Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Troj.gen.zlob in C:\windows\system32\asfar.exe

Troj.gen.zlob in C:\windows\system32\asfar.exe


Log-Analyse und Auswertung: Troj.gen.zlob in C:\windows\system32\asfar.exe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.12.2014, 19:46   #3
Bonkers1982
 
Troj.gen.zlob in C:\windows\system32\asfar.exe - Standard

Troj.gen.zlob in C:\windows\system32\asfar.exe


Combofix Logfile:
Code:
ATTFilter
ComboFix 14-12-25.01 - Bonkers 27.12.2014  10:15:08.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8093.5741 [GMT 1:00]
ausgeführt von:: c:\users\Bonkers\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPDRIVER_1.38.0.1449
-------\Service_SPDRIVER_1.38.0.1449
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-27 bis 2014-12-27  ))))))))))))))))))))))))))))))
.
.
2014-12-26 09:53 . 2014-12-26 09:54	--------	d-----w-	C:\FRST
2014-12-26 09:09 . 2014-12-26 09:09	--------	d-----w-	c:\windows\system32\log
2014-12-26 08:53 . 2014-12-26 08:53	--------	d-----w-	c:\program files\CCleaner
2014-12-24 10:58 . 2014-12-24 10:58	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-24 10:58 . 2014-12-24 10:58	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-12-24 10:58 . 2014-12-24 10:58	--------	d-----w-	c:\programdata\Malwarebytes
2014-12-24 10:58 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-24 10:58 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-24 10:58 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-22 19:29 . 2014-12-27 09:10	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-12-22 17:51 . 2014-12-25 09:41	--------	d-----w-	C:\AdwCleaner
2014-12-22 16:02 . 2014-12-22 16:02	--------	d-----w-	c:\users\Bonkers\AppData\Local\Desktop_Dock
2014-12-22 16:01 . 2014-12-22 16:01	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\qjnhzepq
2014-12-22 15:52 . 2014-12-22 16:00	--------	d-----w-	c:\program files (x86)\Common Files\Symantec Shared
2014-12-22 15:47 . 2014-12-22 15:47	2290	----a-w-	c:\windows\patsearch.bin
2014-12-22 15:46 . 2014-12-22 15:55	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\StormFall
2014-12-22 15:46 . 2014-12-22 15:46	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\sparta111
2014-12-22 15:46 . 2014-12-22 15:51	--------	d-----w-	c:\users\Bonkers\AppData\Local\Sparta
2014-12-22 15:46 . 2014-12-22 15:46	--------	d-----w-	c:\users\Bonkers\AppData\Local\StormFall
2014-12-18 06:36 . 2014-12-13 05:09	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-18 06:36 . 2014-12-13 03:33	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-17 07:42 . 2014-12-17 07:42	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\Origin
2014-12-17 07:42 . 2014-12-17 08:44	--------	d-----w-	c:\programdata\Origin
2014-12-17 07:42 . 2014-12-17 07:42	--------	d-----w-	c:\program files (x86)\Origin
2014-12-16 16:41 . 2014-12-17 07:42	--------	d-----w-	c:\programdata\Electronic Arts
2014-12-16 15:56 . 2008-07-12 07:18	3851784	----a-w-	c:\windows\SysWow64\D3DX9_39.dll
2014-12-16 15:53 . 2014-12-17 07:42	--------	d-----w-	c:\program files (x86)\Electronic Arts
2014-12-15 13:44 . 2014-12-26 08:58	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\uTorrent
2014-12-11 08:33 . 2014-12-11 08:33	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-12-11 08:33 . 2014-12-11 08:33	--------	d-----w-	c:\program files\Java
2014-12-10 15:49 . 2014-12-10 15:49	--------	d-----w-	c:\windows\system32\appraiser
2014-12-10 09:58 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2014-12-10 09:58 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2014-12-10 09:58 . 2014-07-07 02:06	206848	----a-w-	c:\windows\system32\mfps.dll
2014-12-10 09:58 . 2014-07-07 02:06	55808	----a-w-	c:\windows\system32\rrinstaller.exe
2014-12-10 09:58 . 2014-07-07 02:06	24576	----a-w-	c:\windows\system32\mfpmp.exe
2014-12-10 09:58 . 2014-07-07 02:02	2048	----a-w-	c:\windows\system32\mferror.dll
2014-12-10 09:58 . 2014-07-07 01:40	103424	----a-w-	c:\windows\SysWow64\mfps.dll
2014-12-10 09:58 . 2014-07-07 01:39	50176	----a-w-	c:\windows\SysWow64\rrinstaller.exe
2014-12-10 09:58 . 2014-07-07 01:39	23040	----a-w-	c:\windows\SysWow64\mfpmp.exe
2014-12-10 09:58 . 2014-07-07 01:37	2048	----a-w-	c:\windows\SysWow64\mferror.dll
2014-12-10 07:09 . 2014-12-04 02:50	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-10 07:09 . 2014-12-04 02:50	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-10 07:09 . 2014-12-04 02:50	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-10 07:09 . 2014-12-04 02:50	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-10 07:09 . 2014-12-04 02:50	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-10 07:09 . 2014-12-04 02:44	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-10 07:09 . 2014-12-01 23:28	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-12-10 07:09 . 2014-11-11 03:09	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-12-10 07:09 . 2014-11-11 02:44	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-12-10 07:07 . 2014-10-30 02:03	165888	----a-w-	c:\windows\system32\charmap.exe
