Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
PopUp Trojaner

PopUp Trojaner


Plagegeister aller Art und deren Bekämpfung: PopUp Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.04.2014, 13:51   #7
millionj0ker
 
PopUp Trojaner - Standard

PopUp Trojaner


FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 02
Ran by Simon (administrator) on SIMON-PC on 26-04-2014 22:14:57
Running from C:\Users\Simon\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-26] (Microsoft Corporation)
HKU\S-1-5-21-4146840192-2193111062-978237871-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-4146840192-2193111062-978237871-1000\...\MountPoints2: {10513451-9c9b-11e3-8c63-806e6f6e6963} - D:\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB4CBEBC9BE30CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\mxnav4be.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-02-23] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-23] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-03] (Disc Soft Ltd)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-03-26] (<Turtle Entertainment>)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 EverestDriver; \??\C:\Users\Simon\AppData\Local\Temp\EverestDriver.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 21:15 - 2014-04-26 21:15 - 02347384 _____ (ESET) C:\Users\Simon\Downloads\esetsmartinstaller_deu.exe
2014-04-26 21:15 - 2014-04-26 21:15 - 00001271 _____ () C:\Users\Simon\Downloads\mbam.txt
2014-04-26 21:15 - 2014-04-26 21:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-26 19:36 - 2014-04-26 21:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 19:35 - 2014-04-26 19:35 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-26 19:35 - 2014-04-26 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-26 19:35 - 2014-04-26 19:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 19:35 - 2014-04-26 19:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-26 19:35 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-26 19:35 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-26 19:35 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-26 19:34 - 2014-04-26 19:34 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-26 14:48 - 2014-04-26 14:48 - 00030596 _____ () C:\Users\Simon\Downloads\Addition.txt
2014-04-26 14:47 - 2014-04-26 22:14 - 00008222 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-04-26 14:47 - 2014-04-26 22:14 - 00000000 ____D () C:\FRST
2014-04-26 14:47 - 2014-04-26 14:47 - 02061824 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2014-04-24 23:03 - 2014-04-24 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-24 23:02 - 2014-04-25 00:46 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 23:02 - 2014-04-24 23:02 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-04-24 23:02 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-04-24 23:01 - 2014-04-24 23:03 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-24 23:01 - 2014-04-24 23:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Simon\Downloads\spybot-2.2.25.exe
2014-04-23 23:08 - 2014-04-23 23:20 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:07 - 2014-04-23 23:07 - 01365865 _____ () C:\Users\Simon\Downloads\AdwCleaner.exe
2014-04-18 15:06 - 2014-04-18 15:06 - 28634028 _____ () C:\Users\Simon\Downloads\dance vid.mp4
2014-04-15 20:15 - 2014-04-15 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Microsoft Games
2014-04-12 16:34 - 2014-04-12 16:42 - 00000000 ____D () C:\Users\Simon\Downloads\12.04.14. MUSIK
2014-04-10 12:02 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 12:02 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 12:02 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 12:02 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 12:02 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 12:02 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 12:02 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 12:02 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 12:02 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 12:02 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-07 17:51 - 2014-04-26 21:08 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-04-07 17:51 - 2014-04-07 17:51 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-06 19:56 - 2014-04-06 21:18 - 00000000 ____D () C:\Users\Simon\Desktop\Vorstell Bilder
2014-04-06 16:33 - 2014-04-06 18:56 - 00000000 ____D () C:\Users\Simon\Desktop\adi cd
2014-04-06 16:23 - 2014-04-06 15:39 - 00000000 ____D () C:\Users\Simon\Downloads\Portfolio
2014-04-05 22:52 - 2014-04-05 22:52 - 00001801 _____ () C:\Users\Simon\Desktop\DJ MONREY INTRO.txt
2014-04-05 20:15 - 2014-04-26 21:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\IrfanView
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-04-04 18:59 - 2014-04-04 18:59 - 01192533 _____ () C:\Windows\unins000.exe
2014-04-04 18:59 - 2014-04-04 18:59 - 00018412 _____ () C:\Windows\unins000.dat
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MingGuan
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-04-02 11:33 - 2014-04-02 11:33 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\SynthMaker
2014-03-30 19:10 - 2014-03-30 20:08 - 281961389 _____ () C:\Users\Simon\Downloads\Araab Muzik Drum Kit.rar
2014-03-30 14:54 - 2014-03-30 14:56 - 281636534 _____ () C:\Users\Simon\Downloads\Clean%20Crate.zip
2014-03-30 14:40 - 2014-03-30 14:40 - 00000000 ____D () C:\Users\Simon\Documents\Ubisoft
2014-03-30 12:57 - 2014-03-30 16:33 - 00000000 ____D () C:\Users\Simon\AppData\Local\Ubisoft Game Launcher
2014-03-30 12:57 - 2014-03-30 13:54 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-30 12:57 - 2014-03-30 12:57 - 00001201 _____ () C:\Users\Simon\Desktop\Uplay.lnk
2014-03-30 12:57 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-03-29 22:14 - 2014-03-29 22:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Leadertech
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-28 17:41 - 2014-03-30 21:04 - 00019295 _____ () C:\Windows\LDPINST.LOG
2014-03-28 17:41 - 2014-03-30 21:04 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-28 17:39 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logitech
2014-03-28 17:39 - 2014-03-28 17:40 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logishrd

