Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner Deutsche Bank

Trojaner Deutsche Bank


Plagegeister aller Art und deren Bekämpfung: Trojaner Deutsche Bank

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 24.10.2010, 17:41   #14
caracas
 
Trojaner Deutsche Bank - Standard

Trojaner Deutsche Bank


Code:
ATTFilter
RSIT Logfile:


	
Code: 

 
ATTFilter


  

	
Logfile of random's system information tool 1.08 (written by random/random)
Run by xxx at 2010-10-24 18:26:20
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 162 GB (71%) free of 228 GB
Total RAM: 3066 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:26:24, on 24.10.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18527)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\xxx\Desktop\RSIT.exe
C:\Program Files\trend micro\xxx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7982 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-05 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-05 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-07-17 196608]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-12-22 483420]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-12-22 3810304]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [2008-06-03 446635]
"Dell DataSafe Online"=C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [2008-11-03 1745648]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-07-04 132392]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-10-04 206064]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-07-04 2072576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
" Malwarebytes Anti-Malware  (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2009-03-05 10536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2010-10-24 17:45:12 ----D---- C:\Program Files\Smart PC Solutions
2010-10-24 13:03:36 ----D---- C:\Program Files\CCleaner
2010-10-24 12:51:33 ----D---- C:\ProgramData\AVS4YOU
2010-10-24 12:51:29 ----D---- C:\Users\xxx\AppData\Roaming\AVS4YOU
2010-10-24 12:51:11 ----D---- C:\Program Files\Common Files\AVSMedia
2010-10-24 12:50:35 ----D---- C:\Program Files\AVS4YOU
2010-10-24 12:50:35 ----A---- C:\Windows\system32\msxml3a.dll
2010-10-24 11:59:55 ----D---- C:\rsit
2010-10-24 11:59:55 ----D---- C:\Program Files\trend micro
2010-10-24 03:10:43 ----D---- C:\Users\xxx\AppData\Roaming\Malwarebytes
2010-10-24 03:10:32 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-10-24 03:10:31 ----D---- C:\ProgramData\Malwarebytes
2010-10-24 03:10:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-24 03:10:30 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-10-23 00:34:50 ----D---- C:\Users\xxx\AppData\Roaming\Wuwu
2010-10-23 00:34:50 ----D---- C:\Users\xxx\AppData\Roaming\Iluv
2010-10-15 10:56:35 ----A---- C:\Windows\system32\msshsq.dll
2010-10-14 12:11:10 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-14 12:11:10 ----A---- C:\Windows\system32\mfc40.dll
2010-10-14 12:11:07 ----A---- C:\Windows\system32\win32k.sys
2010-10-14 12:11:01 ----A---- C:\Windows\system32\wmp.dll
2010-10-14 12:10:57 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-14 12:10:22 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-14 12:10:22 ----A---- C:\Windows\system32\netevent.dll
2010-10-14 12:10:22 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-14 12:10:22 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-14 12:10:22 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-14 12:10:16 ----A---- C:\Windows\system32\schannel.dll
2010-10-14 12:10:15 ----A---- C:\Windows\system32\ole32.dll
2010-10-14 12:09:30 ----A---- C:\Windows\system32\t2embed.dll
2010-10-14 12:07:26 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-14 12:07:23 ----A---- C:\Windows\system32\comctl32.dll
2010-10-14 12:07:20 ----A---- C:\Windows\system32\mshtml.dll
2010-10-14 12:07:20 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-14 12:07:20 ----A---- C:\Windows\system32\ieframe.dll
2010-10-14 12:07:19 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-14 12:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2010-10-14 12:07:18 ----A---- C:\Windows\system32\urlmon.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\wininet.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\occache.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\mstime.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\iertutil.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\iepeers.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\ieencode.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-14 12:07:17 ----A---- C:\Windows\system32\ieaksie.dll
2010-09-29 11:27:10 ----A---- C:\Windows\system32\tzres.dll
2010-09-18 16:23:50 ----D---- C:\Program Files\Conduit
2010-09-18 16:18:19 ----D---- C:\Users\xxx\AppData\Roaming\Carambis
2010-09-18 16:15:55 ----D---- C:\Program Files\Carambis
2010-09-18 16:00:10 ----RASH---- C:\MSDOS.SYS
2010-09-18 16:00:10 ----RASH---- C:\IO.SYS
2010-09-18 15:51:35 ----D---- C:\ProgramData\UAB
2010-09-18 15:51:15 ----D---- C:\ProgramData\Driver Whiz
2010-09-18 15:49:31 ----D---- C:\Program Files\Driver Whiz
2010-09-15 10:02:26 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 10:02:25 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 10:02:23 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 10:02:07 ----A---- C:\Windows\system32\inetcomm.dll
2010-08-12 09:51:33 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 09:51:15 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 09:51:13 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 09:51:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 09:51:08 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 09:51:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-03 09:43:58 ----A---- C:\Windows\system32\shell32.dll