2014-12-06 15:19 . 2014-12-06 15:20	291496	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-12-06 15:19 . 2014-12-06 15:19	76152	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-12-06 15:19 . 2014-12-06 15:19	291496	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-12-06 15:19 . 2014-12-06 15:19	912744	----a-w-	c:\windows\SysWow64\pbsvc.exe
2014-12-02 18:33 . 2014-12-02 18:33	--------	d-----w-	c:\users\Bonkers\AppData\Local\Skype
2014-12-02 18:33 . 2014-12-21 19:48	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\Skype
2014-12-02 18:33 . 2014-12-02 18:33	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-12-02 18:33 . 2014-12-02 18:33	--------	d-----r-	c:\program files (x86)\Skype
2014-12-02 18:33 . 2014-12-02 18:33	--------	d-----w-	c:\programdata\Skype
2014-12-02 16:37 . 2014-12-02 16:37	--------	d-----w-	c:\users\Bonkers\AppData\Local\PunkBuster
2014-12-01 12:58 . 2014-12-22 15:52	--------	d-----w-	c:\program files (x86)\BF2Hub Client
2014-12-01 12:38 . 2004-10-22 01:18	749568	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2014-12-01 12:38 . 2004-10-22 01:17	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2014-12-01 12:38 . 2004-10-22 01:17	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2014-12-01 12:38 . 2004-10-22 01:16	180224	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2014-12-01 12:38 . 2004-10-22 01:16	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2014-12-01 12:38 . 2014-12-01 12:38	323716	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2014-12-01 12:38 . 2014-12-01 12:38	192644	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2014-11-28 13:18 . 2014-11-28 13:18	--------	d-----w-	c:\users\Bonkers\AppData\Roaming\Steam
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-15 15:16 . 2014-11-21 20:13	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-15 15:16 . 2014-11-21 20:13	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-23 01:01 . 2014-11-23 01:01	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-11-23 01:01 . 2014-11-23 01:01	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-11-23 01:01 . 2014-11-23 01:01	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-11-23 01:01 . 2014-11-23 01:01	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-11-23 01:01 . 2014-11-23 01:01	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-11-23 01:01 . 2014-11-23 01:01	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-11-23 01:01 . 2014-11-23 01:01	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-11-23 01:01 . 2014-11-23 01:01	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-11-23 01:01 . 2014-11-23 01:01	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-11-23 01:01 . 2014-11-23 01:01	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-11-23 01:01 . 2014-11-23 01:01	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-11-23 01:01 . 2014-11-23 01:01	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-11-23 01:01 . 2014-11-23 01:01	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-11-23 01:01 . 2014-11-23 01:01	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-11-23 01:01 . 2014-11-23 01:01	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-11-23 01:01 . 2014-11-23 01:01	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-11-23 01:01 . 2014-11-23 01:01	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-11-23 01:01 . 2014-11-23 01:01	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-11-23 01:01 . 2014-11-23 01:01	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-11-23 01:01 . 2014-11-23 01:01	81408	----a-w-	c:\windows\system32\icardie.dll
2014-11-23 01:01 . 2014-11-23 01:01	774144	----a-w-	c:\windows\system32\jscript.dll
2014-11-23 01:01 . 2014-11-23 01:01	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-11-23 01:01 . 2014-11-23 01:01	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-11-23 01:01 . 2014-11-23 01:01	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-11-23 01:01 . 2014-11-23 01:01	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-11-23 01:01 . 2014-11-23 01:01	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-11-23 01:01 . 2014-11-23 01:01	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-11-23 01:01 . 2014-11-23 01:01	413696	----a-w-	c:\windows\system32\html.iec
2014-11-23 01:01 . 2014-11-23 01:01	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-11-23 01:01 . 2014-11-23 01:01	247808	----a-w-	c:\windows\system32\msls31.dll
2014-11-23 01:01 . 2014-11-23 01:01	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-11-23 01:01 . 2014-11-23 01:01	235520	----a-w-	c:\windows\system32\url.dll
2014-11-23 01:01 . 2014-11-23 01:01	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-11-23 01:01 . 2014-11-23 01:01	147968	----a-w-	c:\windows\system32\occache.dll
2014-11-23 01:01 . 2014-11-23 01:01	143872	----a-w-	c:\windows\system32\wextract.exe
2014-11-23 01:01 . 2014-11-23 01:01	13824	----a-w-	c:\windows\system32\mshta.exe
2014-11-23 01:01 . 2014-11-23 01:01	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-11-23 01:01 . 2014-11-23 01:01	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-11-23 01:01 . 2014-11-23 01:01	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-11-23 01:01 . 2014-11-23 01:01	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-11-23 01:01 . 2014-11-23 01:01	101376	----a-w-	c:\windows\system32\inseng.dll
