Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Noch ein Trojaner beim Postbank Online Banking

Noch ein Trojaner beim Postbank Online Banking


Plagegeister aller Art und deren Bekämpfung: Noch ein Trojaner beim Postbank Online Banking

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.02.2013, 20:38   #1
Nyarlathotep
 
Noch ein Trojaner beim Postbank Online Banking - Standard

Noch ein Trojaner beim Postbank Online Banking


Guten Abend liebe Forengemeinde,

ich teile das Problem eines anderen Users, der vor eingen Tagen folgenden Thread eröffnete:
http://www.trojaner-board.de/130886-...ing-hilfe.html

Beim Zugriff auf mein Online Konto bei der Postbank erhalte ich die gleiche Meldung wie dort auf dem Screenshot zu sehen ist, der Text und die angegebenen Daten in der Meldung weichen geringfügig ab. Die Symptome machen sich nur hier auf meinem Netbook bemerkbar, auf meinem Desktoprechner erscheint das verdächtige Popup beim Banking nicht, die angebliche Buchung taucht nicht auf.

Wie auch meinem Leidensgenossen geraten wurde habe ich bereits den Scan mit OTL und aswMBR durchgeführt, die Logs füge ich weiter unten an.

Betriebssystem: Win7 32Bit
Browser: Firefox
Virenscanner: ESET NOD32 Antivirus

Ich wäre dankbar wenn man mir ebenso effizient weiterhelfen könnte.

__________________________________________________________
OTL.Txt log
Code:
ATTFilter
OTL logfile created on: 21.02.2013 18:59:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 3,03 Gb Available in Paging File | 75,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 48,87 Gb Free Space | 50,04% Space Free | Partition Type: NTFS
Drive D: | 200,33 Gb Total Space | 160,51 Gb Free Space | 80,12% Space Free | Partition Type: NTFS
Drive E: | 1,81 Gb Total Space | 1,17 Gb Free Space | 64,70% Space Free | Partition Type: FAT
Drive G: | 100,00 Mb Total Space | 71,82 Mb Free Space | 71,82% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\ASUS\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.)
PRC - C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
PRC - C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Programme\EeePC\HotkeyService\HotkeyService.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\Notepad++\NppShell_05.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (EhttpSrv) -- C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (eamonm) -- C:\Windows\System32\drivers\eamonm.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (epfwwfpr) -- C:\Windows\System32\drivers\epfwwfpr.sys (ESET)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AA A6 71 C4 A7 ED CD 01  [binary data]
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Amazon.de"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: fox%40replace.fx:0.14.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10025&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 23:05:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.10.12 20:12:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 23:05:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.10.12 20:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benny\AppData\Roaming\mozilla\Extensions
[2013.02.14 23:47:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benny\AppData\Roaming\mozilla\Firefox\Profiles\qdsz6o79.default\extensions
[2013.01.26 13:01:28 | 000,223,822 | ---- | M] () (No name found) -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\extensions\fox@replace.fx.xpi
[2013.02.14 23:47:57 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.21 19:07:03 | 000,002,236 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\searchplugins\gta-wiki-de.xml
[2012.12.13 10:59:30 | 000,002,765 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\searchplugins\pokwiki-de.xml
[2013.01.02 23:58:03 | 000,003,737 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\searchplugins\silent-hill-wiki-de.xml
[2012.10.15 14:39:56 | 000,002,006 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\searchplugins\urban-dictionary.xml
[2012.12.17 18:12:23 | 000,001,330 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\searchplugins\wikipedia-en.xml
[2012.10.15 13:34:51 | 000,001,997 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\mozilla\firefox\profiles\qdsz6o79.default\searchplugins\wolframalpha.xml
[2013.02.06 23:04:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.02.06 23:05:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.11 03:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 03:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 03:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 03:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 03:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 03:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SuperHybridEngine] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000..\Run: [IExplorer Util] C:\Users\Benny\AppData\Roaming\ie_util.exe ()
O4 - HKU\S-1-5-21-3499278595-1700296916-2662608250-1000..\Run: [Veeckyhub] C:\Users\Benny\AppData\Roaming\Ehwaix\aciw.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0F84E85-9CFF-4486-A5A1-7DF64FFC690B}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.21 18:45:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.02.19 15:56:04 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.19 15:55:49 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.19 15:55:49 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.19 15:55:49 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.06 23:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.21 18:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.21 18:45:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.02.21 18:40:43 | 000,014,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.21 18:40:43 | 000,014,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.21 18:37:41 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.21 18:37:41 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.21 18:37:41 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.21 18:37:41 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.21 18:33:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.21 18:33:13 | 197,778,757 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.21 18:33:11 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.19 20:43:34 | 000,273,228 | ---- | M] () -- C:\Users\***\Desktop\postbnkdesk1.png
[2013.02.19 20:42:54 | 000,233,943 | ---- | M] () -- C:\Users\***\Desktop\postbnkdesk.png
[2013.02.19 20:39:57 | 000,155,787 | ---- | M] () -- C:\Users\***\Desktop\postbnk2.png
[2013.02.19 20:39:24 | 000,145,869 | ---- | M] () -- C:\Users\***\Desktop\postbnk1.png
[2013.02.19 16:14:16 | 000,118,565 | ---- | M] () -- C:\Users\***\Desktop\postbnk.png
[2013.02.19 15:55:38 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.19 15:55:37 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.19 15:55:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.19 15:55:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.19 15:55:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.02.19 15:55:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.02.13 21:22:57 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.13 21:22:57 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.11 23:07:32 | 000,063,488 | ---- | M] () -- C:\Users\Benny\AppData\Roaming\ie_util.exe
 
