Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Sparkassen Trojaner 50 Tans

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.06.2012, 16:25   #1
sinus020487
 
Sparkassen Trojaner 50 Tans - Standard

Sparkassen Trojaner 50 Tans



Hallo, habe mich vor ein paar Tagen bei meinem Online-Banking anmelden wollen und dann kam die Liste in der ich 50 Tans eintragen sollte. Hab hier schon ein bisschen rumgelesen und versucht mich zu informieren. OTL habe ich runtergeladen und nach Anweisung laufen lassen rausgekommen ist das hier:

OTL logfile created on: 24.06.2012 16:41:54 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Tanjuscha\Unbrauchbar\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,97 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 51,49% Memory free
8,13 Gb Paging File | 6,07 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,07 Gb Total Space | 86,26 Gb Free Space | 30,15% Space Free | Partition Type: NTFS
Drive D: | 12,02 Gb Total Space | 1,93 Gb Free Space | 16,02% Space Free | Partition Type: NTFS

Computer Name: TANJUSCHA-PC | User Name: Tanjuscha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Tanjuscha\Unbrauchbar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\TANJUS~1\AppData\Local\Temp\2SQEEB1.exe (Microsoft Corporation)
PRC - C:\Users\Tanjuscha\368o0qiuym.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmltok.dll ()
MOD - C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmlparse.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\Hpservice.exe (Hewlett-Packard Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (NAUpdate) @C:\Program Files (x86) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (usnjsvc) -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\DRIVERS\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\DRIVERS\vpnva64.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USB_RNDIS) -- C:\Windows\SysNative\DRIVERS\usb8023.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\DRIVERS\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (NETw5v64) Intel(R) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys (Hewlett-Packard Corporation)
DRV:64bit: - (NETw3v64) Intel(R) -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (ssm_mdm) -- C:\Windows\SysNative\DRIVERS\ssm_mdm.sys (MCCI Corporation)
DRV:64bit: - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\SysNative\DRIVERS\ssm_bus.sys (MCCI Corporation)
DRV:64bit: - (ssm_mdfl) -- C:\Windows\SysNative\DRIVERS\ssm_mdfl.sys (MCCI Corporation)
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\DRIVERS\ss_mdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\SysNative\DRIVERS\ss_bus.sys (MCCI Corporation)
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\DRIVERS\ss_mdfl.sys (MCCI Corporation)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys ()
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (ASPI32) -- C:\Windows\SysWow64\drivers\ASPI32.SYS (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B4F381CE-68D8-4179-A60A-797EC0C34865}
IE:64bit: - HKLM\..\SearchScopes\{A22B7BB8-1521-44F2-AFC5-67CFABC0EAFC}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE:64bit: - HKLM\..\SearchScopes\{B4F381CE-68D8-4179-A60A-797EC0C34865}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE:64bit: - HKLM\..\SearchScopes\{BFF76C5E-CBC4-495C-B661-5C006E231FBD}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {53b7f561-e49d-4a38-bc38-0f2642cee09c} - C:\Program Files (x86)\Max_DE\tbMax1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{A22B7BB8-1521-44F2-AFC5-67CFABC0EAFC}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2055800
IE - HKLM\..\SearchScopes\{B4F381CE-68D8-4179-A60A-797EC0C34865}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKLM\..\SearchScopes\{BFF76C5E-CBC4-495C-B661-5C006E231FBD}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 32 A7 3E 0E A8 A4 32 47 A8 EE 3D A6 C5 9E F2 95 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {53b7f561-e49d-4a38-bc38-0f2642cee09c} - C:\Program Files (x86)\Max_DE\tbMax1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKCU\..\SearchScopes\{547EEAAC-3665-4e6c-B326-C622D698543A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=ASHTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{573CAE8B-BDBF-4CBF-8AA0-E06075F61301}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{A22B7BB8-1521-44F2-AFC5-67CFABC0EAFC}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2055800
IE - HKCU\..\SearchScopes\{B4F381CE-68D8-4179-A60A-797EC0C34865}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKCU\..\SearchScopes\{BFF76C5E-CBC4-495C-B661-5C006E231FBD}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Max DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledItems: {53b7f561-e49d-4a38-bc38-0f2642cee09c}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:3.3.3.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2055800&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tanjuscha\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tanjuscha\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.28 17:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.28 17:49:14 | 000,000,000 | ---D | M]

