Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Smart Fortress 2012 auf Windows 7 Professional (32bit)

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Plagegeister aller Art und deren Bekämpfung: Smart Fortress 2012 auf Windows 7 Professional (32bit)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 04.05.2012, 18:11   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2012, 18:48   #17
beckejr
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Hier die Log-Datei:

Code:
ATTFilter
ComboFix 12-05-04.03 - Frank 04.05.2012  19:19:16.1.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2046.1204 [GMT 2:00]
ausgeführt von:: c:\Users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\Users\***\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\4461f48e31bde5c56b31b973b773de09\List.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\93e7e3d6030f426844228042348210cf\Service.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\bd5179a413bc0c4b82eedc22c6cab101\re.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\e56c61f7248672819579325af3387035\POSIX.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\eb138ef0e4282611dbf485a302784646\LibYAML.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\f233f63b6654362865c7577442edb9e3\Win32.dll
c:\Users\***\AppData\Local\Temp\pdk-Frank-3080\perl514.dll
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\avrt.dll
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\mfplat.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-04 bis 2012-05-04  ))))))))))))))))))))))))))))))
.
.
2012-05-04 17:29 . 2012-05-04 17:29	--------	d-----w-	c:\Users\xxx\AppData\Local\temp
2012-05-04 17:29 . 2012-05-04 17:29	--------	d-----w-	c:\Users\zzz\AppData\Local\temp
2012-05-04 17:29 . 2012-05-04 17:29	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2012-05-04 17:29 . 2012-05-04 17:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-05-04 17:12 . 2012-05-04 17:14	--------	d-----w-	c:\Users\***\Haus
2012-05-04 16:03 . 2012-05-04 16:06	--------	d-----w-	c:\program files\RTL3DSoftware20
2012-05-04 14:56 . 2012-05-04 14:56	--------	d-----w-	c:\program files\Google
2012-05-04 11:05 . 2012-05-04 11:05	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-05-04 09:47 . 2012-05-04 09:47	--------	d-----w-	C:\_OTL
2012-05-04 03:10 . 2012-05-04 15:05	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{45A3AF48-414C-4A50-8031-A9DFFBB97DBC}\offreg.dll
2012-05-04 01:54 . 2012-04-13 07:36	6734704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{45A3AF48-414C-4A50-8031-A9DFFBB97DBC}\mpengine.dll
2012-05-03 21:09 . 2012-05-03 21:09	--------	d-----w-	c:\programdata\MySQL
2012-05-03 20:27 . 2012-05-03 20:27	--------	d-----w-	c:\program files\Oracle
2012-05-03 20:26 . 2012-05-03 20:26	--------	d-----w-	c:\program files\Common Files\Java
2012-05-03 20:26 . 2012-01-10 11:57	637848	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-05-03 19:56 . 2012-05-03 19:56	--------	d-----w-	c:\Users\***\AppData\Local\Secunia PSI
2012-05-03 19:55 . 2012-05-03 19:55	--------	d-----w-	c:\program files\Secunia
2012-05-03 10:51 . 2012-05-03 10:51	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-05-03 10:51 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-05-03 10:24 . 2012-05-03 10:24	--------	d-----w-	c:\programdata\F4D55F170001619A000AE1ADB4EB238B
2012-05-03 10:10 . 2012-05-03 10:10	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2012-05-03 10:10 . 2012-05-03 10:10	129976	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-05-03 10:10 . 2012-05-03 10:10	157352	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-29 10:02 . 2012-05-04 15:45	--------	d-----w-	c:\Users\***\Photoshop