========== Files Created - No Company Name ==========
 
[2013.02.19 20:45:46 | 000,273,228 | ---- | C] () -- C:\Users\***\Desktop\postbnkdesk1.png
[2013.02.19 20:45:46 | 000,233,943 | ---- | C] () -- C:\Users\***\Desktop\postbnkdesk.png
[2013.02.19 20:39:57 | 000,155,787 | ---- | C] () -- C:\Users\***\Desktop\postbnk2.png
[2013.02.19 20:39:23 | 000,145,869 | ---- | C] () -- C:\Users\***\Desktop\postbnk1.png
[2013.02.19 16:14:15 | 000,118,565 | ---- | C] () -- C:\Users\***\Desktop\postbnk.png
[2013.01.11 11:19:03 | 000,063,488 | ---- | C] () -- C:\Users\***\AppData\Roaming\ie_util.exe
[2012.12.04 13:15:54 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.10 23:18:58 | 000,004,692 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2012.10.10 23:18:58 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2012.10.10 23:17:39 | 000,219,136 | ---- | C] () -- C:\Windows\System32\AsusService.exe
[2012.10.10 23:17:38 | 000,025,616 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
[2012.10.10 22:41:25 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.11.02 01:00:40 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
Extras.Txt
Code:
ATTFilter
OTL Extras logfile created on: 21.02.2013 18:59:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Benny\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 3,03 Gb Available in Paging File | 75,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 48,87 Gb Free Space | 50,04% Space Free | Partition Type: NTFS
Drive D: | 200,33 Gb Total Space | 160,51 Gb Free Space | 80,12% Space Free | Partition Type: NTFS
Drive E: | 1,81 Gb Total Space | 1,17 Gb Free Space | 64,70% Space Free | Partition Type: FAT
Drive G: | 100,00 Mb Total Space | 71,82 Mb Free Space | 71,82% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3499278595-1700296916-2662608250-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{33A29DCF-EACA-4133-9A5B-628807E6EBDF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12833335-0F71-49D2-9723-42B2D2AB2208}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{1B877D4A-04BD-4271-9918-AEE8DC38B301}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{2F832B53-5A12-4511-94A9-428051661943}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{390DF7D4-7AB8-4F7E-AA93-EA850CA8A91E}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{70074C31-9308-4AB9-B734-BE94E132DD2D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{7C78AA30-1E87-4A80-91C2-5E1C54841F7D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{8F73F94A-C7F5-4CC0-AF6A-BDDC76AD05C8}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{B8E47168-EE24-4E28-A572-5E67622B7136}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"TCP Query User{58975714-82EB-44E6-B18F-CBB5F0D2EB88}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe | 
"TCP Query User{606CC929-7D40-448B-9C52-EEE475179BBC}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe | 
"TCP Query User{9468E7F9-9CF6-4974-AD47-42642A7D5B7D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{2440B0E7-F50A-4A9B-A07C-AB8B55D538B5}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe | 
"UDP Query User{67DD0CF9-BDAB-4ABD-9D10-463EA31EBB1A}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{BA72EA30-42CC-4E54-8B58-D81EFE1CADEF}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{32A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}" = Broadcom Wireless Network Adapter
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A66242A1-9101-425D-9BE5-D19A50E1D0D8}" = ESET NOD32 Antivirus
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.5-beta-20120426-1
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Elantech" = ETDWare PS/2-X86 8.0.5.3_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-nb-base-7.2.1.0.201210100934" = NetBeans IDE 7.2.1
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"VLC media player" = VLC media player 2.0.4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.02.2013 13:47:56 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f70    Startzeit: 
01ce105b4c2274e6    Endzeit: 15    Anwendungspfad: C:\Users\Benny\Downloads\OTL.exe    Berichts-ID:
   
