Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen

Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen


Plagegeister aller Art und deren Bekämpfung: Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.01.2014, 17:44   #1
Lehmie
 
Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen - Standard

Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Atani (administrator) on ATANI-PC on 21-01-2014 17:36:11
Running from C:\Users\Atani\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files\Lenovo\Nsd\startup.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Dropbox, Inc.) C:\Users\Atani\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-16] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-16] (Synaptics)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-07-21] (Lenovo)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-07-21] (Lenovo)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1735872 2014-01-12] (Bitdefender)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-21] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [536576 2008-08-08] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [561672 2014-01-12] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001512 2014-01-12] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [612696 2014-01-12] (Bitdefender)
HKCU\...\Run: [SecureBanking] - C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [260928 2012-02-23] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [215360 2012-02-23] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Atani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Atani\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: SearchGol
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Bitdefender Wallet) - C:\Users\Atani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2013-09-21]
CHR Extension: (AdBlock) - C:\Users\Atani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-28]
CHR Extension: (Google Wallet) - C:\Users\Atani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-01-12]

==================== Services (Whitelisted) =================

R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-23] (Lenovo)
R3 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R3 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2013-11-28] (Bitdefender)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-28] (BitDefender SRL)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2008-01-03] (Samsung Electronics)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2008-01-03] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-23] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-21] (Lenovo Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U3 BcmSqlStartupSvc; 
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U2 CLKMSVC10_3A60B698; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 17:36 - 2014-01-21 17:36 - 00015566 _____ C:\Users\Atani\Desktop\FRST.txt
2014-01-20 16:04 - 2014-01-20 16:04 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-20 16:00 - 2014-01-20 16:00 - 02347384 _____ (ESET) C:\Users\Atani\Desktop\esetsmartinstaller_enu.exe
2014-01-20 16:00 - 2014-01-20 16:00 - 00987425 _____ C:\Users\Atani\Desktop\SecurityCheck.exe
2014-01-19 17:44 - 2014-01-21 17:36 - 00000000 ____D C:\Users\Atani\Desktop\FRST-OlderVersion
2014-01-19 17:37 - 2014-01-19 17:37 - 00000000 ____D C:\Windows\ERUNT
2014-01-19 17:28 - 2014-01-19 17:29 - 00000000 ____D C:\AdwCleaner
2014-01-19 17:25 - 2014-01-19 17:22 - 01236282 _____ C:\Users\Atani\Desktop\adwcleaner.exe
2014-01-19 17:25 - 2014-01-19 17:22 - 01037068 _____ (Thisisu) C:\Users\Atani\Desktop\JRT.exe
2014-01-19 11:46 - 2014-01-19 11:46 - 00031274 _____ C:\ComboFix.txt
2014-01-19 11:38 - 2014-01-19 11:46 - 00000000 ____D C:\ComboFix
2014-01-19 11:38 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-19 11:38 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-19 11:38 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-19 11:38 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-19 11:38 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-19 11:38 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-19 11:38 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-19 11:38 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 11:37 - 2014-01-19 11:46 - 00000000 ____D C:\Qoobox
2014-01-19 11:36 - 2014-01-19 11:45 - 00000000 ____D C:\Windows\erdnt
2014-01-19 11:35 - 2014-01-19 11:35 - 05167985 ____R (Swearware) C:\Users\Atani\Desktop\ComboFix.exe
2014-01-18 14:50 - 2014-01-21 17:36 - 00000000 ____D C:\FRST
2014-01-18 14:49 - 2014-01-21 17:36 - 02077184 _____ (Farbar) C:\Users\Atani\Desktop\FRST64.exe
2014-01-17 19:06 - 2014-01-17 19:06 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-17 18:49 - 2014-01-17 18:51 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 18:49 - 2014-01-06 16:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 18:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-17 18:39 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-17 18:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-17 18:39 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-17 18:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-17 18:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-17 18:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-17 18:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-05 19:16 - 2014-01-05 19:16 - 00000000 ____D C:\Program Files (x86)\GUMA997.tmp