2012-04-29 08:41 . 2012-04-29 08:41	--------	d-----w-	c:\Users\***\AppData\Roaming\Nvu
2012-04-29 08:41 . 2012-04-29 08:41	--------	d-----w-	c:\program files\Nvu
2012-04-28 14:53 . 2012-04-28 14:53	--------	d-----w-	c:\Users\zzz\AppData\Local\Adobe
2012-04-25 15:19 . 2012-04-25 15:19	--------	d-----w-	c:\Users\***\AppData\Roaming\OpenIndex
2012-04-25 15:18 . 2012-04-29 10:41	--------	d-----w-	c:\program files\OpenEstate-ImmoTool
2012-04-24 16:24 . 2012-04-26 19:26	--------	d-----w-	c:\Users\***\AppData\Roaming\Audacity
2012-04-24 16:18 . 2012-04-24 16:18	--------	d-----w-	c:\programdata\Caphyon
2012-04-23 07:58 . 2012-04-23 07:58	--------	d-----w-	c:\Users\***\AppData\Local\GHISLER
2012-04-20 11:53 . 2012-04-20 11:53	--------	d-----w-	c:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-04-20 11:46 . 2012-04-20 11:46	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2012-04-20 11:41 . 2012-04-20 11:41	--------	d-----w-	c:\programdata\ALM
2012-04-20 11:29 . 2012-04-20 11:29	--------	d-----w-	c:\Users\***\Adobe Flash Builder 4.5
2012-04-20 11:24 . 2012-04-20 11:24	--------	d-----w-	c:\Users\***\AppData\Roaming\Artisteer
2012-04-20 08:25 . 2012-04-20 08:25	--------	d-----w-	c:\Users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-04-20 08:25 . 2012-04-20 08:25	--------	d-----w-	c:\program files\Adobe Download Assistant
2012-04-14 07:12 . 2012-04-29 07:44	--------	d-----w-	c:\Users\zzz\AppData\Local\Spotify
2012-04-14 07:12 . 2012-04-29 07:44	--------	d-----w-	c:\Users\zzz\AppData\Roaming\Spotify
2012-04-14 07:12 . 2012-04-14 07:12	--------	d-----w-	c:\Users\zzz\AppData\Local\Deployment
2012-04-14 07:12 . 2012-04-14 07:12	--------	d-----w-	c:\Users\zzz\AppData\Local\Apps
2012-04-13 06:35 . 2012-04-13 10:19	--------	d-----w-	c:\Users\***\AppData\Roaming\gtk-2.0
2012-04-13 06:34 . 2012-04-13 06:35	--------	d-----w-	c:\Users\***\.thumbnails
2012-04-12 08:02 . 2012-04-12 08:02	--------	d-----w-	c:\Users\***\AppData\Roaming\Malwarebytes
2012-04-12 08:02 . 2012-04-12 08:02	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-11 06:59 . 2012-03-01 05:46	19824	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-04-11 06:59 . 2012-03-01 05:37	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-04-11 06:59 . 2012-03-01 05:33	159232	----a-w-	c:\windows\system32\imagehlp.dll
2012-04-11 06:59 . 2012-03-01 05:29	5120	----a-w-	c:\windows\system32\wmi.dll
2012-04-11 06:59 . 2012-04-11 06:59	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2012-04-11 06:59 . 2012-03-06 05:59	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-04-11 06:59 . 2012-03-06 05:59	3913072	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-10 15:40 . 2012-04-10 15:40	--------	d-----w-	c:\program files\directx
2012-04-10 15:40 . 2012-04-10 15:40	--------	d-----w-	c:\program files\Rockstar Games
2012-04-10 12:32 . 1997-11-19 12:49	303616	----a-w-	c:\windows\IsUninst.exe
2012-04-09 21:12 . 2012-04-09 21:17	--------	d-----w-	c:\program files\MP3Gain
2012-04-08 19:57 . 2012-04-08 19:57	--------	d-----w-	c:\Users\***\AppData\Roaming\IrfanView
2012-04-08 19:57 . 2012-04-08 19:57	--------	d-----w-	c:\program files\IrfanView
2012-04-08 16:10 . 2012-04-08 16:10	--------	d-----w-	c:\Users\***\AppData\Local\Windows Live
2012-04-08 16:10 . 2012-04-08 16:10	--------	d-----w-	c:\program files\Common Files\Windows Live
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 08:13 . 2012-03-29 18:18	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-14 08:13 . 2011-10-07 14:23	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 05:53 . 2012-04-04 05:53	47512	----a-w-	c:\windows\system32\AdobePDF.dll
2012-04-04 05:53 . 2012-04-04 05:53	22936	----a-w-	c:\windows\system32\AdobePDFUI.dll
