Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
G Data meldet Trojanerfund: Trojan.Agent.BDMI

G Data meldet Trojanerfund: Trojan.Agent.BDMI


Log-Analyse und Auswertung: G Data meldet Trojanerfund: Trojan.Agent.BDMI

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.06.2014, 10:44   #1
sowieso
 
G Data meldet Trojanerfund: Trojan.Agent.BDMI - Standard

G Data meldet Trojanerfund: Trojan.Agent.BDMI


Hallo zusammen,

G Data hat gestern bei der wöchentlichen Überprüfung einen Trojanerfund gemeldet: Trojan.Agent.BDMI

Konkret wurde der Trojaner im Papierkorb entdeckt, er soll in einer E-Mail stecken, die ich vor ca. einem Monat bekommen habe, und die ich gleich nach Erhalt gelöscht hatte (nicht wg. Virenverdacht, sondern da erledigt). Vorherige Virenprüfungen hatten bei dieser Mail noch nicht Alarm geschlagen.

Mein PC ist schon seit geraumer Zeit recht langsam, hängt sich auch oft mit der Meldung auf (Keine Rückmeldung). Ich habe das immer darauf geschoben, dass er schon 7 Jahre alt ist, noch nie neu aufgesetzt wurde und daher wahrscheinlich ziemlich zugemüllt ist. Über den Kauf eines neuen PC's habe ich zwar schon mal nachgedacht, dann aber wg. dem Aufwand der Datenmigration und auch aus finanziellen Gründen erst mal wieder verworfen...

Hier nun der Logfile von FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-06-2014 01
Ran by Vera (administrator) on VERA-PC on 22-06-2014 11:22:46
Running from C:\Users\Vera\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\AAVUpdateManager\aavus.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(ElmüSoft) C:\Program Files\PTBSync\PTBSync.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(ElmüSoft) C:\Program Files\PTBSync\PTBSync.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Vera\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Users\Vera\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PTBSync] => C:\Program Files\PTBSync\PTBSync.exe [334336 2008-04-20] (ElmüSoft)
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\Run: [G Data ASM] => C:\Program Files\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
HKU\.DEFAULT\...\RunOnce: [AutoLaunch] - C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-784248732-3634660742-3863288525-1000\...\Run: [AA315297649520DAB623D5163E56B88C63351059._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-784248732-3634660742-3863288525-1000\...\Run: [Spotify Web Helper] => C:\Users\Vera\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-02] (Spotify Ltd)
HKU\S-1-5-21-784248732-3634660742-3863288525-1000\...\Run: [Google Update] => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-31] (Google Inc.)
HKU\S-1-5-21-784248732-3634660742-3863288525-1000\...\Run: [MusicManager] => C:\Users\Vera\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-784248732-3634660742-3863288525-1000\...\MountPoints2: {5ffb39ad-ba3b-11dc-9faf-806e6f6e6963} - F:\ShelExec.exe open.htm
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 0WualaOverlayIcon1 -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: 0WualaOverlayIcon2 -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: 0WualaOverlayIcon3 -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: 0WualaOverlayIcon4 -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {0A64A28D-4261-4843-A860-D08018111EF3} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=&geo=DE&ver=18
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files\soft Xpansion\Perfect PDF 5\PDF4ie.dll (soft Xpansion)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\jslsk1jr.default-1365870140538
FF SelectedSearchEngine: hxxp://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Vera\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Vera\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: BrowserProtect - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\jslsk1jr.default-1365870140538\Extensions\browserprotect@browserprotect.com.xpi [2013-04-13]
FF Extension: Ghostery - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\jslsk1jr.default-1365870140538\Extensions\firefox@ghostery.com.xpi [2013-08-18]
FF Extension: NoScript - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\jslsk1jr.default-1365870140538\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-04-13]
FF Extension: Adblock Plus - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\jslsk1jr.default-1365870140538\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-13]
FF Extension: BetterPrivacy - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\jslsk1jr.default-1365870140538\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-04-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-10]

