Ebenfalls immer 2 Mal Internet Explorer im Hintergrund gestartet und befürchte Trojaner

Boardon · 18.03.2012, 11:56

Hallo zusammen,

dies ist mein erster Post hier und ich habe ebenfalls das Problem, dass sich - laut Task Manager - im Hintergrund immer der IE als laufender Prozess zeigt (zumeist 2 Mal). Ich verwende standardmäßig Firefox als Browser.
Ich habe mich bisher durch das Forum hier gelesen und einige dort geschilderte Schritte unternommen (Scan mit Malbyteware, Antivir, etc.) Dabei wurde auch der eine oder andere Plagegeist gefunden und dann von mir entfernt bzw. in Quarantäne verschoben. Leider ist durch die bisherigen Schritte das Problem des geöffnetten IE immer noch nicht behoben worden und "gefühlt" läuft das browsen im Internet weiter nicht reibungslos (Meldungen von Malbyteware, seit ein paar Tagen kein Zugriff mehr auf Online-Banking, etc.). Daher wende ich mich nun per eigenem Thread an Euch um evtl. Unterstützung zu bekommen, ob sich bedenkliche Prozesse auf meinem Notebook abspielen.

Hierzu habe ich die erforderlichen Logfiles der genannten Programme erstellt und füge diese nachfolgend hinzu. Defogger (aus Schritt 1) hat keine Fehlermeldung ausgespuckt. Gmer habe ich gemäß Anweisung nicht ausgeführt.

Bevor ich die Anhänge poste schon mal ein großes "Danke schön" vorab für die Hilfe!!!

Viele Grüße

Boardon

Hier nun die dds.text, die attach.txt im Anhang

DS Logfile:

Code:

ATTFilter

DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_23
Run by Marcel at 11:51:48 on 2012-03-18
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.4062.2054 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\SMINST\BLService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\WINDOWS\WindowsMobile\wmdc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Users\Marcel\AppData\Roaming\Miwu\cemy.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [Upgrade] C:\Users\Marcel\AppData\Roaming\Media Player Classic\{DEEED25C-06B9-401C-8770-405F1657E5FA}\Upgrade.exe
uRun: [Yzikefatp] C:\Users\Marcel\AppData\Roaming\Miwu\cemy.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [<NO NAME>] 
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to Mp3 Converter - C:\Users\Marcel\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0565E525-F974-4B91-BB71-63C42B151636} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{2A38ED3D-84B2-448E-89AC-C554BB48505A} : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
{53707962-6F74-2D53-2644-206D7942484F}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [(Standard)] 
mRun-x64: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ogp0343k.default\
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxp://blackhawks.nhl.com/
FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};C:\Program Files (x86)\HP\QuickPlay\000.fcl [2008-7-31 27632]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-4-25 108289]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-4-25 185089]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windows-Dienst für Schriftartencache;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-16 652360]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\WINDOWS\SMINST\BLService.exe [2008-7-31 361808]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-1-9 1153368]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-7-31 228408]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 PerfHost;Leistungsindikator-DLL-Host;C:\WINDOWS\SysWOW64\perfhost.exe [2008-1-21 19968]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\system32\DRIVERS\ss_bbus.sys --> C:\Windows\system32\DRIVERS\ss_bbus.sys [?]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\system32\DRIVERS\ss_bmdfl.sys --> C:\Windows\system32\DRIVERS\ss_bmdfl.sys [?]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\system32\DRIVERS\ss_bmdm.sys --> C:\Windows\system32\DRIVERS\ss_bmdm.sys [?]
S3 TFsExDisk;TFsExDisk;C:\WINDOWS\System32\drivers\TFsExDisk.Sys [2010-6-18 16392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-5-8 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-03-18 10:15:28	69000	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A349572A-6E01-4CC1-AF24-4F7EE276D1DB}\offreg.dll
2012-03-16 14:05:31	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2012-03-16 14:01:33	--------	d-----w-	C:\Users\Marcel\AppData\Local\Htc
2012-03-16 11:39:02	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Malwarebytes
2012-03-16 11:38:53	23152	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-03-16 11:38:53	--------	d-----w-	C:\ProgramData\Malwarebytes
2012-03-16 11:38:52	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-16 06:54:40	8643640	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A349572A-6E01-4CC1-AF24-4F7EE276D1DB}\mpengine.dll
2012-03-15 22:43:29	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Wyasp
2012-03-15 22:43:29	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Ohmiy
2012-03-15 22:43:29	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Miwu
2012-03-14 09:42:24	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Vatei
2012-03-14 09:42:24	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Unol
2012-03-14 09:42:24	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Ufduz
2012-03-13 19:42:32	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\TeamViewer
2012-03-11 10:43:26	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Uty
2012-03-11 10:43:26	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Inkodu
2012-03-06 16:35:42	--------	d-----w-	C:\Windows\Rome Total war Gold - Barbarian
2012-03-04 20:59:01	--------	d-----w-	C:\Users\Marcel\AppData\Local\Google
.
==================== Find3M  ====================
.
2012-02-23 08:18:36	279656	------w-	C:\Windows\System32\MpSigStub.exe
2012-02-19 10:35:11	414368	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-14 16:49:43	327680	----a-w-	C:\Windows\System32\d3d10_1core.dll
2012-02-14 16:49:43	196096	----a-w-	C:\Windows\System32\d3d10_1.dll
2012-02-14 15:45:30	219648	----a-w-	C:\Windows\SysWow64\d3d10_1core.dll
2012-02-14 15:45:30	160768	----a-w-	C:\Windows\SysWow64\d3d10_1.dll
2012-02-13 14:38:31	2002944	----a-w-	C:\Windows\System32\d3d10warp.dll
2012-02-13 14:12:08	1172480	----a-w-	C:\Windows\SysWow64\d3d10warp.dll
2012-02-13 14:06:48	834048	----a-w-	C:\Windows\System32\d2d1.dll
2012-02-13 14:03:11	1555968	----a-w-	C:\Windows\System32\DWrite.dll
2012-02-13 13:47:57	683008	----a-w-	C:\Windows\SysWow64\d2d1.dll
2012-02-13 13:44:40	1068544	----a-w-	C:\Windows\SysWow64\DWrite.dll
2012-02-02 15:34:25	2765824	----a-w-	C:\Windows\System32\win32k.sys
2012-01-09 16:16:54	708096	----a-w-	C:\Windows\System32\rdpencom.dll
2012-01-09 15:54:08	613376	----a-w-	C:\Windows\SysWow64\rdpencom.dll
2012-01-09 14:27:49	209920	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2012-01-03 14:25:21	404992	----a-w-	C:\Windows\System32\drivers\afd.sys
2011-07-14 08:31:42	1456640	----a-w-	C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
.
============= FINISH: 11:52:11,49 ===============

--- --- ---

Ebenfalls immer 2 Mal Internet Explorer im Hintergrund gestartet und befürchte Trojaner

Plagegeister aller Art und deren Bekämpfung: Ebenfalls immer 2 Mal Internet Explorer im Hintergrund gestartet und befürchte Trojaner

Ebenfalls immer 2 Mal Internet Explorer im Hintergrund gestartet und befürchte Trojaner

Ähnliche Themen: Ebenfalls immer 2 Mal Internet Explorer im Hintergrund gestartet und befürchte Trojaner