2012-03-19 15:46 . 2012-03-19 15:46	242240	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-11 08:36 . 2011-10-07 14:01	16400	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\UC.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\RAR.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\PKZIP.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\PKUNZIP.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\NOCLOSE.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\LHA.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\ARJ.PIF
2012-03-05 17:47 . 2012-03-05 17:47	162664	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-23 08:18 . 2011-10-07 14:06	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-17 05:34 . 2012-03-13 20:40	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-13 20:40	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-13 20:40	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-02-15 08:27 . 2011-10-07 14:04	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-02-14 10:09 . 2012-02-14 10:09	1070352	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2012-02-10 05:38 . 2012-03-14 17:06	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-05-03 10:10 . 2011-11-07 15:07	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-04-04 21392]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-04-04 954256]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-05 258512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-04-04 3521424]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-04-04 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 815512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Media Server-Taskleisten-Tool.lnk - c:\program files\Squeezebox\SqueezeTray.exe [2011-12-5 3051619]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-7-29 291896]
t@x aktuell.lnk - c:\program files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe [2012-3-8 537200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03	66328	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 116648]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1343400]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-19 242240]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-05 86224]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-07-29 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-07-29 399416]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02	114688	----a-w-	c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 08:13]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 14:56]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 14:56]
.
2012-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000Core.job
- c:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-07 12:50]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000UA.job
- c:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-07 12:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{EDA500EF-216D-4E40-B9F3-6C889750D649}: NameServer = 192.168.2.1
FF - ProfilePath - c:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4ussga7d.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-NapsterShell - c:\program files\Napster\napster.exe
SafeBoot-37472971.sys
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1768)
c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\windows\System32\ieframe.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-04  19:38:24 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-05-04 17:38
.
Vor Suchlauf: 8 Verzeichnis(se), 99.664.056.320 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 101.530.537.984 Bytes frei
.
- - End Of File - - 976D9D0270153D398E7FA6B23CD1EBBB
__________________
Alt 04.05.2012, 18:51   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.