==================== One Month Modified Files and Folders =======

2014-01-21 17:37 - 2014-01-21 17:36 - 00015566 _____ C:\Users\Atani\Desktop\FRST.txt
2014-01-21 17:36 - 2014-01-19 17:44 - 00000000 ____D C:\Users\Atani\Desktop\FRST-OlderVersion
2014-01-21 17:36 - 2014-01-18 14:50 - 00000000 ____D C:\FRST
2014-01-21 17:36 - 2014-01-18 14:49 - 02077184 _____ (Farbar) C:\Users\Atani\Desktop\FRST64.exe
2014-01-21 17:34 - 2013-09-28 14:03 - 00000000 ___RD C:\Users\Atani\Dropbox
2014-01-21 17:34 - 2013-09-28 13:55 - 00000000 ____D C:\Users\Atani\AppData\Roaming\Dropbox
2014-01-21 17:34 - 2013-09-05 17:47 - 00000000 ___RD C:\Users\Atani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 17:34 - 2012-07-21 20:52 - 00136353 _____ C:\Windows\system32\fastboot.set
2014-01-21 17:33 - 2012-07-21 20:51 - 00000000 ____D C:\ProgramData\VeriFace
2014-01-21 17:32 - 2013-09-05 17:44 - 00170553 _____ C:\FaceProv.log
2014-01-21 17:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 17:32 - 2009-07-14 05:51 - 00057744 _____ C:\Windows\setupact.log
2014-01-20 18:19 - 2012-07-21 20:01 - 01471225 _____ C:\Windows\WindowsUpdate.log
2014-01-20 16:04 - 2014-01-20 16:04 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-20 16:03 - 2012-07-22 05:47 - 00697082 _____ C:\Windows\system32\perfh007.dat
2014-01-20 16:03 - 2012-07-22 05:47 - 00148346 _____ C:\Windows\system32\perfc007.dat
2014-01-20 16:03 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 16:00 - 2014-01-20 16:00 - 02347384 _____ (ESET) C:\Users\Atani\Desktop\esetsmartinstaller_enu.exe
2014-01-20 16:00 - 2014-01-20 16:00 - 00987425 _____ C:\Users\Atani\Desktop\SecurityCheck.exe
2014-01-20 15:58 - 2009-07-14 05:45 - 00031840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 15:58 - 2009-07-14 05:45 - 00031840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 17:37 - 2014-01-19 17:37 - 00000000 ____D C:\Windows\ERUNT
2014-01-19 17:29 - 2014-01-19 17:28 - 00000000 ____D C:\AdwCleaner
2014-01-19 17:22 - 2014-01-19 17:25 - 01236282 _____ C:\Users\Atani\Desktop\adwcleaner.exe
2014-01-19 17:22 - 2014-01-19 17:25 - 01037068 _____ (Thisisu) C:\Users\Atani\Desktop\JRT.exe
2014-01-19 17:05 - 2010-11-21 04:47 - 00078100 _____ C:\Windows\PFRO.log
2014-01-19 11:46 - 2014-01-19 11:46 - 00031274 _____ C:\ComboFix.txt
2014-01-19 11:46 - 2014-01-19 11:38 - 00000000 ____D C:\ComboFix
2014-01-19 11:46 - 2014-01-19 11:37 - 00000000 ____D C:\Qoobox
2014-01-19 11:45 - 2014-01-19 11:36 - 00000000 ____D C:\Windows\erdnt
2014-01-19 11:44 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-19 11:35 - 2014-01-19 11:35 - 05167985 ____R (Swearware) C:\Users\Atani\Desktop\ComboFix.exe
2014-01-17 19:06 - 2014-01-17 19:06 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-17 19:06 - 2013-09-28 13:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-17 18:53 - 2009-07-14 05:45 - 00331056 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 18:51 - 2014-01-17 18:49 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 18:51 - 2013-09-06 12:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 18:51 - 2012-07-21 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-17 18:41 - 2013-09-05 17:45 - 00000000 ____D C:\Users\Atani\AppData\Local\VirtualStore
2014-01-17 18:34 - 2013-09-28 13:55 - 00000000 ____D C:\Users\Atani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-12 20:00 - 2013-09-05 17:44 - 00000000 ____D C:\Users\Atani
2014-01-12 13:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-12 12:28 - 2013-10-03 12:38 - 00000000 ____D C:\Users\Atani\Ausbildung
2014-01-06 16:20 - 2014-01-17 18:49 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-05 19:16 - 2014-01-05 19:16 - 00000000 ____D C:\Program Files (x86)\GUMA997.tmp

Some content of TEMP:
====================
C:\Users\Atani\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 11:24

==================== End Of Log ============================
--- --- ---


Ups ^^

Antwort

Themen zu Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen
.dll, adblock, adobe, bluescreen, bonjour, defender, desktop, explorer, flash player, google, home, homepage, launch, malware, malware gefunden, minidump, mozilla, msiinstaller, neue seite, problem, prozess, registry, richtlinie, scan, secunia psi, sekunden, services.exe, software, starten, svchost.exe, system, teamspeak, temp


« WindowsUpdate Probleme! PC hängt sich auf! GMER lässt sich nicht ausführen! Virus? | Lollipop Network, S.L. und nationzoom eingefangen! »


Ähnliche Themen: Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen


  1. Secure Banking - Online Banking auf der sicheren Seite!
    Archiv - 29.08.2016 (471)
  2. Win7 Chrome Secure Preferences?
    Log-Analyse und Auswertung - 16.08.2015 (10)
  3. Windows 7 x64, Avast blockiert im sekundentakt werbung, Google chrome erweiterung "Unisiallees" unbekannt nicht löschbar
    Log-Analyse und Auswertung - 22.01.2015 (17)
  4. Secure Banking mit Trojan.Generic.11868194?
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (3)
  5. Secure Banking bringt: Infizierte Funktionen:PR_Write
    Plagegeister aller Art und deren Bekämpfung - 14.05.2014 (29)
  6. Secure Banking bringt: Infizierte Funktionen:PR_Write
    Antiviren-, Firewall- und andere Schutzprogramme - 08.04.2014 (2)
  7. Secure Banking meldet Malware
    Plagegeister aller Art und deren Bekämpfung - 19.02.2014 (22)
  8. Fehlermeldung in Secure Banking
    Antiviren-, Firewall- und andere Schutzprogramme - 02.08.2013 (1)
  9. Fehlermeldung bei Secure Banking
    Antiviren-, Firewall- und andere Schutzprogramme - 26.03.2013 (13)
  10. Secure-Banking
    Diskussionsforum - 22.01.2013 (1)
  11. Secure Banking Fehler Windows 8
    Log-Analyse und Auswertung - 14.12.2012 (6)
  12. Secure Banking 1.5.1 meldet immer wieder Malware
    Log-Analyse und Auswertung - 12.10.2012 (4)
  13. Müll aus Secure Banking - Online Banking auf der sicheren Seite!
    Mülltonne - 04.10.2012 (0)
  14. Secure Banking findet Malware: Unbekannt / Infizierter Prozess: iexplore.exe
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (15)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014 Ran by Atani (administrator) on ATANI-PC on 21-01-2014 17:36:11 Running from C:\Users\Atani\Desktop - Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen...
Archiv
Du betrachtest: Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132