Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q

Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q


Plagegeister aller Art und deren Bekämpfung: Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.02.2014, 15:47   #9
IchBinEs
 
Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q - Standard

Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q


Servus, alles gemacht.
ESET-log
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2efc39ce033c314882fa645b056f0d62
# engine=16964
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-06 05:03:42
# local_time=2014-02-06 06:03:42 (+0100, Mitteleuropдische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1286 16777213 100 98 20263 46472544 0 0
# compatibility_mode=5893 16776573 100 94 115436 143336072 0 0
# scanned=439516
# found=0
# cleaned=0
# scan_time=9743
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date! 
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (Firefox,. Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Kaspersky Lab Kaspersky Internet Security 2013 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by *********** (administrator) on ***********-PC on 06-02-2014 22:37:09
Running from C:\Users\***********\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\***********\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Akamai Technologies, Inc.) C:\Users\***********\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [2015136 2011-05-27] (Affinegy, Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2546938539-2572638270-4167920475-1001\...\Run: [Akamai NetSession Interface] - C:\Users\***********\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2546938539-2572638270-4167920475-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-01-06] (Google Inc.)
HKU\S-1-5-21-2546938539-2572638270-4167920475-1001\...\Run: [Adobe Reader Synchronizer] - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [698760 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2546938539-2572638270-4167920475-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2546938539-2572638270-4167920475-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2546938539-2572638270-4167920475-1001\...\Policies\Explorer: [] 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Programme\Scm Group\Xilog Plus\msdxm.ocx (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {1F831FA3-42FC-11D4-95A6-0080AD30DCE1} file:///C:/Programme/AutoCAD%202002%20Deu/InstFred.ocx
DPF: HKLM-x32 {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Programme/AutoCAD%202002%20Deu/AcDcToday.ocx
DPF: HKLM-x32 {AE563724-B4F5-11D4-A415-00108302FDFD} file:///C:/Programme/AutoCAD%202002%20Deu/InstBanr.ocx
DPF: HKLM-x32 {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Programme/AutoCAD%202002%20Deu/AcPreview.ocx
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} -  No File
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Programme\Scm Group\Xilog Plus\msdxm.ocx (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\***********\AppData\Roaming\Mozilla\Firefox\Profiles\4pleikeo.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @eleco.com/o2cplayer - C:\Program Files (x86)\Eleco\o2c Player\npO2CPlayer64.DLL (ELECO Software GmbH)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @eleco.com/o2cplayer - C:\Program Files (x86)\Eleco\o2c Player\npO2CPlayer.DLL (ELECO Software GmbH)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 - C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-02-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-02-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-02-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-02-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-02-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Kaspersky URL Advisor) - C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2012-01-06]
CHR Extension: (Virtual Keyboard) - C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2012-01-06]
CHR Extension: (Anti-Banner) - C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2012-01-06]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]

==================== Services (Whitelisted) =================

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [562592 2011-05-27] (Affinegy, Inc.)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [117760 2012-11-21] (Dassault Systèmes)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] ()