Code:
ATTFilter
Folder::
c:\programdata\F4D55F170001619A000AE1ADB4EB238B
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
__________________
Alt 04.05.2012, 19:09   #19
beckejr
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Und noch einmal:

Code:
ATTFilter
ComboFix 12-05-04.03 - *** 04.05.2012  19:55:31.2.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2046.1127 [GMT 2:00]
ausgeführt von:: c:\Users\***\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\Users\***\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\F4D55F170001619A000AE1ADB4EB238B
c:\programdata\F4D55F170001619A000AE1ADB4EB238B\F4D55F170001619A000AE1ADB4EB238B
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\muzapp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-04 bis 2012-05-04  ))))))))))))))))))))))))))))))
.
.
2012-05-04 18:05 . 2012-05-04 18:05	--------	d-----w-	c:\Users\***\AppData\Local\temp
2012-05-04 18:05 . 2012-05-04 18:05	--------	d-----w-	c:\Users\zzz\AppData\Local\temp
2012-05-04 18:05 . 2012-05-04 18:05	--------	d-----w-	c:\Users\xxx\AppData\Local\temp
2012-05-04 18:05 . 2012-05-04 18:05	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2012-05-04 18:05 . 2012-05-04 18:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-05-04 17:12 . 2012-05-04 17:53	--------	d-----w-	c:\Users\***\Haus
2012-05-04 16:03 . 2012-05-04 16:06	--------	d-----w-	c:\program files\RTL3DSoftware20
2012-05-04 14:56 . 2012-05-04 14:56	--------	d-----w-	c:\program files\Google
2012-05-04 11:05 . 2012-05-04 11:05	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-05-04 09:47 . 2012-05-04 09:47	--------	d-----w-	C:\_OTL
2012-05-04 03:10 . 2012-05-04 17:53	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{45A3AF48-414C-4A50-8031-A9DFFBB97DBC}\offreg.dll
2012-05-04 01:54 . 2012-04-13 07:36	6734704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{45A3AF48-414C-4A50-8031-A9DFFBB97DBC}\mpengine.dll
2012-05-03 21:09 . 2012-05-03 21:09	--------	d-----w-	c:\programdata\MySQL
2012-05-03 20:27 . 2012-05-03 20:27	--------	d-----w-	c:\program files\Oracle
2012-05-03 20:26 . 2012-05-03 20:26	--------	d-----w-	c:\program files\Common Files\Java
2012-05-03 20:26 . 2012-01-10 11:57	637848	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-05-03 19:56 . 2012-05-03 19:56	--------	d-----w-	c:\Users\***\AppData\Local\Secunia PSI
2012-05-03 19:55 . 2012-05-03 19:55	--------	d-----w-	c:\program files\Secunia
2012-05-03 10:51 . 2012-05-03 10:51	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-05-03 10:51 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-05-03 10:10 . 2012-05-03 10:10	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2012-05-03 10:10 . 2012-05-03 10:10	129976	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-05-03 10:10 . 2012-05-03 10:10	157352	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-29 10:02 . 2012-05-04 15:45	--------	d-----w-	c:\Users\***\Photoshop
2012-04-29 08:41 . 2012-04-29 08:41	--------	d-----w-	c:\Users\***\AppData\Roaming\Nvu
2012-04-29 08:41 . 2012-04-29 08:41	--------	d-----w-	c:\program files\Nvu
2012-04-28 14:53 . 2012-04-28 14:53	--------	d-----w-	c:\Users\xxx\AppData\Local\Adobe
2012-04-25 15:19 . 2012-04-25 15:19	--------	d-----w-	c:\Users\***\AppData\Roaming\OpenIndex
2012-04-25 15:18 . 2012-04-29 10:41	--------	d-----w-	c:\program files\OpenEstate-ImmoTool
2012-04-24 16:24 . 2012-04-26 19:26	--------	d-----w-	c:\Users\***\AppData\Roaming\Audacity
2012-04-24 16:18 . 2012-04-24 16:18	--------	d-----w-	c:\programdata\Caphyon
2012-04-23 07:58 . 2012-04-23 07:58	--------	d-----w-	c:\Users\***\AppData\Local\GHISLER
2012-04-20 11:53 . 2012-04-20 11:53	--------	d-----w-	c:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-04-20 11:46 . 2012-04-20 11:46	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2012-04-20 11:41 . 2012-04-20 11:41	--------	d-----w-	c:\programdata\ALM
2012-04-20 11:29 . 2012-04-20 11:29	--------	d-----w-	c:\Users\***\Adobe Flash Builder 4.5
2012-04-20 11:24 . 2012-04-20 11:24	--------	d-----w-	c:\Users\***\AppData\Roaming\Artisteer
2012-04-20 08:25 . 2012-04-20 08:25	--------	d-----w-	c:\Users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-04-20 08:25 . 2012-04-20 08:25	--------	d-----w-	c:\program files\Adobe Download Assistant
2012-04-14 07:12 . 2012-04-29 07:44	--------	d-----w-	c:\Users\xxx\AppData\Local\Spotify
2012-04-14 07:12 . 2012-04-29 07:44	--------	d-----w-	c:\Users\xxx\AppData\Roaming\Spotify
2012-04-14 07:12 . 2012-04-14 07:12	--------	d-----w-	c:\Users\xxx\AppData\Local\Deployment
2012-04-14 07:12 . 2012-04-14 07:12	--------	d-----w-	c:\Users\xxx\AppData\Local\Apps
2012-04-13 06:35 . 2012-04-13 10:19	--------	d-----w-	c:\Users\***\AppData\Roaming\gtk-2.0
2012-04-13 06:34 . 2012-04-13 06:35	--------	d-----w-	c:\Users\***\.thumbnails
2012-04-12 08:02 . 2012-04-12 08:02	--------	d-----w-	c:\Users\***\AppData\Roaming\Malwarebytes
2012-04-12 08:02 . 2012-04-12 08:02	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-11 06:59 . 2012-03-01 05:46	19824	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-04-11 06:59 . 2012-03-01 05:37	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-04-11 06:59 . 2012-03-01 05:33	159232	----a-w-	c:\windows\system32\imagehlp.dll