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.de/"
CHR NewTab: "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-19]
CHR Extension: (Google Drive) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-19]
CHR Extension: (YouTube) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-19]
CHR Extension: (Adblock Plus) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-06-24]
CHR Extension: (Google-Suche) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-19]
CHR Extension: (Speed Dial) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-11-09]
CHR Extension: (Google Play Music) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-05-31]
CHR Extension: (Privacy manager) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\giccehglhacakcfemddmfhdkahamfcmd [2013-11-09]
CHR Extension: (Google Keep) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-09-01]
CHR Extension: (Panel View for Keep) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb [2014-02-21]
CHR Extension: (Privacy Palette) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone [2013-06-24]
CHR Extension: (Ghostery) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-11-09]
CHR Extension: (dict-cc) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh [2014-02-02]
CHR Extension: (Google Wallet) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-19]

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe [129840 2011-08-15] (Portrait Displays, Inc.)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [113264 2011-05-05] (Portrait Displays, Inc.)
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 PTBSync; C:\Program Files\PTBSync\PTBSync.exe [334336 2008-04-20] (ElmüSoft) [File not signed]
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-05] (Sonic Solutions) [File not signed]
R2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-05] (Sonic Solutions) [File not signed]
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion) [File not signed]
R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [109104 2007-10-08] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [121392 2007-10-08] (VMware, Inc.)
R2 vmount2; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [269104 2007-03-23] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [150064 2007-10-08] (VMware, Inc.)
S2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [X]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [44544 2014-04-09] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt32.sys [20736 2014-04-09] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [101504 2014-04-09] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [56832 2014-04-09] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [53248 2014-04-09] (G Data Software AG)
S3 gmer; C:\Windows\System32\DRIVERS\gmer.sys [70001 2008-03-16] (GMER) [File not signed]
R1 GRD; C:\Windows\system32\drivers\GRD.sys [29528 2014-04-12] (G Data Software)
R2 hcmon; C:\Windows\system32\Drivers\hcmon.sys [34864 2007-10-08] (VMware, Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [50176 2014-04-09] (G Data Software AG)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [17136 2011-05-05] (Portrait Displays, Inc.)
R2 PortTalk; C:\Windows\system32\Drivers\PtbTalk.sys [3567 2008-04-20] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-02-07] (Secunia)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2013-04-30] (Advanced Micro Devices, Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452816 2013-03-15] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283600 2013-03-15] (Paragon)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [20912 2007-10-08] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16816 2007-10-08] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [28592 2007-10-08] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25008 2007-10-08] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [924976 2007-10-08] (VMware, Inc.)
R2 vstor2; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys [18480 2007-03-23] (VMware, Inc.)
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 AndNetGps; system32\DRIVERS\lgandnetgps.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PcdrNdisuio; system32\DRIVERS\pcdrndisuio.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\Sandra.sys [X]
S3 WINFLASH; \??\C:\Users\Vera\Desktop\WinFlash.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-22 11:22 - 2014-06-22 11:23 - 00027178 _____ () C:\Users\Vera\Desktop\FRST.txt
2014-06-22 11:21 - 2014-06-22 11:23 - 00000000 ____D () C:\FRST
2014-06-22 11:20 - 2014-06-22 11:20 - 01070592 _____ (Farbar) C:\Users\Vera\Desktop\FRST.exe
2014-06-22 11:19 - 2014-06-22 11:19 - 00000470 _____ () C:\Users\Vera\Desktop\defogger_disable.log
2014-06-22 11:19 - 2014-06-22 11:19 - 00000000 _____ () C:\Users\Vera\defogger_reenable
2014-06-22 11:17 - 2014-06-22 11:17 - 00050477 _____ () C:\Users\Vera\Desktop\Defogger.exe
2014-06-22 11:15 - 2014-06-22 11:15 - 00050477 _____ () C:\Users\Vera\Downloads\Defogger (1).exe
2014-06-22 11:13 - 2014-06-22 11:13 - 00050477 _____ () C:\Users\Vera\Downloads\Defogger.exe
2014-06-19 13:02 - 2014-06-19 13:07 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-12 20:05 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 20:05 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 20:05 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 20:05 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 20:05 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 20:05 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 20:05 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 20:05 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 20:05 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 20:05 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 20:05 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 20:05 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 20:05 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 20:05 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 20:05 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 20:05 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 20:05 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 20:05 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 20:05 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 20:05 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 20:05 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 20:05 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 20:05 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 20:05 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 20:05 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-01 15:10 - 2014-06-15 15:37 - 00000000 ____D () C:\Users\Vera\Desktop\Schnapsfotos
2014-05-31 21:08 - 2014-05-31 21:08 - 00001666 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-31 21:08 - 2014-05-31 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-31 21:07 - 2014-05-31 21:08 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-31 21:07 - 2014-05-31 21:08 - 00000000 ____D () C:\Program Files\iTunes
2014-05-31 21:07 - 2014-05-31 21:07 - 00000000 ____D () C:\Program Files\iPod
2014-05-31 14:23 - 2014-05-31 14:23 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-05-31 14:21 - 2014-06-22 10:32 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784248732-3634660742-3863288525-1000UA.job
2014-05-31 14:20 - 2014-06-21 18:32 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784248732-3634660742-3863288525-1000Core.job
2014-05-28 17:56 - 2014-05-28 17:56 - 00015866 _____ () C:\Users\Vera\Desktop\Guetta, David.txt
2014-05-24 23:22 - 2014-05-24 23:22 - 00142872 _____ () C:\Windows\Minidump\Mini052414-01.dmp
2014-05-24 23:21 - 2014-05-24 23:21 - 243985422 _____ () C:\Windows\MEMORY.DMP
2014-05-23 18:22 - 2014-05-23 18:22 - 00000000 ____D () C:\ProgramData\Auslogics

