Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Interpol Trojaner sperrt mein Laptop

Interpol Trojaner sperrt mein Laptop


Plagegeister aller Art und deren Bekämpfung: Interpol Trojaner sperrt mein Laptop

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.11.2013, 19:46   #1
kb_king
 
Interpol Trojaner sperrt mein Laptop - Standard

Interpol Trojaner sperrt mein Laptop


Hallo,
heute hat es mich nun auch erwischt.
Der Internet Trojaner hat mein Laptop gesperrt. Ich war ganz normal am surfen als plötzlich der Bildschirm von "Interpol" auf ging in dem ich zu einer Zahlung von 100,- Euronen aufgefordert werde.

Ich habe Windows 7/64Bit auf meinem Laptop.

Nun hoffe ich auf eure Hilfe

ich bin euren Anweisungen hier gefolgt und habe über frst64.exe mein Laptop gescannt und folgende Logfile kam dabei heraus:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by SYSTEM on MININT-84PFHP9 on 16-11-2013 19:05:33
Running from G:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-09-02] (Nero AG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-03] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [KMCONFIG] - C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM-x32\...\Run: [PinnacleDriverCheck] - C:\Windows\SysWOW64\PSDrvCheck.exe [406016 2003-09-19] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MailCheck IE Broker] - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1516608 2013-05-27] (1und1 Mail und Media GmbH)
HKU\kb_king\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-12] (Google Inc.)
HKU\kb_king\...\Run: [Gadwin PrintScreen] - C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2010-10-14] (Gadwin Systems, Inc)
HKU\kb_king\...\Run: [RSS] - C:\Users\kb_king\AppData\Roaming\Adobe\Flash Player\File Cache\file.vbs [78 2012-07-02] ()
HKU\kb_king\...\Run: [EPSON SX420W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_S6C78.tmp" /EF "HKCU"
HKU\kb_king\...\Run: [Keycotvoi] - C:\Users\kb_king\AppData\Roaming\Daowz\guyv.exe
HKU\kb_king\...\Run: [EPSON SX420W Series (Kopie 1)] - C:\Windows\Temp\E_S8558.tmp [168 2013-11-03] ()
HKU\kb_king\...\RunOnce: [*IE11Update] - C:\Users\kb_king\AppData\Local\Temp\IE11Update.exe [73728 2013-11-16] ()
AppInit_DLLs-x32:   [ ] ()
IMEO\cfaddgadgets.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\cfmain.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\cfprofile.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hsscp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\ndstray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\openvpntray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk * lsdelete

==================== Services (Whitelisted) =================

S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-12-19] (Freemake)
S4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.)
S4 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] ()
S4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] ()
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.)
S2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [208896 2007-04-05] (UASSOFT.COM)
S2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [1737728 2012-09-20] (Lavasoft Limited                                                  )
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [141400 2013-03-11] (SlySoft, Inc.)
S3 AnyDVD; C:\Windows\SysWow64\Drivers\AnyDVD.sys [141400 2013-03-11] (SlySoft, Inc.)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-07] (Avira Operations GmbH & Co. KG)
S1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)
S3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-05-26] ()
S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S2 npf; C:\Windows\SysWow64\drivers\npf.sys [50704 2009-10-21] (CACE Technologies, Inc.)
S2 NSHE; C:\Windows\SysWow64\Drivers\NSHE.SYS [97792 2008-05-23] (T0r0)
S3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek)
S3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [47168 2012-09-20] (Saitek)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-12-25] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2009-02-28] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-16 19:04 - 2013-11-16 19:04 - 00000000 ____D C:\FRST
2013-11-16 14:31 - 2013-11-16 14:31 - 104552080 _____ C:\Windows\SysWOW64\裸郾µ
2013-11-15 02:28 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-15 02:28 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-15 02:28 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-11-15 02:28 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-15 02:28 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-11-15 02:28 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-15 02:28 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-15 02:28 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-15 02:28 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-15 02:28 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-15 02:28 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-15 02:28 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 17:04 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-11-14 17:04 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 17:03 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-11-14 17:03 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-11-14 17:03 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-11-14 17:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 17:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 17:03 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-14 17:03 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll
2013-11-14 17:03 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-11-14 17:03 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 17:03 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 17:03 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 17:03 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-11-14 17:03 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 17:03 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-11-14 17:03 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-11-14 17:03 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-11-14 17:03 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-11-14 17:03 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-11-14 17:03 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-11-14 17:03 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-11-14 17:03 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-11-14 17:03 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-11-14 17:03 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 17:03 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 17:03 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 17:03 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 17:03 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-11-14 17:03 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-11-12 19:57 - 2013-11-12 19:57 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_SaiK1703_01009.Wdf
2013-11-12 18:51 - 2013-11-12 18:51 - 103974937 _____ C:\Windows\SysWOW64\碍鹞¥
2013-11-04 18:03 - 2013-11-04 18:03 - 104964650 _____ C:\Windows\SysWOW64\�窃µ
2013-11-01 13:55 - 2013-11-01 13:55 - 00000000 ____D C:\Program Files\WEB.DE MailCheck
2013-11-01 13:55 - 2013-11-01 13:55 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck
2013-10-31 20:05 - 2013-10-31 21:37 - 01957022 _____ C:\Users\kb_king\Desktop\ScreenShot001.bmp
2013-10-30 19:27 - 2013-10-30 19:27 - 104193179 _____ C:\Windows\SysWOW64\载痈€
2013-10-28 18:53 - 2013-10-28 18:53 - 103746026 _____ C:\Windows\SysWOW64\梛玉@
2013-10-22 19:15 - 2013-10-22 19:15 - 102329055 _____ C:\Windows\SysWOW64\쵏料M