2012-04-11 06:59 . 2012-03-01 05:29	5120	----a-w-	c:\windows\system32\wmi.dll
2012-04-11 06:59 . 2012-04-11 06:59	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2012-04-11 06:59 . 2012-03-06 05:59	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-04-11 06:59 . 2012-03-06 05:59	3913072	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-10 15:40 . 2012-04-10 15:40	--------	d-----w-	c:\program files\directx
2012-04-10 15:40 . 2012-04-10 15:40	--------	d-----w-	c:\program files\Rockstar Games
2012-04-10 12:32 . 1997-11-19 12:49	303616	----a-w-	c:\windows\IsUninst.exe
2012-04-09 21:12 . 2012-04-09 21:17	--------	d-----w-	c:\program files\MP3Gain
2012-04-08 19:57 . 2012-04-08 19:57	--------	d-----w-	c:\Users\***\AppData\Roaming\IrfanView
2012-04-08 19:57 . 2012-04-08 19:57	--------	d-----w-	c:\program files\IrfanView
2012-04-08 16:10 . 2012-04-08 16:10	--------	d-----w-	c:\Users\***\AppData\Local\Windows Live
2012-04-08 16:10 . 2012-04-08 16:10	--------	d-----w-	c:\program files\Common Files\Windows Live
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 08:13 . 2012-03-29 18:18	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-14 08:13 . 2011-10-07 14:23	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 05:53 . 2012-04-04 05:53	47512	----a-w-	c:\windows\system32\AdobePDF.dll
2012-04-04 05:53 . 2012-04-04 05:53	22936	----a-w-	c:\windows\system32\AdobePDFUI.dll
2012-03-19 15:46 . 2012-03-19 15:46	242240	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-11 08:36 . 2011-10-07 14:01	16400	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\UC.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\RAR.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\NOCLOSE.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\LHA.PIF
2012-03-09 06:57 . 2012-03-21 18:49	545	----a-w-	c:\windows\ARJ.PIF
2012-03-05 17:47 . 2012-03-05 17:47	162664	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-23 08:18 . 2011-10-07 14:06	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-17 05:34 . 2012-03-13 20:40	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-13 20:40	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-13 20:40	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-02-15 08:27 . 2011-10-07 14:04	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-02-14 10:09 . 2012-02-14 10:09	1070352	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2012-02-10 05:38 . 2012-03-14 17:06	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-05-03 10:10 . 2011-11-07 15:07	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-04-04 21392]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-04-04 954256]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-05 258512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-04-04 3521424]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-04-04 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 815512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Media Server-Taskleisten-Tool.lnk - c:\program files\Squeezebox\SqueezeTray.exe [2011-12-5 3051619]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-7-29 291896]
t@x aktuell.lnk - c:\program files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe [2012-3-8 537200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03	66328	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 116648]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1343400]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-19 242240]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-05 86224]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-07-29 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-07-29 399416]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02	114688	----a-w-	c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 08:13]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 14:56]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-04 14:56]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000Core.job
- c:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-07 12:50]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000UA.job
- c:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-07 12:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{EDA500EF-216D-4E40-B9F3-6C889750D649}: NameServer = 192.168.2.1
FF - ProfilePath - c:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4ussga7d.default\
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7601 
.
CreateFile("\\.\PHYSICALDRIVE1"): Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
device: opened successfully
user: error reading MBR 
kernel: MBR read successfully
user != kernel MBR !!! 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-05-04  20:06:52
ComboFix-quarantined-files.txt  2012-05-04 18:06
ComboFix2.txt  2012-05-04 17:38
.
Vor Suchlauf: 13 Verzeichnis(se), 101.588.692.992 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 101.295.869.952 Bytes frei
.
- - End Of File - - 5330818480FFECDC396A1944F59F7EC9