======List of files/folders modified in the last 3 months======

2010-10-24 18:26:23 ----D---- C:\Windows\Temp
2010-10-24 18:07:56 ----D---- C:\Windows\System32
2010-10-24 18:07:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-24 18:07:55 ----D---- C:\Windows\inf
2010-10-24 17:50:59 ----D---- C:\Program Files\Mozilla Firefox
2010-10-24 17:48:00 ----SHD---- C:\System Volume Information
2010-10-24 17:45:12 ----RD---- C:\Program Files
2010-10-24 17:40:57 ----SHD---- C:\Windows\Installer
2010-10-24 17:40:51 ----D---- C:\Windows\winsxs
2010-10-24 13:31:55 ----D---- C:\Windows\system32\drivers
2010-10-24 12:51:33 ----HD---- C:\ProgramData
2010-10-24 12:51:13 ----RSD---- C:\Windows\Fonts
2010-10-24 12:51:11 ----D---- C:\Program Files\Common Files
2010-10-24 03:28:20 ----D---- C:\Windows\Provisioning
2010-10-23 18:44:16 ----D---- C:\Users\xxx\AppData\Roaming\Skype
2010-10-23 17:40:00 ----D---- C:\Users\xxx\AppData\Roaming\skypePM
2010-10-19 11:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-18 13:24:13 ----D---- C:\Windows\Prefetch
2010-10-16 10:37:24 ----D---- C:\Windows\rescache
2010-10-16 02:06:24 ----D---- C:\Windows\system32\de-DE
2010-10-16 02:06:23 ----D---- C:\Program Files\Windows Media Player
2010-10-16 02:06:20 ----D---- C:\Program Files\Internet Explorer
2010-10-15 10:56:40 ----D---- C:\Windows\system32\catroot
2010-10-14 12:06:59 ----D---- C:\Windows\system32\catroot2
2010-10-07 13:57:07 ----D---- C:\Windows\Microsoft.NET
2010-10-07 13:56:48 ----RSD---- C:\Windows\assembly
2010-10-02 15:29:58 ----D---- C:\Users\xxx\AppData\Roaming\Adobe
2010-09-30 09:01:58 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-27 22:24:33 ----D---- C:\Program Files\Google
2010-09-22 13:17:20 ----D---- C:\Windows\system32\Tasks
2010-09-20 11:19:52 ----D---- C:\Windows
2010-09-18 16:42:13 ----SD---- C:\ProgramData\Microsoft
2010-09-16 03:01:31 ----D---- C:\Program Files\Windows Mail
2010-08-15 03:15:35 ----D---- C:\Program Files\Movie Maker
2010-08-13 11:43:28 ----D---- C:\Program Files\Microsoft Works
2010-08-03 03:02:14 ----D---- C:\Program Files\Common Files\microsoft shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-07-03 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-07-03 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2008-07-03 38400]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-07-17 170032]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-11-24 3847168]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-12-22 18424]
R3 BCM43XX;Treiber für Dell Wireless WLAN Karte; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-17 1331192]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2008-07-28 54784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-05-29 203264]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2008-10-27 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2008-10-27 277440]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-12-22 393216]
S3 cpuz132;cpuz132; \??\C:\Users\xxx\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-11-24 3847168]
S3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2008-01-21 251904]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [2008-12-22 81920]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-11-24 692224]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-09-23 155648]
R2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-16 133104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 sprtsvc_DellSupportCenter;SupportSoft Sprocket Service (DellSupportCenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-10-04 201968]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [2008-12-22 241746]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-12-22 26112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-26 651720]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2009-03-05 16680]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
         
 
--- --- ---

 

Themen zu Trojaner Deutsche Bank
benötigt, bereits, blockiert, dankbar, daraus, deutsche, deutsche bank, deutschen, entferne, entfernen, erschein, erscheint, festgestellt, gestellt, heute, hinaus, hinweise, kein zugriff, kontodaten, login, private, threads, troja, trojaner, zugang, zugriff


« Malware.Packer.Gen & Trojan.DNSChanger | PC von div. Viren (Alureon.A, TR/Agent.PJW, TR/FraudPack.kva.66 etc.) befallen »


Ähnliche Themen: Trojaner Deutsche Bank


  1. Deutsche Bank Trojaner fordert 20 TANs an
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (9)
  2. Deutsche Bank Trojaner 100 Tan
    Log-Analyse und Auswertung - 12.04.2013 (7)
  3. Deutsche Bank Trojaner fordert 100 Tan´s
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (3)
  4. Deutsche Bank Tan Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (3)
  5. 100 Tan Trojaner Deutsche Bank
    Plagegeister aller Art und deren Bekämpfung - 08.06.2011 (15)
  6. Deutsche Bank 100 TAN Trojaner - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (34)
  7. Deutsche Bank Trojaner c:\recycle.bin (Trojan.Spyeyes)
    Plagegeister aller Art und deren Bekämpfung - 20.05.2011 (37)
  8. Deutsche Bank Trojaner, TAN Abfrage
    Plagegeister aller Art und deren Bekämpfung - 24.03.2011 (4)
  9. Deutsche Bank 30 tan trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (22)
  10. Und nochmal Deutsche Bank TAN-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2010 (16)
  11. Trojaner deutsche Bank TAN eingeben
    Plagegeister aller Art und deren Bekämpfung - 28.10.2010 (1)
  12. Deutsche Bank Trojaner
    Plagegeister aller Art und deren Bekämpfung - 22.10.2010 (43)
  13. deutsche bank 30 tan trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (6)
  14. 20 TAN Trojaner in Firefox- Deutsche Bank
    Plagegeister aller Art und deren Bekämpfung - 02.10.2010 (4)
  15. Deutsche Bank Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (13)
  16. 20 Tan Trojaner Deutsche Bank
    Plagegeister aller Art und deren Bekämpfung - 08.09.2010 (1)
  17. Trojaner? Deutsche Bank will 30 Tans
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner Deutsche Bank - Code: Alles auswählen Aufklappen ATTFilter RSIT Logfile: Code: Alles auswählen Aufklappen ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by xxx at 2010-10-24 18:26:20 Microsoft® Windows - Trojaner Deutsche Bank...
Archiv
Du betrachtest: Trojaner Deutsche Bank auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19