[2009.12.26 15:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Extensions
[2009.12.26 15:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.05.30 18:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions
[2010.10.28 16:40:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.20 21:45:53 | 000,000,000 | ---D | M] ("BetterSearch") -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions\{2bfc8624-5b8a-4060-b86a-e78ccbc38509}
[2012.05.21 20:16:10 | 000,000,000 | ---D | M] (Max DE Community Toolbar) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions\{53b7f561-e49d-4a38-bc38-0f2642cee09c}
[2012.05.30 18:44:01 | 000,000,000 | ---D | M] (myBabylon EnglishBB Community Toolbar) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2011.04.01 22:45:32 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions\engine@conduit.com
[2011.03.24 17:37:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Tanjuscha\AppData\Roaming\mozilla\Firefox\Profiles\st5x5m3l.default\extensions\personas@christopher.beard
[2011.11.24 18:20:56 | 000,000,933 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\11-suche.xml
[2011.11.24 18:20:56 | 000,002,419 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\englische-ergebnisse.xml
[2011.11.24 18:20:56 | 000,010,525 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\gmx-suche.xml
[2012.06.22 09:16:52 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-1.xml
[2011.10.11 14:20:19 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-10.xml
[2011.10.11 18:19:24 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-11.xml
[2011.11.08 11:19:05 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-12.xml
[2011.11.10 20:21:12 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-13.xml
[2011.03.07 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-2.xml
[2011.03.29 14:46:26 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-3.xml
[2011.03.29 14:47:44 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-4.xml
[2011.04.25 17:40:09 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-5.xml
[2011.07.10 12:46:58 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-6.xml
[2011.08.18 19:02:30 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-7.xml
[2011.09.05 09:38:11 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-8.xml
[2011.09.05 09:41:23 | 000,000,950 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin-9.xml
[2011.03.01 12:36:22 | 000,001,056 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\icqplugin.xml
[2011.11.24 18:20:56 | 000,002,457 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\lastminute.xml
[2012.05.01 12:44:17 | 000,005,489 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Roaming\Mozilla\Firefox\Profiles\st5x5m3l.default\searchplugins\webde-suche.xml
[2012.02.03 13:15:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.07 17:18:05 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.03 13:15:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2012.02.03 13:15:36 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@gmx.net
[2012.05.01 12:44:10 | 000,574,144 | ---- | M] () (No name found) -- C:\USERS\TANJUSCHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ST5X5M3L.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012.02.19 11:09:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.10.27 15:19:45 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.29 16:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.03.20 14:32:24 | 000,002,191 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 16:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Extension = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: Google Mail = C:\Users\Tanjuscha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0E3EA732-A4A8-4732-A8EE-3DA6C59EF295} - No CLSID value found.
O2 - BHO: (Max DE Toolbar) - {53b7f561-e49d-4a38-bc38-0f2642cee09c} - C:\Program Files (x86)\Max_DE\tbMax1.dll (Conduit Ltd.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Max DE Toolbar) - {53b7f561-e49d-4a38-bc38-0f2642cee09c} - C:\Program Files (x86)\Max_DE\tbMax1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Max DE Toolbar) - {53B7F561-E49D-4A38-BC38-0F2642CEE09C} - C:\Program Files (x86)\Max_DE\tbMax1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKCU..\Run: [368o0qiuym] C:\Users\Tanjuscha\368o0qiuym.exe ()
O4 - HKCU..\Run: [4Y3Y0C3AXF7W0HZWSOMGIF] C:\Recycle.Bin\B6232F3AEF5.exe (Agnese Cherish Brittne)
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [SjmLD] C:\Users\Tanjuscha\AppData\Roaming\bpSQf.exe (Agnese Cherish Brittne)
O4 - HKCU..\Run: [SkypeM] C:\Users\Tanjuscha\AppData\Local\Skype\Skype.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1521D3FE-01CF-4C64-9FCC-3F6FFD92B271}: DhcpNameServer = 195.234.128.7 195.234.128.16 85.233.58.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93FFA104-6381-4315-8EBE-67A30112E71D}: DhcpNameServer = 195.234.128.7 195.234.128.16 85.233.58.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2F4251B-3264-486F-B049-0BE5A50A54A3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\deskperf32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\EAPQEC32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\DevicePairingProxy32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\EhStorAPI32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\dfrgifps32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\EhStorAuthn32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\mx5ums5rqvho7lm32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\mrvcrz32.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\4p2uurpcyei032.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\System32\nk8xfy32.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Tanjuscha\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tanjuscha\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.06.24 16:40:59 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\OTL.exe
[2012.06.24 16:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.06.24 16:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.06.24 15:42:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.06.21 19:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
[2012.06.21 19:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenshotCaptor
[2012.06.21 19:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2012.06.20 10:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.06.20 10:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.06.20 10:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.06.20 10:34:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.06.17 20:55:53 | 000,000,000 | ---D | C] -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Katzi Fotoshootig