==================== One Month Modified Files and Folders =======

2081-04-04 18:39 - 2011-05-28 11:40 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-22 11:23 - 2014-06-22 11:22 - 00027178 _____ () C:\Users\Vera\Desktop\FRST.txt
2014-06-22 11:23 - 2014-06-22 11:21 - 00000000 ____D () C:\FRST
2014-06-22 11:20 - 2014-06-22 11:20 - 01070592 _____ (Farbar) C:\Users\Vera\Desktop\FRST.exe
2014-06-22 11:19 - 2014-06-22 11:19 - 00000470 _____ () C:\Users\Vera\Desktop\defogger_disable.log
2014-06-22 11:19 - 2014-06-22 11:19 - 00000000 _____ () C:\Users\Vera\defogger_reenable
2014-06-22 11:19 - 2008-01-08 21:45 - 00000000 ____D () C:\Users\Vera
2014-06-22 11:17 - 2014-06-22 11:17 - 00050477 _____ () C:\Users\Vera\Desktop\Defogger.exe
2014-06-22 11:15 - 2014-06-22 11:15 - 00050477 _____ () C:\Users\Vera\Downloads\Defogger (1).exe
2014-06-22 11:14 - 2012-03-31 13:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-22 11:13 - 2014-06-22 11:13 - 00050477 _____ () C:\Users\Vera\Downloads\Defogger.exe
2014-06-22 11:09 - 2013-02-19 23:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 10:47 - 2008-01-03 22:38 - 02000283 _____ () C:\Windows\WindowsUpdate.log
2014-06-22 10:32 - 2014-05-31 14:21 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784248732-3634660742-3863288525-1000UA.job
2014-06-22 10:29 - 2008-04-20 15:25 - 00001178 _____ () C:\Users\Vera\Documents\PTBSync-AutoExport-Vera.ini
2014-06-22 10:29 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 10:29 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 18:32 - 2014-05-31 14:20 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784248732-3634660742-3863288525-1000Core.job
2014-06-21 16:09 - 2013-02-19 23:42 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 12:40 - 2011-10-01 12:58 - 00000000 ____D () C:\Temp
2014-06-21 12:36 - 2008-01-09 20:20 - 00000000 ____D () C:\ProgramData\VMware
2014-06-21 12:35 - 2012-05-26 17:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-21 12:35 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 22:58 - 2006-11-02 15:01 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-19 22:56 - 2011-11-27 12:43 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\SoftGrid Client
2014-06-19 13:07 - 2014-06-19 13:02 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-15 15:37 - 2014-06-01 15:10 - 00000000 ____D () C:\Users\Vera\Desktop\Schnapsfotos
2014-06-15 14:39 - 2013-01-20 14:04 - 00000000 ____D () C:\Users\Vera\VR-Haushaltsbuch
2014-06-13 00:07 - 2013-08-15 20:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 00:03 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-05 22:08 - 2006-11-02 12:33 - 01585492 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 11:30 - 2013-02-20 03:55 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-01 09:19 - 2011-06-11 14:41 - 00000000 ____D () C:\Users\Vera\AppData\Local\CrashDumps
2014-05-31 21:08 - 2014-05-31 21:08 - 00001666 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-31 21:08 - 2014-05-31 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-31 21:08 - 2014-05-31 21:07 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-31 21:08 - 2014-05-31 21:07 - 00000000 ____D () C:\Program Files\iTunes
2014-05-31 21:07 - 2014-05-31 21:07 - 00000000 ____D () C:\Program Files\iPod