==================== One Month Modified Files and Folders =======

2013-11-16 19:04 - 2013-11-16 19:04 - 00000000 ____D C:\FRST
2013-11-16 18:56 - 2011-06-05 14:18 - 00324717 _____ C:\aaw7boot.log
2013-11-16 18:07 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-16 18:07 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-16 17:59 - 2013-06-26 17:07 - 00015020 _____ C:\Windows\setupact.log
2013-11-16 17:59 - 2013-06-11 18:04 - 00000408 _____ C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2013-11-16 17:42 - 2010-12-06 19:05 - 01210608 _____ C:\Windows\WindowsUpdate.log
2013-11-16 14:31 - 2013-11-16 14:31 - 104552080 _____ C:\Windows\SysWOW64\裸郾µ
2013-11-15 02:27 - 2013-08-14 12:13 - 00000000 ____D C:\Windows\System32\MRT
2013-11-15 02:24 - 2011-01-31 22:15 - 82896128 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-11-15 02:17 - 2011-05-29 22:38 - 00000064 _____ C:\Windows\SysWOW64\rp_stats.dat
2013-11-15 02:17 - 2011-05-29 22:38 - 00000044 _____ C:\Windows\SysWOW64\rp_rules.dat
2013-11-14 09:50 - 2012-06-08 18:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 09:50 - 2012-06-08 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 09:50 - 2011-05-19 07:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 09:48 - 2011-02-01 16:52 - 00000000 ____D C:\Users\kb_king\AppData\Local\Adobe
2013-11-13 18:08 - 2011-10-10 21:22 - 00000000 ____D C:\Users\kb_king\Desktop\Neuer Ordner (2)
2013-11-12 19:57 - 2013-11-12 19:57 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_SaiK1703_01009.Wdf
2013-11-12 18:51 - 2013-11-12 18:51 - 103974937 _____ C:\Windows\SysWOW64\碍鹞¥
2013-11-04 21:17 - 2013-10-11 17:44 - 00000000 ____D C:\Users\kb_king\AppData\Roaming\Daowz
2013-11-04 20:23 - 2013-10-11 17:44 - 00000000 ____D C:\Users\kb_king\AppData\Roaming\Xaecmi
2013-11-04 18:03 - 2013-11-04 18:03 - 104964650 _____ C:\Windows\SysWOW64\�窃µ
2013-11-03 17:24 - 2009-07-14 18:58 - 00654852 _____ C:\Windows\System32\perfh007.dat
2013-11-03 17:24 - 2009-07-14 18:58 - 00130434 _____ C:\Windows\System32\perfc007.dat
2013-11-03 17:24 - 2009-07-14 06:13 - 01500294 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-01 13:55 - 2013-11-01 13:55 - 00000000 ____D C:\Program Files\WEB.DE MailCheck
2013-11-01 13:55 - 2013-11-01 13:55 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck
2013-10-31 21:37 - 2013-10-31 20:05 - 01957022 _____ C:\Users\kb_king\Desktop\ScreenShot001.bmp
2013-10-30 19:27 - 2013-10-30 19:27 - 104193179 _____ C:\Windows\SysWOW64\载痈€
2013-10-28 18:53 - 2013-10-28 18:53 - 103746026 _____ C:\Windows\SysWOW64\梛玉@
2013-10-22 19:15 - 2013-10-22 19:15 - 102329055 _____ C:\Windows\SysWOW64\쵏料M

