|
TR/Spy.Banker.Gen2 und andere Malware auf meinem laptop gefunden Hi Gestern hat sich mich AntiVir gemeldet und als erstes TR/Spy.Banker.Gen2 angezeigt (C:\Users\Till\AppData\Roaming\BAcroIEHelpe093.dll). Dannach hat mein scanner auch noch TR/Offend.7417871.1 ausgespuckt :( Ich hatte vorher noch nie groß mit Viren zu tun und hab erstmal einbisschen gegoogelt und keine andere lösung ausser Windows neuaufsetzten gefunden. Da sich der Trojaner ja wohl auf Bankdaten spezialisiert hab ich erstmal meine Bankkarte gesperrt und all Konten wo ich mal was online kauf die Passwörter geändert. Soll ich noch was machen? Was kann diser Virus den noch anrichten? Ich hoffe ich hab eure Forumsanleitung richtig befolgt. Vielen Dank im vorraus Al Dorgo DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_30 Run by Till at 17:44:25 on 2012-04-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.2737 [GMT 2:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe C:\windows\system32\conhost.exe C:\windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Users\Till\Downloads\TwoFingerScroll_1_0_6\TwoFingerScroll.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\windows\system32\conhost.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\iPod\bin\iPodService.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\svchost.exe -k WindowsMobile C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Password Safe\pwsafe.exe C:\windows\system32\vssvc.exe C:\windows\System32\svchost.exe -k swprv C:\windows\system32\SearchProtocolHost.exe c:\program files\windows defender\MpCmdRun.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\DllHost.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://lenovo.msn.com uInternet Settings,ProxyOverride = local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [TwoFingerScroll] C:\Users\Till\Downloads\TwoFingerScroll_1_0_6\TwoFingerScroll.exe uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSPanel.exe /S mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage StartupFolder: C:\Users\Till\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Till\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Till\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.178.1 TCP: Interfaces\{8774BC7D-9C97-45C1-916B-67FCFF8E7425} : DhcpNameServer = 192.168.178.1 TCP: Interfaces\{8774BC7D-9C97-45C1-916B-67FCFF8E7425}\14E64627F696461405 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{8774BC7D-9C97-45C1-916B-67FCFF8E7425}\5416379724F687D2535323441313 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{8774BC7D-9C97-45C1-916B-67FCFF8E7425}\7576 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{8774BC7D-9C97-45C1-916B-67FCFF8E7425}\75C414E4D2739353431303 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{8774BC7D-9C97-45C1-916B-67FCFF8E7425}\A457C6560223 : DhcpNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {326E768D-4182-46FD-9C16-1449A49795F4} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {DBC80044-A445-435b-BC74-9C25C1C588A9} TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSPanel.exe /S mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Till\AppData\Roaming\Mozilla\Firefox\Profiles\kwquqatl.default\ FF - prefs.js: browser.startup.homepage - google.de FF - prefs.js: network.proxy.ftp - 87.249.122.171 FF - prefs.js: network.proxy.ftp_port - 80 FF - prefs.js: network.proxy.http - 87.249.122.171 FF - prefs.js: network.proxy.http_port - 80 FF - prefs.js: network.proxy.socks - 87.249.122.171 FF - prefs.js: network.proxy.socks_port - 80 FF - prefs.js: network.proxy.ssl - 87.249.122.171 FF - prefs.js: network.proxy.ssl_port - 80 FF - prefs.js: network.proxy.type - 1 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 90a9c94c000000000000002682b03f8c FF - user.js: extensions.BabylonToolbar_i.hardId - 90a9c94c000000000000002682b03f8c FF - user.js: extensions.BabylonToolbar_i.instlDay - 15361 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:05:45 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-10-21 136360] R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-10-21 269480] R2 avgntflt;avgntflt;C:\windows\system32\DRIVERS\avgntflt.sys --> C:\windows\system32\DRIVERS\avgntflt.sys [?] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576] R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-2-9 531328] R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504] R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-21 2320920] R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-5-18 641464] R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?] R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?] R3 usbsmi;Lenovo EasyCamera;C:\windows\system32\DRIVERS\SMIksdrv.sys --> C:\windows\system32\DRIVERS\SMIksdrv.