==================== Drivers (Whitelisted) ====================

S2 ccdglsvc; C:\Windows\SysWow64\Drivers\ccdglsvc.sys [52060 2000-07-10] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 22:37 - 2014-02-06 22:37 - 00023566 _____ () C:\Users\***********\Desktop\FRST.txt
2014-02-06 22:37 - 2014-02-06 22:37 - 00000000 ____D () C:\Users\***********\Desktop\FRST-OlderVersion
2014-02-06 22:29 - 2014-02-06 22:29 - 00001085 _____ () C:\Users\***********\Desktop\checkup.txt
2014-02-06 22:26 - 2014-02-06 22:26 - 00987425 _____ () C:\Users\***********\Desktop\SecurityCheck.exe
2014-02-06 15:08 - 2014-02-06 15:09 - 02347384 _____ (ESET) C:\Users\***********\Desktop\esetsmartinstaller_enu.exe
2014-02-05 21:24 - 2014-02-06 22:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 21:24 - 2014-02-05 21:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 11:36 - 2014-02-05 12:17 - 00004538 _____ () C:\Users\***********\Desktop\JRT.txt
2014-02-05 10:50 - 2014-02-05 10:50 - 01037530 _____ (Thisisu) C:\Users\***********\Desktop\JRT.exe
2014-02-05 10:45 - 2014-02-05 10:45 - 00005938 _____ () C:\Users\***********\Desktop\AdwCleaner[S0].txt
2014-02-05 10:33 - 2014-02-05 10:37 - 00000000 ____D () C:\AdwCleaner
2014-02-05 10:29 - 2014-02-05 10:29 - 01166132 _____ () C:\Users\***********\Desktop\adwcleaner.exe
2014-02-05 10:22 - 2014-02-05 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 09:46 - 2014-02-05 09:46 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-05 09:46 - 2014-02-05 09:46 - 00000000 ____D () C:\Users\***********\AppData\Roaming\Malwarebytes
2014-02-05 09:46 - 2014-02-05 09:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 09:46 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-05 09:43 - 2014-02-05 09:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\***********\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-04 12:33 - 2014-02-04 12:33 - 00027427 _____ () C:\ComboFix.txt
2014-02-04 12:20 - 2014-02-04 12:33 - 00000000 ____D () C:\Qoobox
2014-02-04 12:20 - 2014-02-04 12:32 - 00000000 ____D () C:\Windows\erdnt
2014-02-04 12:20 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-04 12:20 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-04 12:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-04 12:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-04 12:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-04 12:20 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-04 12:20 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-04 12:20 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-04 12:06 - 2014-02-04 12:06 - 05179684 ____R (Swearware) C:\Users\***********\Desktop\ComboFix.exe
2014-02-03 14:25 - 2014-02-06 22:37 - 00000000 ____D () C:\FRST
2014-02-03 14:22 - 2014-02-06 22:37 - 02079744 _____ (Farbar) C:\Users\***********\Desktop\FRST64.exe
2014-02-01 15:54 - 2014-02-01 15:54 - 00029912 _____ () C:\Users\***********\Documents\56768.odt
2014-01-30 00:13 - 2014-01-30 00:21 - 23989388 _____ () C:\Users\***********\Desktop\CASCPRO.v7.1.07-iND.rar
2014-01-28 21:34 - 2014-02-06 21:36 - 00001400 _____ () C:\Windows\setupact.log
2014-01-28 21:34 - 2014-01-28 21:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-27 16:51 - 2014-01-27 16:51 - 00081508 _____ () C:\Users\***********\Documents\mond.odt
2014-01-20 20:19 - 2014-01-20 20:19 - 00011351 _____ () C:\Users\***********\Documents\Russ.odt
2014-01-19 22:54 - 2014-01-20 21:19 - 00000000 ____D () C:\Users\***********\Downloads\Capella Professional 7.1.07
2014-01-15 10:03 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 10:03 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 10:03 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 10:03 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 10:03 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 10:03 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 10:03 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 10:03 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 10:03 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 15:40 - 2014-01-14 15:40 - 00000000 ____D () C:\Users\****\Documents\capella
2014-01-14 15:40 - 2014-01-14 15:40 - 00000000 ____D () C:\Users\****\AppData\Roaming\capella-software
2014-01-12 11:56 - 2014-01-12 11:56 - 00000000 ____D () C:\Users\***********\Downloads\ya-smotryu-na-nebes-vysotu-accordeon-duett
2014-01-12 11:55 - 2014-01-12 11:55 - 00218444 _____ () C:\Users\***********\Downloads\ya-smotryu-na-nebes-vysotu-accordeon-duett.7z