Some content of TEMP:
====================
C:\Users\kb_king\AppData\Local\Temp\IE11Update.exe
C:\Users\kb_king\AppData\Local\Temp\lmkpvhcnwuxvvvpprnu.bfg
C:\Users\kb_king\AppData\Local\Temp\monare.exe
C:\Users\kb_king\AppData\Local\Temp\SkypeSetup.exe
C:\Users\kb_king\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\kb_king\AppData\Local\Temp\uninst1.exe
C:\Users\kb_king\AppData\Local\Temp\~tmf4748281027464290851.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3835.7 MB
Available physical RAM: 3229.11 MB
Total Pagefile: 3833.84 MB
Available Pagefile: 3259.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:116.44 GB) (Free:17.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:116.05 GB) (Free:30.68 GB) NTFS
Drive e: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (KB_KING) (Removable) (Total:0.06 GB) (Free:0.06 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 46A63B1C)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 61 MB) (Disk ID: B054450D)
Partition 1: (Active) - (Size=61 MB) - (Type=06)


LastRegBack: 2013-06-08 08:31

==================== End Of Log ============================

 

Themen zu Interpol Trojaner sperrt mein Laptop
.com, ad-aware, association, bildschirm, desktop, explorer, farbar recovery scan tool, flash player, google, hotspot, install.exe, lws.exe, openvpn, pup.optional.babylon.a, pup.optional.crossrider, pup.optional.dealply.a, pup.optional.delta, pup.optional.delta.a, registry, services.exe, software, svchost.exe, system, usb, windows, zahlung


« ad.yieldmanager & ib.adnsx Pop Up Virus entfernen | Trojan.Agent/Gen gefunden- Wie sicher entfernen? »


Ähnliche Themen: Interpol Trojaner sperrt mein Laptop


  1. Interpol Trojaner sperrt den Computer
    Log-Analyse und Auswertung - 19.11.2014 (11)
  2. Trojaner GVU sperrt Laptop
    Plagegeister aller Art und deren Bekämpfung - 22.10.2014 (23)
  3. Interpol sperrt Windows7 Notebook
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (14)
  4. Windows XP - Interpol GVU Virus sperrt PC nach dem Booten
    Log-Analyse und Auswertung - 16.02.2014 (3)
  5. Polizei-Trojaner sperrt Windows-XP Laptop
    Plagegeister aller Art und deren Bekämpfung - 06.02.2014 (3)
  6. Interpol-Virus sperrt Computer
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (8)
  7. Trojaner sperrt laptop
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (2)
  8. fake interpol sperrt bildschirm
    Plagegeister aller Art und deren Bekämpfung - 22.09.2013 (11)
  9. Interpol / Ukash sperrt Benutzerkonto
    Log-Analyse und Auswertung - 04.05.2013 (32)
  10. Interpol / Ukash sperrt Benutzerkonto - WindowsXP 64bit
    Log-Analyse und Auswertung - 25.11.2012 (2)
  11. Österreichischer Polizei Trojaner sperrt Win 7 Laptop
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (8)
  12. GVU (Bundespolizei) Trojaner mit Webcam sperrt Laptop
    Log-Analyse und Auswertung - 24.10.2012 (2)
  13. Interpol / Ukash sperrt Benutzerkonto - WindowsXP 32bit
    Log-Analyse und Auswertung - 16.10.2012 (33)
  14. Trojaner GVU 2.07 Sperrt mein System
    Log-Analyse und Auswertung - 29.09.2012 (2)
  15. Trojaner sperrt mein Thema
    Lob, Kritik und Wünsche - 19.04.2012 (1)
  16. Bundespolizei Trojaner sperrt Laptop
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (12)
  17. Der Ukash-BKA Trojaner sperrt Laptop
    Log-Analyse und Auswertung - 17.07.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Interpol Trojaner sperrt mein Laptop - Hallo, heute hat es mich nun auch erwischt. Der Internet Trojaner hat mein Laptop gesperrt. Ich war ganz normal am surfen als plötzlich der Bildschirm von "Interpol" auf ging in - Interpol Trojaner sperrt mein Laptop...
Archiv
Du betrachtest: Interpol Trojaner sperrt mein Laptop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19