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856] S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2010-12-5 14216] S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2010-12-5 8456] S3 HTCAND64;HTC Device Driver;C:\windows\system32\Drivers\ANDROIDUSB.sys --> C:\windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\system32\DRIVERS\htcnprot.sys --> C:\windows\system32\DRIVERS\htcnprot.sys [?] S3 ivusb;Initio Driver for USB Default Controller;C:\windows\system32\DRIVERS\ivusb.sys --> C:\windows\system32\DRIVERS\ivusb.sys [?] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?] S3 pwdrvio;pwdrvio;\??\C:\windows\system32\pwdrvio.sys --> C:\windows\system32\pwdrvio.sys [?] S3 pwdspio;pwdspio;\??\C:\windows\system32\pwdspio.sys --> C:\windows\system32\pwdspio.sys [?] S3 Razerlow;Razer Pro|Solutions;C:\windows\system32\drivers\Razerlow.sys --> C:\windows\system32\drivers\Razerlow.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?] . =============== Created Last 30 ================ . 2012-04-01 15:41:59 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8737FB38-ADA2-4B8D-853B-D53323C6B1F3}\offreg.dll 2012-03-31 13:18:03 128408 ----a-w- C:\Users\Till\AppData\Roaming\AcroFF005.dll 2012-03-30 14:36:08 -------- d-----w- C:\Users\Till\AppData\Roaming\11005 2012-03-30 12:50:13 259576 ----a-w- C:\Users\Till\AppData\Roaming\AcroIEHelpe094.dll 2012-03-30 12:48:33 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8737FB38-ADA2-4B8D-853B-D53323C6B1F3}\mpengine.dll 2012-03-28 13:20:24 -------- d-----w- C:\Users\Till\AppData\Roaming\11004 2012-03-25 11:13:24 -------- d-----w- C:\Users\Till\AppData\Roaming\UAs 2012-03-24 19:07:06 -------- d-----w- C:\Users\Till\AppData\Roaming\11003 2012-03-24 19:06:54 136 ----a-w- C:\Users\Till\AppData\Roaming\srvblck2.tmp 2012-03-24 19:06:48 -------- d-----w- C:\Users\Till\AppData\Roaming\xmldm 2012-03-24 19:06:47 -------- d-----w- C:\Users\Till\AppData\Roaming\kock 2012-03-24 19:06:19 -------- d-----w- C:\Users\Till\AppData\Local\DDMSettings 2012-03-22 21:16:23 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll 2012-03-22 21:16:23 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll 2012-03-17 19:20:28 -------- d-----w- C:\Program Files\iPod 2012-03-17 19:20:27 -------- d-----w- C:\Program Files\iTunes 2012-03-17 19:20:27 -------- d-----w- C:\Program Files (x86)\iTunes 2012-03-15 09:42:16 -------- d-----w- C:\Users\Till\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-03-15 09:42:00 -------- d-----w- C:\Users\Till\AppData\Local\Htc 2012-03-15 09:41:01 -------- d-----w- C:\Users\Till\AppData\Roaming\HTC 2012-03-15 09:39:18 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-03-15 09:38:59 -------- d-----w- C:\Program Files (x86)\HTC 2012-03-14 00:20:08 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-03-14 00:20:07 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-03-14 00:20:07 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-03-13 20:31:44 3145728 ----a-w- C:\windows\System32\win32k.sys 2012-03-13 20:31:38 1544192 ----a-w- C:\windows\System32\DWrite.dll 2012-03-13 20:31:37 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll 2012-03-13 20:27:20 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe 2012-03-13 20:27:20 77312 ----a-w- C:\windows\System32\rdpwsx.dll 2012-03-13 20:27:20 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll 2012-03-13 20:27:18 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll 2012-03-13 20:27:18 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys 2012-03-13 20:27:18 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-03-13 20:27:18 1031680 ----a-w- C:\windows\System32\rdpcore.dll 2012-03-06 15:46:05 -------- d-----w- C:\Users\Till\AppData\Local\Opera . ==================== Find3M ==================== . 2012-02-23 08:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe 2012-02-21 11:16:24 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-01-18 19:52:55 525544 ----a-w- C:\windows\System32\deployJava1.dll 2012-01-04 10:44:20 509952 ----a-w- C:\windows\System32\ntshrui.dll 2012-01-04 08:58:41 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll 2012-01-04 00:48:42 354176 ----a-w- C:\windows\SysWow64\DivXControlPanelApplet.cpl 2010-12-05 19:17:59 211384 ----a-w- C:\Program Files\PPCPimBackup.exe . ============= FINISH: 17:45:14,92 =============== |
hi, da du onlinebanking machst: der pc muss neu aufgesetzt und dann abgesichert werden 1. Datenrettung:
4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen. |
Hi vielen Dank für die schnelle Antwort Ich hab jetzt ne sicherung auf ner externen Festplatte gemacht. Mein pc ist ein Lenovov g 560 laptop und ist mit win 7 fertig installiert gekommen. Ich hab jetzt also ne Iso dvd mit sp1 erstellt und folge eurer anleitung hier: http://www.trojaner-board.de/104197-...anleitung.html Jetzt bin ich mir aber unsicher welche Treiber ich genau brauch. Ich bin auf der Lenovo Seite auf ca 20 downloads gestossen. Muss ich die alle einzeln laden? hxxp://support.lenovo.com/de_DE/downloads/default.page freundliche Grüße Al Dorgo |
kannst du auf der seite nicht direkt nach deinem gerät suchen lassen? da müsste dann das richtige kommen. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 18:25 Uhr. |
Copyright ©2000-2025, Trojaner-Board