Alt 04.05.2012, 19:27   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2012, 20:07   #21
beckejr
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


GMER ist zwei mal abgestürzt. Hier die OSAM Log-Datei:

Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:04:59 on 04.05.2012

OS: Windows 7  Service Pack 1 (Build 7601), 32-bit
Default Browser: Google Inc. Google Chrome 18.0.1025.168

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000Core.job" - "Google Inc." - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000UA.job" - "Google Inc." - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - C:\Windows\System32\Drivers\usbaapl.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\***\AppData\Local\Temp\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} "PixiePack Codec Pack 1.1.1200.0" - ? - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products (Canada) Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu.dll
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Program Files\Logitech\SetPointP\kbcplext.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL
{9AF41401-0C93-11D4-A854-00105A80791C} "OKI Netw" - ? - C:\OKIDATA\C5150_C5200\English\GDI\32 Bit\OPHCWNXT.DLL  (File not found)
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL
{CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products (Canada) Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products (Canada) Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products (Canada) Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{8903F6C9-25E3-40AC-A98F-E6D35CD0469C} "PSPad" - ? - C:\PROGRA~2\PSPADE~1\PSPADS~1.DLL  (File found, but it contains no detailed information)
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products (Canada) Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
Logitech Setpoint Extension "{B9B9F083-2B04-452A-8691-83694AC1037B}" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.7.0_03" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.7.0_03" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 10.3.1" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
<binary data> "Contribute Toolbar" - "Adobe Systems, Inc." - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{074C1DC5-9320-4A9A-947D-C042949C6216} "ContributeBHO Class" - "Adobe Systems, Inc." - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
{F4971EE7-DAA0-4053-9964-665D8EE6A077} "SmartSelect Class" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Logitech Media Server-Taskleisten-Tool.lnk" - "Logitech Inc." - C:\Program Files\Squeezebox\SqueezeTray.exe  (Shortcut exists | File exists)
"Secunia PSI Tray.lnk" - "Secunia" - C:\Program Files\Secunia\PSI\psi_tray.exe  (Shortcut exists | File exists)
"t@x aktuell.lnk" - "Buhl Tax Service, Hannover" - C:\Program Files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
"KiesHelper" - "Samsung" - C:\Program Files\Samsung\Kies\KiesHelper.exe /s
"KiesPDLR" - ? - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"Adobe Acrobat Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeAAMUpdater-1.0" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AdobeCS5.5ServiceManager" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"EvtMgr6" - "Logitech, Inc." - C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
"FreePDF Assistant" - "shbox.de" - "C:\Program Files\FreePDF_XP\fpassist.exe"
"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
"IaNvSrv" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"KiesTrayAgent" - "Samsung Electronics Co., Ltd." - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SwitchBoard" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port Monitor" - "Adobe Systems Inc" - C:\Windows\system32\AdobePDF.dll
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)
"Redirected Port" - ? - C:\Windows\system32\redmonnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files\Secunia\PSI\PSIA.exe
"Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files\Secunia\PSI\sua.exe
"SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"TeamViewer 7" (TeamViewer7) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"LBTWlgn" - "Logitech, Inc." - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Hier die aswMBR Log:

Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-04 21:50:28
-----------------------------
21:50:28.362    OS Version: Windows 6.1.7601 Service Pack 1
21:50:28.362    Number of processors: 2 586 0x1706
21:50:28.362    ComputerName: ***-NB  UserName: ***
21:50:29.766    Initialize success
21:50:33.588    AVAST engine defs: 12050400
21:50:41.840    Disk 0  \Device\Harddisk0\DR0 -> \Device\RobsonImd-0
21:50:41.840    Disk 0 Vendor:   Size: 513MB BusType: 0
21:50:41.840    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-0
21:50:41.840    Disk 1 Vendor:   Size: 513MB BusType: 0
21:50:41.887    Disk 1 MBR read successfully
21:50:41.903    Disk 1 MBR scan
21:50:41.918    Disk 1 Windows 7 default MBR code
21:50:41.918    Disk 1 MBR hidden
21:50:41.934    Disk 1 Partition 1 00     27 Hidden NTFS WinRE NTFS        12288 MB offset 2048
21:50:41.950    Disk 1 Partition 2 80 (A) 07    HPFS/NTFS NTFS       226172 MB offset 25173855
21:50:41.981    Disk 1 scanning C:\Windows\system32\drivers
21:50:54.945    Service scanning
21:51:08.938    Modules scanning
21:51:18.454    Disk 1 trace - called modules:
21:51:18.485    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys iaNvStor.sys 
21:51:18.485    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x87589030]
21:51:18.516    3 CLASSPNP.SYS[8938d59e] -> nt!IofCallDriver -> [0x857860a0]
21:51:18.547    5 ACPI.sys[88ca13d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85791028]
21:51:18.563    Scan finished successfully
21:51:38.429    Disk 1 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
21:51:38.429    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
funktionierte allerdings nur mit "AV scan" (none)