==================== One Month Modified Files and Folders =======

2014-02-06 22:37 - 2014-02-06 22:37 - 00023566 _____ () C:\Users\***********\Desktop\FRST.txt
2014-02-06 22:37 - 2014-02-06 22:37 - 00000000 ____D () C:\Users\***********\Desktop\FRST-OlderVersion
2014-02-06 22:37 - 2014-02-03 14:25 - 00000000 ____D () C:\FRST
2014-02-06 22:37 - 2014-02-03 14:22 - 02079744 _____ (Farbar) C:\Users\***********\Desktop\FRST64.exe
2014-02-06 22:29 - 2014-02-06 22:29 - 00001085 _____ () C:\Users\***********\Desktop\checkup.txt
2014-02-06 22:26 - 2014-02-06 22:26 - 00987425 _____ () C:\Users\***********\Desktop\SecurityCheck.exe
2014-02-06 22:26 - 2013-10-23 09:29 - 00000344 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-02-06 22:25 - 2014-02-05 21:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 22:20 - 2012-01-07 03:38 - 01553111 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 21:45 - 2012-01-06 18:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 21:44 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 21:44 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 21:39 - 2013-02-09 17:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-06 21:37 - 2012-01-06 18:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 21:36 - 2014-01-28 21:34 - 00001400 _____ () C:\Windows\setupact.log
2014-02-06 21:36 - 2011-11-16 19:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 21:36 - 2010-11-21 04:47 - 00044808 _____ () C:\Windows\PFRO.log
2014-02-06 21:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 15:09 - 2014-02-06 15:08 - 02347384 _____ (ESET) C:\Users\***********\Desktop\esetsmartinstaller_enu.exe
2014-02-06 15:06 - 2011-03-11 10:20 - 00687010 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 15:06 - 2011-03-11 10:20 - 00147880 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 15:06 - 2009-07-14 06:13 - 01614964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-05 21:24 - 2014-02-05 21:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 21:24 - 2012-08-08 13:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 21:24 - 2011-11-16 12:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 12:17 - 2014-02-05 11:36 - 00004538 _____ () C:\Users\***********\Desktop\JRT.txt
2014-02-05 11:31 - 2012-04-26 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-05 10:51 - 2013-07-01 19:35 - 00000000 ____D () C:\Windows\ERUNT
2014-02-05 10:50 - 2014-02-05 10:50 - 01037530 _____ (Thisisu) C:\Users\***********\Desktop\JRT.exe
2014-02-05 10:45 - 2014-02-05 10:45 - 00005938 _____ () C:\Users\***********\Desktop\AdwCleaner[S0].txt
2014-02-05 10:37 - 2014-02-05 10:33 - 00000000 ____D () C:\AdwCleaner
2014-02-05 10:29 - 2014-02-05 10:29 - 01166132 _____ () C:\Users\***********\Desktop\adwcleaner.exe
2014-02-05 10:22 - 2014-02-05 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 09:46 - 2014-02-05 09:46 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-05 09:46 - 2014-02-05 09:46 - 00000000 ____D () C:\Users\***********\AppData\Roaming\Malwarebytes
2014-02-05 09:46 - 2014-02-05 09:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 09:43 - 2014-02-05 09:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\***********\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-04 18:01 - 2013-03-02 13:28 - 00000000 ____D () C:\Program Files (x86)\BibleWorkshop
2014-02-04 12:33 - 2014-02-04 12:33 - 00027427 _____ () C:\ComboFix.txt
2014-02-04 12:33 - 2014-02-04 12:20 - 00000000 ____D () C:\Qoobox
2014-02-04 12:33 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-04 12:32 - 2014-02-04 12:20 - 00000000 ____D () C:\Windows\erdnt
2014-02-04 12:32 - 2013-06-28 18:39 - 00000000 ___RD () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 12:28 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-04 12:06 - 2014-02-04 12:06 - 05179684 ____R (Swearware) C:\Users\***********\Desktop\ComboFix.exe
2014-02-01 15:54 - 2014-02-01 15:54 - 00029912 _____ () C:\Users\***********\Documents\56768.odt
2014-01-30 00:21 - 2014-01-30 00:13 - 23989388 _____ () C:\Users\***********\Desktop\CASCPRO.v7.1.07-iND.rar
2014-01-28 21:34 - 2014-01-28 21:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-27 21:13 - 2013-06-28 18:40 - 00109696 _____ () C:\Users\****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 16:51 - 2014-01-27 16:51 - 00081508 _____ () C:\Users\***********\Documents\mond.odt
2014-01-20 22:06 - 2012-03-10 22:01 - 00004428 _____ () C:\Users\***********\Documents\captune.log
2014-01-20 21:19 - 2014-01-19 22:54 - 00000000 ____D () C:\Users\***********\Downloads\Capella Professional 7.1.07
2014-01-20 20:44 - 2013-12-18 13:01 - 00001958 _____ () C:\Users\Public\Desktop\capella 7.lnk
2014-01-20 20:22 - 2012-01-06 18:43 - 00109696 _____ () C:\Users\***********\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-20 20:22 - 2009-07-14 05:45 - 00497768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-20 20:19 - 2014-01-20 20:19 - 00011351 _____ () C:\Users\***********\Documents\Russ.odt
2014-01-17 23:04 - 2013-10-13 11:47 - 00000000 ____D () C:\ProgramData\CLeVer
2014-01-17 16:29 - 2012-03-07 21:37 - 00000000 ____D () C:\Users\***********\Documents\Christliches
2014-01-16 09:38 - 2012-01-06 22:23 - 00000000 ____D () C:\Users\***********\AppData\Local\Adobe
2014-01-15 16:27 - 2013-08-17 20:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 16:26 - 2011-03-14 15:08 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 15:40 - 2014-01-14 15:40 - 00000000 ____D () C:\Users\****\Documents\capella
2014-01-14 15:40 - 2014-01-14 15:40 - 00000000 ____D () C:\Users\****\AppData\Roaming\capella-software
2014-01-12 11:56 - 2014-01-12 11:56 - 00000000 ____D () C:\Users\***********\Downloads\ya-smotryu-na-nebes-vysotu-accordeon-duett
2014-01-12 11:55 - 2014-01-12 11:55 - 00218444 _____ () C:\Users\***********\Downloads\ya-smotryu-na-nebes-vysotu-accordeon-duett.7z
2014-01-12 11:49 - 2012-05-06 19:12 - 00000000 ____D () C:\Users\***********\Downloads\Sib7
2014-01-10 09:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-07 18:34 - 2012-01-06 19:01 - 00000000 ____D () C:\Users\***********\AppData\Local\Google

Some content of TEMP:
====================
C:\Users\***********\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 11:18

==================== End Of Log ============================
--- --- ---

--- --- ---

Ich bin jetzt ein bissl irritiert, weil die drei Trojaner immer noch von Kaspersky gemeldet werden.

