14 22:02 - 2014-06-14 22:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\maxi3736\Downloads\revosetup95.exe
2014-06-14 21:59 - 2014-06-14 17:58 - 89974542 _____ () C:\Users\maxi3736\Downloads\Pferd.und.Pony.Western.Star.GERMAN-SiLENTGATE.part1.rar.part
2014-06-14 21:44 - 2013-11-23 19:32 - 00083288 _____ () C:\Users\maxi3736\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-14 17:48 - 2013-11-23 19:31 - 00000000 ____D () C:\Users\maxi3736
2014-06-14 17:47 - 2014-06-14 17:47 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\DAEMON Tools Lite
2014-06-14 17:46 - 2014-06-14 17:45 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-14 17:38 - 2014-06-14 17:38 - 00076448 _____ (AppWork GmbH) C:\Users\maxi3736\Downloads\WebInstaller_2002.exe
2014-06-13 21:40 - 2014-06-13 21:40 - 01073152 _____ (Farbar) C:\Users\maxi3736\Desktop\FRST.exe
2014-06-13 21:11 - 2014-06-13 21:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\maxi3736\Downloads\mbar-1.07.0.1012.exe
2014-06-13 21:03 - 2014-06-13 21:03 - 00000955 _____ () C:\Users\maxi3736\Desktop\Photo Transport.lnk
2014-06-13 21:03 - 2014-06-13 21:03 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO
2014-06-13 20:52 - 2013-11-23 19:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-13 18:20 - 2008-02-25 10:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 18:15 - 2014-01-10 19:58 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\vlc
2014-06-04 22:56 - 2014-06-04 20:11 - 00003575 _____ () C:\Windows\setupact.log
2014-06-04 20:11 - 2014-06-04 20:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 19:54 - 2014-06-04 19:54 - 00000000 ____D () C:\Program Files\CASIO
2014-06-01 10:19 - 2014-06-01 10:19 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-01 10:19 - 2014-02-27 22:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-01 10:18 - 2014-06-01 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-01 10:18 - 2014-06-01 10:16 - 00004551 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-01 10:18 - 2014-02-27 22:02 - 00000000 ____D () C:\Program Files\Java
2014-06-01 10:14 - 2013-12-18 19:14 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-06-01 00:20 - 2014-01-10 19:41 - 00000000 ____D () C:\Users\maxi3736\dwhelper
2014-05-22 12:45 - 2014-04-09 17:53 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-22 12:45 - 2014-04-09 17:53 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 13:27 - 2014-05-21 13:22 - 00000000 ____D () C:\Users\maxi3736\AppData\Roaming\NCH Software
2014-05-21 13:22 - 2014-05-21 13:22 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2014-05-21 13:22 - 2014-05-21 13:22 - 00000928 _____ () C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2014-05-21 13:22 - 2014-05-21 13:22 - 00000000 ____D () C:\ProgramData\NCH Software
2014-05-21 13:22 - 2014-05-21 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-05-21 13:22 - 2014-05-21 13:22 - 00000000 ____D () C:\Program Files\NCH Software
2014-05-21 13:21 - 2014-05-21 13:21 - 01003568 _____ (NCH Software) C:\Users\maxi3736\Downloads\wpsetup-555.exe
2014-05-21 08:31 - 2014-06-15 01:17 - 01414867 _____ () C:\Users\maxi3736\Desktop\zoek.scr
2014-05-21 08:31 - 2014-06-15 01:17 - 01414867 _____ () C:\Users\maxi3736\Desktop\zoek.pif
2014-05-21 08:31 - 2014-06-15 01:17 - 01414867 _____ () C:\Users\maxi3736\Desktop\zoek.com
2014-05-19 21:11 - 2014-05-19 21:11 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-19 21:10 - 2014-01-25 15:32 - 00000000 ____D () C:\Users\maxi3736\.gimp-2.8
2014-05-17 10:51 - 2014-05-17 10:51 - 00003372 _____ () C:\Users\maxi3736\AppData\Local\recently-used.xbel
2014-05-17 10:51 - 2014-01-25 15:36 - 00000000 ____D () C:\Users\maxi3736\AppData\Local\gtk-2.0

Some content of TEMP:
====================
C:\Users\maxi3736\AppData\Local\Temp\avgnt.exe
C:\Users\maxi3736\AppData\Local\Temp\HssInstaller.exe
C:\Users\maxi3736\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\maxi3736\AppData\Local\Temp\proxy_vole7111760635946336242.dll
C:\Users\maxi3736\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-15 10:46

==================== End Of Log ============================
--- --- ---


Wie komme ich denn zur Addition.txt? Bei mir ist nur dieser log.
__________________
 

Themen zu Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?
adware/dealply.o, adwcleaner, antivir, conduit.search, conduit.search entfernen, eset, eset online scanner, immernoch, liebe, malewarebytes, msil/toolbar.linkury.c, online, quarantäne, schädlinge, tr/trash.gen, trash.gen, win32/conduit.searchprotect.h, win32/conduit.searchprotect.n, win32/downloadguide.a, win32/downloadsponsor.a, win32/installcore.kc, win32/toolbar.bitcocktail.b, win32/toolbar.linkury.d


« GVU-Virus mit Systemwiederherstellung entfernt und jetzt kein Internetzugriff mehr bein Win 7 | Komplette Säuberung (Entfernen von Viren usw) »


Ähnliche Themen: Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?


  1. DealPly.Gen, DealPly.Gen4, Agent.70656.1, bprotecotr.MG, BProtector.Gen2 und Delta.O gefunden. Wie entferne ich diese?
    Log-Analyse und Auswertung - 30.08.2015 (13)
  2. G Data meldet Junkware (PUP): Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 01.08.2015 (18)
  3. Virus: Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 21.04.2015 (17)
  4. WIN7 Meldung Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 23.03.2015 (11)
  5. Win7 Virenalarm mit Virus Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 23.02.2015 (17)
  6. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  7. Adware/Adware.gen von Antivir gefunden - Forsetzung-Thread wegen Noscript und WOT
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (16)
  8. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  9. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  10. Windows 7: Belästigung durch Adware Qone und DealPly
    Log-Analyse und Auswertung - 23.11.2013 (7)
  11. TR/Trash.gen von antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 08.10.2013 (9)
  12. Trojaner/Adware DealPly
    Log-Analyse und Auswertung - 24.09.2013 (16)
  13. Trojaner? ADWARE/InstallCore.1.42 - gefunden von Antivir
    Log-Analyse und Auswertung - 22.04.2012 (13)
  14. TR/Trash.Gen, TR/PSW.Dybalom.ggb.1 und TR/Kazy.23203 per Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 28.09.2011 (5)
  15. Tr/Ramnit.D und TR/Trash.GEn von Antivir gefunden, Symantec hat 097M.Dropper gefunden
    Log-Analyse und Auswertung - 20.04.2011 (7)
  16. Adware.Agent und TR/Trash.Gen Trojan gefunden und bei Gmer was falsch gemacht :-(
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (44)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun? - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2014 02 Ran by maxi3736 (administrator) on MAXI3736-PC on 15-06-2014 12:19:30 Running from C:\Users\maxi3736\Desktop - Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun?...
Archiv
Du betrachtest: Antivir hat TR/TRASH .GEN und ADWARE/DealPly.o gefunden - was nun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27