2014-11-23 00:56 . 2014-11-23 00:56	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2014-11-23 00:56 . 2014-11-23 00:56	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2014-11-23 00:56 . 2014-11-23 00:56	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2014-11-23 00:56 . 2014-11-23 00:56	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2014-11-23 00:56 . 2014-11-23 00:56	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-11-23 00:56 . 2014-11-23 00:56	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2014-11-23 00:56 . 2014-11-23 00:56	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2014-11-23 00:56 . 2014-11-23 00:56	363008	----a-w-	c:\windows\system32\dxgi.dll
2014-11-23 00:56 . 2014-11-23 00:56	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2014-11-23 00:56 . 2014-11-23 00:56	296960	----a-w-	c:\windows\system32\d3d10core.dll
2014-11-23 00:56 . 2014-11-23 00:56	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2014-11-23 00:56 . 2014-11-23 00:56	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2014-11-23 00:56 . 2014-11-23 00:56	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2014-11-23 00:56 . 2014-11-23 00:56	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2014-11-23 00:56 . 2014-11-23 00:56	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2014-11-23 00:56 . 2014-11-23 00:56	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2014-11-23 00:56 . 2014-11-23 00:56	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2014-11-23 00:56 . 2014-11-23 00:56	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2014-11-23 00:56 . 2014-11-23 00:56	1643520	----a-w-	c:\windows\system32\DWrite.dll
2014-11-23 00:56 . 2014-11-23 00:56	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2014-11-23 00:56 . 2014-11-23 00:56	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2014-11-23 00:56 . 2014-11-23 00:56	1238528	----a-w-	c:\windows\system32\d3d10.dll
2014-11-23 00:56 . 2014-11-23 00:56	1175552	----a-w-	c:\windows\system32\FntCache.dll
2014-11-23 00:56 . 2014-11-23 00:56	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2014-11-22 15:02 . 2014-11-22 15:03	43064	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-11-21 20:13 . 2014-11-21 20:13	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-21 19:52 . 2014-11-21 19:52	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-18 19:47 . 2014-11-18 19:47	1691816	----a-w-	c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-22 16:00	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-22 16:00	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-22 16:00	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-22 16:00	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-10-25 01:57 . 2014-11-22 15:58	77824	----a-w-	c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-22 15:58	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-23 13:02 . 2014-11-21 19:37	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-10-23 13:02 . 2014-11-21 19:37	131608	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-10-23 13:01 . 2014-11-21 19:37	119272	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-10-18 02:05 . 2014-11-22 15:57	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-22 15:57	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-22 16:00	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:19	1729744	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:19	1729744	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:19	1729744	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"icq"="c:\users\Bonkers\AppData\Roaming\ICQM\icq.exe" [2014-11-23 35239432]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-11 702768]
"BF2Hub Client"="c:\program files (x86)\BF2Hub Client\bf2hub.exe" [2014-07-17 1521664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 07:06	1087816	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-21 15:16]
.
2014-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-21 17:30]
.
2014-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-21 17:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:17	2334928	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:17	2334928	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:17	2334928	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-08-19 7202520]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Bonkers\AppData\Roaming\Mozilla\Firefox\Profiles\yzv924ky.default\
FF - prefs.js: browser.startup.homepage - Google
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\DAODx.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-12-27  10:23:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-12-27 09:23
.
Vor Suchlauf: 9 Verzeichnis(se), 46.319.153.152 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 45.587.595.264 Bytes frei
.
- - End Of File - - B92E90E1711D28C07F3A61C6B4CDF19C
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