Zitat:
Zitat von IchBinEs Beitrag anzeigen
Ich bin jetzt ein bissl irritiert, weil die drei Trojaner immer noch von Kaspersky gemeldet werden.
Hab heute Kaspersky komplett durchlaufen lassen. Ergäbniss: kein Fund!
Die drei Trojaner wurden komischerweise trozdem im Fenster "Sicherheitsprobleme" angezeigt.
Hab dann rechts, auf den Buton "korrigieren" gedrückt und siehe da, sie waren verschwunden.
Es sieht so aus, dass ich "sauber" bin.
Vielen Dank, Schrauber für die Mühe!
Das war einer Spende wert.
 

Themen zu Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q
andere, anderen, eingefangen, gefangen, hallo zusammen, kaspersky, monate, natürlich, problem, pup.optional.24x7.a, pup.optional.bonanzadeals.a, pup.optional.digitalsite.a, pup.optional.goforfiles.a, pup.optional.installcore, pup.optional.installcore.a, pup.optional.softonic.a, pup.optional.sweetim, riskware.tool.ck, trojan.win32.generic, wssetup.exe, zusammen


« SoftwareUdater.Ui.exe stört bei Systemstart | PC und Handy gefühlt langsamer - Virustest »


Ähnliche Themen: Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q


  1. Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J
    Plagegeister aller Art und deren Bekämpfung - 13.09.2015 (12)
  2. 2 Trojaner eingefangen durch E-Mail-Anhänge // Trojan-Banker.Win32.Agent.ubo und Trojan.Win32.Yakes.ghny
    Log-Analyse und Auswertung - 19.07.2015 (28)
  3. ZoneArlarm scan ergab u.a. HEUR:Trojan.Win32.Generic , Trojan.Win32.Agent.aeqtk
    Log-Analyse und Auswertung - 11.02.2014 (9)
  4. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  5. Windows 8.1: Trojan:Win32/Meredrop, Trojan:Win32/Malagent, Trojan:Win32/Matsnu.L und Worm:Win32/Ainslot.A
    Log-Analyse und Auswertung - 19.01.2014 (5)
  6. Trojan.Win32.Bromngr.b gefunden [Win 8.1]
    Log-Analyse und Auswertung - 26.12.2013 (9)
  7. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  8. Windows7:Kapersky findet HEUR:Trojan.Win32.generic und Trojan.Downloader.Win32MultiDL (Arbeitspc!)
    Log-Analyse und Auswertung - 15.11.2013 (9)
  9. win32.bromngr.i
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (11)
  10. AdWare.Win32.Bromngr.h
    Plagegeister aller Art und deren Bekämpfung - 11.02.2013 (3)
  11. Trojaner auf PC :Trojan.Win32.Jpgiframe!E2/trojan.win32.Generic!BT
    Log-Analyse und Auswertung - 25.07.2012 (1)
  12. Trojan:Win32/Alureon.FL | PWS:Win32/Fareit.A | Trojan:Win32/Sirefef.P....Auch MBR infiziert?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (7)
  13. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  14. Mehrere Viren u.a. Trojan-Dropper.Win32.FrauDrop.bdq, Trojan.Win32.Generic
    Log-Analyse und Auswertung - 13.09.2010 (5)
  15. Trojan.Win32.Agent.delx ; Trojan-Downloader.Win32.Agent.bvst; HackTool.Win32.Kiser.fb
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (3)
  16. Trojan-Spy.Win32.Pophot.gzv / Trojan.Win32.Buzus.alwl / Virus.Win32.Virut.ce
    Plagegeister aller Art und deren Bekämpfung - 19.02.2009 (1)
  17. brauch hilfe bei: Win32/Oleloa.gen!, Trojan.Win32.Golid.g, Trojan.Win32.Small.ev
    Plagegeister aller Art und deren Bekämpfung - 29.11.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q - Servus, alles gemacht. ESET-log Code: Alles auswählen Aufklappen ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=2efc39ce033c314882fa645b056f0d62 # engine=16964 # end=finished # - Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q...
Archiv
Du betrachtest: Trojan.Win32.Bromngr.ak; Trojan.Win32.Generic; Trojan.Win32.Bromngr.q auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132