Alt 06.05.2012, 17:58   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Smart Fortress 2012 auf Windows 7 Professional (32bit) - Standard

Smart Fortress 2012 auf Windows 7 Professional (32bit)


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu Smart Fortress 2012 auf Windows 7 Professional (32bit)
7-zip, adobe after effects, antivir, application/pdf, application/pdf:, avira, bho, bonjour, converter, decrypter, desktop, device driver, document, entfernen, fehler, firefox, flash player, geld, google, helper, home, install.exe, jdownloader, karte, langs, microsoft office word, mp3, object, pdfforge toolbar, plug-in, remote control, scan, searchscopes, security, senden, sketchup, svchost.exe, system, taskhost.exe, total commander, tracker, trojaner, usb, version=1.0, windows


« PC stürzt nach erfolgreichem Virenscan ständig ab | Weiterleitungen und ,,Recommended for you"-Popups »

Ähnliche Themen: Smart Fortress 2012 auf Windows 7 Professional (32bit)


  1. smart fortress 2012 auf meinem PC
    Log-Analyse und Auswertung - 31.05.2012 (1)
  2. Mit Smart Fortress 2012 infiziert!
    Log-Analyse und Auswertung - 24.05.2012 (3)
  3. smart fortress 2012, wie entfernen?
    Log-Analyse und Auswertung - 22.05.2012 (33)
  4. Smart Fortress 2012 eingefangen, schon einiges vorbereitet.
    Log-Analyse und Auswertung - 19.05.2012 (6)
  5. Smart Fortress 2012/Probleme nach Bereinigung
    Log-Analyse und Auswertung - 16.05.2012 (44)
  6. Habe ich Smart Fortress 2012 restlos/erfolgreich entfernt?
    Log-Analyse und Auswertung - 15.05.2012 (18)
  7. Smart Fortress 2012 ... ESET läuft schon
    Plagegeister aller Art und deren Bekämpfung - 13.05.2012 (1)
  8. Virus Löschen SMART FORTRESS 2012
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (1)
  9. Smart Fortress 2012 / sicherheitscenter ausgeschaltet
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (25)
  10. Smart Fortress 2012 richtig entfernt?
    Log-Analyse und Auswertung - 15.04.2012 (33)
  11. Mit Smart Fortress 2012 infiziert
    Log-Analyse und Auswertung - 13.04.2012 (25)
  12. Smart Fortress 2012 hat mich leider auch erwischt:(
    Log-Analyse und Auswertung - 13.04.2012 (4)
  13. Trojanerproblem nach Smart Fortress 2012 Virus
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (9)
  14. (2x) Trojanerproblem nach Smart Fortress 2012 Virus
    Mülltonne - 09.04.2012 (1)
  15. Smart Fortress 2012 Trojaner Problem
    Plagegeister aller Art und deren Bekämpfung - 08.04.2012 (1)
  16. Smart Fortress 2012-Befall
    Log-Analyse und Auswertung - 05.04.2012 (15)
  17. Smart Fortress 2012 entfernen
    Anleitungen, FAQs & Links - 27.02.2012 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Smart Fortress 2012 auf Windows 7 Professional (32bit) - Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix Lade dir ComboFix hier herunter auf deinen Desktop . Schliesse alle Programme, vor allem dein Antivirenprogramm - Smart Fortress 2012 auf Windows 7 Professional (32bit)...
Archiv
Du betrachtest: Smart Fortress 2012 auf Windows 7 Professional (32bit) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129