2014-05-31 21:07 - 2008-01-12 12:38 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-31 14:24 - 2008-01-08 21:48 - 00000000 ____D () C:\Users\Vera\AppData\Local\Google
2014-05-31 14:23 - 2014-05-31 14:23 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-05-29 20:18 - 2009-05-30 14:00 - 00000000 ____D () C:\Users\Vera\Documents\Steuerfälle
2014-05-29 19:01 - 2011-05-22 15:53 - 00000815 _____ () C:\Users\Vera\Documents\OuProxy.log
2014-05-29 13:24 - 2014-01-12 14:12 - 00001842 _____ () C:\Users\Public\Desktop\BILD Steuer 2014.lnk
2014-05-29 13:24 - 2014-01-12 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BILD Steuer 2014
2014-05-28 18:48 - 2014-06-12 20:05 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-28 18:39 - 2014-06-12 20:05 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-28 18:38 - 2014-06-12 20:05 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-28 18:33 - 2014-06-12 20:05 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-28 18:32 - 2014-06-12 20:05 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-28 18:32 - 2014-06-12 20:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-28 18:31 - 2014-06-12 20:05 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-28 18:31 - 2014-06-12 20:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-28 18:30 - 2014-06-12 20:05 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-28 18:30 - 2014-06-12 20:05 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-28 18:30 - 2014-06-12 20:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-28 18:30 - 2014-06-12 20:05 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-28 18:30 - 2014-06-12 20:05 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-28 18:30 - 2014-06-12 20:05 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-28 18:30 - 2014-06-12 20:05 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-28 18:29 - 2014-06-12 20:05 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-28 18:29 - 2014-06-12 20:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-28 18:29 - 2014-06-12 20:05 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-28 18:29 - 2014-06-12 20:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-28 18:29 - 2014-06-12 20:05 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-28 18:28 - 2014-06-12 20:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-28 17:56 - 2014-05-28 17:56 - 00015866 _____ () C:\Users\Vera\Desktop\Guetta, David.txt
2014-05-25 00:51 - 2012-05-01 20:59 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\Spotify
2014-05-25 00:13 - 2012-05-01 21:01 - 00000000 ____D () C:\Users\Vera\AppData\Local\Spotify
2014-05-24 23:22 - 2014-05-24 23:22 - 00142872 _____ () C:\Windows\Minidump\Mini052414-01.dmp
2014-05-24 23:22 - 2008-07-31 19:42 - 00000000 ____D () C:\Windows\Minidump
2014-05-24 23:21 - 2014-05-24 23:21 - 243985422 _____ () C:\Windows\MEMORY.DMP
2014-05-23 20:51 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-23 18:22 - 2014-05-23 18:22 - 00000000 ____D () C:\ProgramData\Auslogics
2014-05-23 18:22 - 2013-03-28 17:24 - 00000000 ____D () C:\Program Files\Auslogics

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-21 12:50

==================== End Of Log ============================

Ich hoffe es sieht nicht allzu schlimm aus, und ihr könnt mir helfen.

vielen Dank schon im Voraus!
Vera

 