 
Error - 21.02.2013 13:48:08 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:48:08 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:48:09 | Computer Name = *** | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 21.02.2013 13:48:09 | Computer Name = *** | Source = Windows Search Service | ID = 1006
Description = 
 
Error - 21.02.2013 13:56:45 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:56:45 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Windows Search Service | ID = 1006
Description = 
 
Error - 21.02.2013 13:56:56 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
[ System Events ]
Error - 21.02.2013 13:34:42 | Computer Name = *** | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 21.02.2013 13:35:20 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:35:20 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 3 Mal passiert.
 
Error - 21.02.2013 13:35:41 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%-1906441657
 
Error - 21.02.2013 13:36:36 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:36:36 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 4 Mal passiert.
 
Error - 21.02.2013 13:48:10 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:48:10 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 5 Mal passiert.
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 6 Mal passiert.
 
 
< End of report >

aswMBR.txt
Code:
ATTFilter
OTL Extras logfile created on: 21.02.2013 18:59:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Benny\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 3,03 Gb Available in Paging File | 75,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 48,87 Gb Free Space | 50,04% Space Free | Partition Type: NTFS
Drive D: | 200,33 Gb Total Space | 160,51 Gb Free Space | 80,12% Space Free | Partition Type: NTFS
Drive E: | 1,81 Gb Total Space | 1,17 Gb Free Space | 64,70% Space Free | Partition Type: FAT
Drive G: | 100,00 Mb Total Space | 71,82 Mb Free Space | 71,82% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3499278595-1700296916-2662608250-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{33A29DCF-EACA-4133-9A5B-628807E6EBDF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12833335-0F71-49D2-9723-42B2D2AB2208}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{1B877D4A-04BD-4271-9918-AEE8DC38B301}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{2F832B53-5A12-4511-94A9-428051661943}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{390DF7D4-7AB8-4F7E-AA93-EA850CA8A91E}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{70074C31-9308-4AB9-B734-BE94E132DD2D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{7C78AA30-1E87-4A80-91C2-5E1C54841F7D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{8F73F94A-C7F5-4CC0-AF6A-BDDC76AD05C8}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{B8E47168-EE24-4E28-A572-5E67622B7136}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"TCP Query User{58975714-82EB-44E6-B18F-CBB5F0D2EB88}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe | 
"TCP Query User{606CC929-7D40-448B-9C52-EEE475179BBC}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe | 
"TCP Query User{9468E7F9-9CF6-4974-AD47-42642A7D5B7D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{2440B0E7-F50A-4A9B-A07C-AB8B55D538B5}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe | 
"UDP Query User{67DD0CF9-BDAB-4ABD-9D10-463EA31EBB1A}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{BA72EA30-42CC-4E54-8B58-D81EFE1CADEF}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{32A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}" = Broadcom Wireless Network Adapter
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A66242A1-9101-425D-9BE5-D19A50E1D0D8}" = ESET NOD32 Antivirus
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.5-beta-20120426-1
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Elantech" = ETDWare PS/2-X86 8.0.5.3_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-nb-base-7.2.1.0.201210100934" = NetBeans IDE 7.2.1
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"VLC media player" = VLC media player 2.0.4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.02.2013 13:47:56 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f70    Startzeit: 
01ce105b4c2274e6    Endzeit: 15    Anwendungspfad: C:\Users\Benny\Downloads\OTL.exe    Berichts-ID:
   
 
Error - 21.02.2013 13:48:08 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:48:08 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:48:09 | Computer Name = *** | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 21.02.2013 13:48:09 | Computer Name = *** | Source = Windows Search Service | ID = 1006
Description = 
 
Error - 21.02.2013 13:56:45 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:56:45 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Windows Search Service | ID = 1006
Description = 
 
Error - 21.02.2013 13:56:56 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert
 werden. "ESENT"-Fehler: -583.
 