hxxp://zen.esrvadspix.com und diese Seite läuft bei mir im Hintergrund über den Internet Explorer. Kann sie leidder nicht über den Taskmanager schließen. Hängt das auch noch mit dem Trojaner zusammen?
__________________
 

Themen zu Troj.gen.zlob in C:\windows\system32\asfar.exe
c:\windows, deinstalliere, eingefangen, explorer, gefangen, gen, helper, hintergrund, hinweise, installmanager.exe, interne, internet, internet explorer, normalem, revo uninstaller, schließe, schließen, shopping, shopping helper smartbar engine lässt sich nicht deinstallieren, system, system32, taskma, taskmanager, tool, troja, trojaner, trojaner eingefangen, windows, ytdownloader


« Computer mit viel Malware | Alter Opa,zugemüllt bis zum geht nicht mehr »


Ähnliche Themen: Troj.gen.zlob in C:\windows\system32\asfar.exe


  1. Troj/AndroMem-B in C:\Windows\SysWOW64\msiexec.exe
    Plagegeister aller Art und deren Bekämpfung - 02.11.2015 (11)
  2. Troj.TR/Crypt.Zpack.151493+Troj.TR/Crypt.Xpack.138980 entfernen+daten entschlüsseln
    Log-Analyse und Auswertung - 27.08.2015 (27)
  3. Windows 7: Troj/ZbotMem-B Befall?
    Log-Analyse und Auswertung - 04.01.2015 (17)
  4. Windows XP, Interpol Virus/Troj. Sperre
    Log-Analyse und Auswertung - 19.06.2014 (7)
  5. Windows8 Troj Agent-ARRQ in C:\Windows\SysWOW64\FlashplayerUpdateService.exe
    Log-Analyse und Auswertung - 12.09.2013 (13)
  6. Troj.gen.zlob in C:\windows\system32\asfar.exe"
    Log-Analyse und Auswertung - 05.01.2013 (2)
  7. Avira meldet TR/Sirefef.BV.2 -- C:\\windows\system32\ac97inctc.ddl und nach Quarantäne c:\\windows\system32\persfw.dll
    Plagegeister aller Art und deren Bekämpfung - 12.12.2012 (4)
  8. Troj/Necurs-M in C:\WINDOWS\system32\drivers\d8146e3232754481.sys -- greift Hacker auf meinen PC zu?
    Log-Analyse und Auswertung - 03.11.2012 (5)
  9. Troj/ExpJS-EG / Troj/ZbotMem-B / Trojan.Phex.THAGen6 - BA-BA-BA-BA-BANKÜBERFALL 2012
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (19)
  10. Troj.gen.zlob in C:/Windows/system 32 OTL Log File Daten
    Log-Analyse und Auswertung - 21.06.2012 (7)
  11. @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
    Plagegeister aller Art und deren Bekämpfung - 17.04.2011 (1)
  12. Browser lassen sich nach Troj.-Befall nicht öffnen windows\system32\svchost.exe Trojan.Downloader
    Plagegeister aller Art und deren Bekämpfung - 31.10.2010 (30)
  13. C:\WINDOWS\system32\LVCOMSX.exe - Zlob?
    Plagegeister aller Art und deren Bekämpfung - 02.09.2007 (3)
  14. Befall durch TR/Crypt.F.Gen, TR/Dldr.Zlob.afw, TR/Zlob.ZU sowie TR/Agent
    Log-Analyse und Auswertung - 27.09.2006 (1)
  15. Trojaner TR/DLdr.ZLob.DR und TR/DLdr.ZLob.DQ und TR/ZLob.FG.2.C eingefangen. Was tun?
    Log-Analyse und Auswertung - 06.01.2006 (1)
  16. mIRC wurm und Troj LADDER.A /Troj RAS.DLDR
    Plagegeister aller Art und deren Bekämpfung - 24.12.2004 (1)
  17. TROJ PROCKILLA / TROJ TARNO.A
    Plagegeister aller Art und deren Bekämpfung - 06.01.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Troj.gen.zlob in C:\windows\system32\asfar.exe - Combofix Logfile: Code: Alles auswählen Aufklappen ATTFilter ComboFix 14-12-25.01 - Bonkers 27.12.2014 10:15:08.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8093.5741 [GMT 1:00] ausgeführt von:: c:\users\Bonkers\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} - Troj.gen.zlob in C:\windows\system32\asfar.exe...
Archiv
Du betrachtest: Troj.gen.zlob in C:\windows\system32\asfar.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19