[2012.06.14 23:12:16 | 000,208,896 | RHS- | C] (Agnese Cherish Brittne) -- C:\Users\Tanjuscha\AppData\Roaming\bpSQf.exe
[2012.06.13 15:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2012.06.03 17:15:03 | 000,000,000 | ---D | C] -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Examensvorbereitug
[2012.05.28 17:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.05.28 17:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[8 C:\Users\Tanjuscha\Unbrauchbar\Desktop\*.tmp files -> C:\Users\Tanjuscha\Unbrauchbar\Desktop\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.24 16:41:00 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\OTL.exe
[2012.06.24 16:33:00 | 000,001,694 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.24 16:27:03 | 001,445,546 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.24 16:27:03 | 000,628,992 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.24 16:27:03 | 000,596,246 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.24 16:27:03 | 000,126,704 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.24 16:27:03 | 000,104,320 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.24 16:22:19 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1256159751-3456029678-3621447753-1000UA.job
[2012.06.24 16:22:12 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.24 16:16:16 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.24 16:16:10 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.24 16:16:10 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.24 16:15:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.24 16:15:36 | 4260,564,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.24 16:07:59 | 099,308,192 | ---- | M] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\avira_free_antivirus_de(1).exe
[2012.06.24 15:55:38 | 000,136,464 | ---- | M] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Unbenannt.jpg
[2012.06.24 15:41:57 | 649,993,665 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.24 15:09:37 | 000,001,474 | ---- | M] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Referat.lnk
[2012.06.23 11:22:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1256159751-3456029678-3621447753-1000Core.job
[2012.06.22 11:04:54 | 000,002,661 | ---- | M] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Microsoft Office Word 2007.lnk
[2012.06.21 22:52:44 | 099,308,192 | ---- | M] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\avira_free_antivirus_de.exe
[2012.06.21 19:59:18 | 000,000,058 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012.06.20 13:05:47 | 000,132,832 | ---- | M] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.06.20 13:05:47 | 000,027,760 | ---- | M] () -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.06.20 09:13:10 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTanjuscha.job
[2012.06.14 23:12:16 | 000,208,896 | RHS- | M] (Agnese Cherish Brittne) -- C:\Users\Tanjuscha\AppData\Roaming\bpSQf.exe
[2012.06.12 17:23:44 | 000,002,068 | ---- | M] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Google Chrome.lnk
[2012.06.10 20:02:38 | 000,132,608 | ---- | M] () -- C:\Users\Tanjuscha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.05 17:51:58 | 000,004,972 | ---- | M] () -- C:\Users\Tanjuscha\.recently-used.xbel
[8 C:\Users\Tanjuscha\Unbrauchbar\Desktop\*.tmp files -> C:\Users\Tanjuscha\Unbrauchbar\Desktop\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.24 16:33:00 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.24 16:06:19 | 099,308,192 | ---- | C] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\avira_free_antivirus_de(1).exe
[2012.06.24 15:55:38 | 000,136,464 | ---- | C] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\Unbenannt.jpg
[2012.06.24 15:41:57 | 649,993,665 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.06.21 22:18:04 | 099,308,192 | ---- | C] () -- C:\Users\Tanjuscha\Unbrauchbar\Desktop\avira_free_antivirus_de.exe
[2012.06.20 13:06:00 | 000,027,760 | ---- | C] () -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.06.20 13:05:59 | 000,132,832 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.06.05 17:51:58 | 000,004,972 | ---- | C] () -- C:\Users\Tanjuscha\.recently-used.xbel
[2012.05.20 12:23:10 | 000,039,424 | ---- | C] () -- C:\Users\Tanjuscha\368o0qiuym.exe
[2012.04.26 21:14:47 | 000,006,643 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpDSC_1246_navi.JPG
[2012.04.26 21:14:22 | 001,696,968 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpDSC_1246.JPG
[2011.11.30 22:48:58 | 000,000,058 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.10.15 19:58:31 | 000,000,018 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Roaming\sys386ll.dat
[2011.10.15 19:57:34 | 000,000,010 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Roaming\hhxprot5
[2010.12.05 19:51:04 | 000,164,303 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010.12.05 19:50:52 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010.11.21 22:09:33 | 001,449,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 17:27:55 | 000,043,520 | ---- | C] () -- C:\Windows\URCACMNTamd64.EXE
[2010.10.14 21:54:19 | 000,000,466 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.14 21:54:19 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.10.13 22:29:14 | 000,164,274 | ---- | C] () -- C:\Windows\hpoins19.dat.temp
[2010.10.13 22:29:14 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2010.06.19 16:58:42 | 000,000,994 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Roaming\filterclsid.dat
[2010.04.02 11:18:31 | 000,006,836 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\d3d9caps.dat
[2009.12.27 23:19:23 | 000,001,372 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Roaming\KLhANbE4O9tDS.vbs
[2009.12.08 19:30:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.10.26 16:27:34 | 000,081,946 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU.0
[2009.10.26 16:27:34 | 000,018,001 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU.JPG
[2009.10.17 23:19:31 | 000,008,402 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Roaming\wklnhst.dat
[2009.10.11 16:37:53 | 000,020,162 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpFOREST_navi.JPG
[2009.10.11 16:37:50 | 000,664,489 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpFOREST.0
[2009.10.11 16:37:50 | 000,172,170 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\tmpFOREST.JPG
[2009.10.11 12:10:05 | 000,132,608 | ---- | C] () -- C:\Users\Tanjuscha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >

ich hoffe ihr könnt mir helfen, kenne mich leider gar nicht damit aus

Alt 28.06.2012, 10:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sparkassen Trojaner 50 Tans - Standard

Sparkassen Trojaner 50 Tans



Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Antwort

Themen zu Sparkassen Trojaner 50 Tans
antivir, antivirus, autorun, avg, avira, bho, bingbar, bonjour, conduit, defender, e-banking, explorer, firefox, format, google, google earth, helper, home, intranet, logfile, microsoft office word, mozilla, opera, pdf, realtek, recycle.bin, registry, scan, search the web, searchscopes, software, sparkassen trojaner, staropen, temp, trojaner, version=1.0, vista



Ähnliche Themen: Sparkassen Trojaner 50 Tans


  1. Sparkassen Trojaner?!
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (21)
  2. Sparkassen Trojaner
    Log-Analyse und Auswertung - 05.09.2013 (13)
  3. Sparkassen-Trojaner
    Log-Analyse und Auswertung - 21.05.2013 (21)
  4. Sparkassen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.04.2013 (13)
  5. Sparkassen Trojaner
    Log-Analyse und Auswertung - 02.04.2013 (17)
  6. Sparkassen-Trojaner ? Aufforderung zur Eingabe 100 TANs
    Plagegeister aller Art und deren Bekämpfung - 27.11.2011 (11)
  7. Sparkassen Trojaner
    Log-Analyse und Auswertung - 20.10.2011 (12)
  8. Bundeskriminalpolizei(Ukash)- und Sparkassen(TANs)-Trojaner/Virus
    Log-Analyse und Auswertung - 12.08.2011 (1)
  9. Wieder Sparkassen Trojaner 20 Tans
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (4)
  10. Sparkassen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 26.12.2010 (15)
  11. Sparkassen Trojaner (50 tans) in Email
    Plagegeister aller Art und deren Bekämpfung - 25.08.2010 (11)
  12. Sparkassen Trojaner löschen - 50 tans
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (7)
  13. Sparkassen 40 TAN Trojaner
    Plagegeister aller Art und deren Bekämpfung - 16.08.2010 (5)
  14. Sparkassen-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.08.2010 (9)
  15. Sparkassen Trojaner. Eingabe von 40 TANs nötig
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (6)
  16. Sparkassen-Trojaner (40 TANs) von externer Festplatte entfernen
    Plagegeister aller Art und deren Bekämpfung - 06.08.2010 (16)
  17. Trojaner möchte 40 Tans zum Sparkassen Online Banking
    Plagegeister aller Art und deren Bekämpfung - 03.08.2010 (16)

Zum Thema Sparkassen Trojaner 50 Tans - Hallo, habe mich vor ein paar Tagen bei meinem Online-Banking anmelden wollen und dann kam die Liste in der ich 50 Tans eintragen sollte. Hab hier schon ein bisschen rumgelesen - Sparkassen Trojaner 50 Tans...
Archiv
Du betrachtest: Sparkassen Trojaner 50 Tans auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.