[ System Events ]
Error - 21.02.2013 13:34:42 | Computer Name = *** | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 21.02.2013 13:35:20 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:35:20 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 3 Mal passiert.
 
Error - 21.02.2013 13:35:41 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%-1906441657
 
Error - 21.02.2013 13:36:36 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:36:36 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 4 Mal passiert.
 
Error - 21.02.2013 13:48:10 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:48:10 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 5 Mal passiert.
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147217025.
 
Error - 21.02.2013 13:56:47 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 6 Mal passiert.
 
 
< End of report >

 

Themen zu Noch ein Trojaner beim Postbank Online Banking
7-zip, adobe, adobe reader xi, aswmbr, autorun, bho, defender, eeepc, error, eset nod32, explorer, flash player, format, install.exe, installation, jdownloader, logfile, mozilla, msiexec.exe, plug-in, popup, problem, realtek, registry, rundll, scan, security, senden, software, taskhost.exe, trojaner, udp, usb, windows


« Bei Adresse vertippt, nun unsicher ob die Seite Viren enthielt | Malware im Quelltext »


Ähnliche Themen: Noch ein Trojaner beim Postbank Online Banking


  1. Pishing mail postbank-online banking Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 13.05.2014 (17)
  2. Pishing mail postbank-online banking Anhang geöffnet
    Lob, Kritik und Wünsche - 12.05.2014 (0)
  3. Windows 7: Postbank Online-Banking Trojaner
    Log-Analyse und Auswertung - 16.01.2014 (9)
  4. Postbank Online Banking Trojaner
    Log-Analyse und Auswertung - 17.09.2013 (28)
  5. Trojaner beim Online-Banking
    Log-Analyse und Auswertung - 15.06.2013 (17)
  6. Postbank Online Banking Trojaner
    Plagegeister aller Art und deren Bekämpfung - 13.06.2013 (22)
  7. Trojaner, Postbank online Banking...HILFE!
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (10)
  8. Online Banking - TAN Abfrage beim Banking - Trojaner?
    Log-Analyse und Auswertung - 12.08.2011 (3)
  9. Trojaner Postbank Online banking Finden und Entfernen
    Plagegeister aller Art und deren Bekämpfung - 27.05.2011 (13)
  10. Postbank Online-Banking: Aufforderung zur Eingabe von 40 TANs
    Plagegeister aller Art und deren Bekämpfung - 07.02.2011 (3)
  11. falsche Postbank Online Banking Seite
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (3)
  12. Trojaner - Fishing der TANs beim Online Banking der Postbank
    Plagegeister aller Art und deren Bekämpfung - 18.10.2010 (17)
  13. Aufforderung zur Eingabe von 40 TAN's bei Postbank Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 13.09.2010 (17)
  14. BDS/Papras.PK in Windows\system21\jvienify.dll, 30 Tans bei Postbank online-Banking
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (1)
  15. Trojaner bei Online-Banking Postbank
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (16)
  16. Trojaner beim Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 19.08.2010 (38)
  17. Verdacht auf Trojaner beim Online-Banking
    Log-Analyse und Auswertung - 14.03.2009 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Noch ein Trojaner beim Postbank Online Banking - Guten Abend liebe Forengemeinde, ich teile das Problem eines anderen Users, der vor eingen Tagen folgenden Thread eröffnete: http://www.trojaner-board.de/130886-...ing-hilfe.html Beim Zugriff auf mein Online Konto bei der Postbank erhalte ich - Noch ein Trojaner beim Postbank Online Banking...
Archiv
Du betrachtest: Noch ein Trojaner beim Postbank Online Banking auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131