Themen zu G Data meldet Trojanerfund: Trojan.Agent.BDMI
ad-aware, android/addisplay.airpush.k, android/addisplay.applovin.a, android/addisplay.startapp.a, bonjour, defender, explorer, firewall, google, home, keine rückmeldung, langsam, mozilla, newtab, registry, scan, security, software, spotify web helper, svchost.exe, tracker, trojan.agent.bdmi, win32/downloadsponsor.a, win32/installmonetizer.an, windows, winlogon.exe


« Windows 7: Weiterleitung auf Webseiten mit Clicup und Moviemode | Log auswertung von Vieren verseuchtem Rechner »


Ähnliche Themen: G Data meldet Trojanerfund: Trojan.Agent.BDMI


  1. Avira meldet TR/Dldr.Agent.2343.1 [trojan] und java/Lamar.sgf.27 [virus]
    Log-Analyse und Auswertung - 30.06.2015 (13)
  2. G Data meldet wiederholt Problem mit rpcnetp.exe
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (46)
  3. G-Data findet Win32.Trojan.Agent.XDJOX7
    Log-Analyse und Auswertung - 22.03.2015 (20)
  4. Windows 7 - SpyHunter meldet 278 Bedrohungen (z.B. Tool:Win32/Angryscan.A und Trojan:VBS/Agent.K)
    Log-Analyse und Auswertung - 28.01.2014 (10)
  5. Mailwarebytes meldet Infektion- Trojan.Agent...
    Log-Analyse und Auswertung - 18.12.2013 (5)
  6. WinXp Trojan.Agent/Gen-Reputation Stolen.Data Trojan.Agent/Gen-DunDun Win32/Spy.Banker.YPK trojan
    Log-Analyse und Auswertung - 29.10.2013 (7)
  7. Trojan Agent AZYH Outlook.PST Datei befallen G Data Antivirus Fund
    Plagegeister aller Art und deren Bekämpfung - 31.07.2013 (7)
  8. Trojan.Fakesmoke, Trojan.Agent-128337, Trojan.Agent-128287 bei Desinfect 2012 (Clam AV)
    Log-Analyse und Auswertung - 06.02.2013 (17)
  9. Trojan.Downloader, Trojan.Agent.VGENX, Trojan.Agent, PUP.Pantsoff.PasswordFinder, TR/spy.banker.gen5
    Log-Analyse und Auswertung - 27.10.2012 (1)
  10. Trojan.Banker, Trojan.Agent, Stolen.Data, Malware.Trace, was nun?
    Log-Analyse und Auswertung - 07.10.2012 (1)
  11. Avira meldet Fund - Agent.depg.1 (Trojan)
    Plagegeister aller Art und deren Bekämpfung - 03.08.2012 (34)
  12. G Data Total Care findet Win32:Malware-gen; Trojan.Generic.4880128; Java:Agent-CU[Expl]
    Plagegeister aller Art und deren Bekämpfung - 12.02.2011 (7)
  13. Antivirus meldet trojan.downloader.win32.agent
    Log-Analyse und Auswertung - 09.04.2009 (7)
  14. Escan meldet Trojan.Win32.Agent.alif
    Log-Analyse und Auswertung - 10.11.2008 (1)
  15. Escan meldet Trojan win32.Agent.alif und etliche Störenfriede
    Mülltonne - 09.11.2008 (0)
  16. G Data meldet Win32:SQLSlammer
    Log-Analyse und Auswertung - 14.05.2008 (2)
  17. G-Data meldet ...
    Plagegeister aller Art und deren Bekämpfung - 11.04.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema G Data meldet Trojanerfund: Trojan.Agent.BDMI - Hallo zusammen, G Data hat gestern bei der wöchentlichen Überprüfung einen Trojanerfund gemeldet: Trojan.Agent.BDMI Konkret wurde der Trojaner im Papierkorb entdeckt, er soll in einer E-Mail stecken, die ich vor - G Data meldet Trojanerfund: Trojan.Agent.BDMI...
Archiv
Du betrachtest: G Data meldet Trojanerfund: Trojan.Agent.BDMI auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19