==================== One Month Modified Files and Folders =======

2014-04-26 22:15 - 2014-04-26 14:47 - 00008222 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-04-26 22:14 - 2014-04-26 14:47 - 00000000 ____D () C:\FRST
2014-04-26 22:09 - 2014-02-23 21:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 21:17 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 21:17 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 21:15 - 2014-04-26 21:15 - 02347384 _____ (ESET) C:\Users\Simon\Downloads\esetsmartinstaller_deu.exe
2014-04-26 21:15 - 2014-04-26 21:15 - 00001271 _____ () C:\Users\Simon\Downloads\mbam.txt
2014-04-26 21:15 - 2014-04-26 21:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-26 21:14 - 2014-02-23 17:04 - 01822075 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 21:11 - 2014-04-26 19:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 21:09 - 2014-02-23 19:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-26 21:08 - 2014-04-07 17:51 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-04-26 21:08 - 2014-03-19 00:18 - 00000000 ____D () C:\Users\Simon\AppData\Local\ESL Wire Game Client
2014-04-26 21:08 - 2014-02-23 20:47 - 00124560 _____ () C:\Windows\PFRO.log
2014-04-26 21:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 21:08 - 2009-07-14 06:51 - 00062871 _____ () C:\Windows\setupact.log
2014-04-26 21:01 - 2014-04-05 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-04-26 19:35 - 2014-04-26 19:35 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-26 19:35 - 2014-04-26 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-26 19:35 - 2014-04-26 19:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 19:35 - 2014-04-26 19:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-26 19:34 - 2014-04-26 19:34 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-26 18:26 - 2014-02-26 21:38 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-26 18:24 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-26 14:48 - 2014-04-26 14:48 - 00030596 _____ () C:\Users\Simon\Downloads\Addition.txt
2014-04-26 14:47 - 2014-04-26 14:47 - 02061824 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2014-04-25 00:46 - 2014-04-24 23:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 23:03 - 2014-04-24 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-24 23:03 - 2014-04-24 23:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-24 23:02 - 2014-04-24 23:02 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-04-24 23:01 - 2014-04-24 23:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Simon\Downloads\spybot-2.2.25.exe
2014-04-23 23:20 - 2014-04-23 23:08 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:15 - 2014-03-01 02:24 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Raptr
2014-04-23 23:07 - 2014-04-23 23:07 - 01365865 _____ () C:\Users\Simon\Downloads\AdwCleaner.exe
2014-04-19 22:46 - 2009-07-14 19:58 - 00699318 _____ () C:\Windows\system32\perfh007.dat
2014-04-19 22:46 - 2009-07-14 19:58 - 00149458 _____ () C:\Windows\system32\perfc007.dat
2014-04-19 22:46 - 2009-07-14 07:13 - 01620196 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-19 21:24 - 2014-03-03 19:55 - 00000000 ____D () C:\Users\Simon\Desktop\DJ MONREY 2014
2014-04-18 15:06 - 2014-04-18 15:06 - 28634028 _____ () C:\Users\Simon\Downloads\dance vid.mp4
2014-04-16 16:21 - 2014-02-24 17:48 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HLSW
2014-04-15 20:15 - 2014-04-15 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Microsoft Games
2014-04-15 19:52 - 2014-02-23 17:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 14:33 - 2014-02-23 21:31 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 14:33 - 2014-02-23 21:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 14:33 - 2014-02-23 21:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 14:33 - 2014-02-23 21:31 - 00000000 ____D () C:\Users\Simon\AppData\Local\Adobe
2014-04-14 14:31 - 2014-02-23 17:04 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-12 16:42 - 2014-04-12 16:34 - 00000000 ____D () C:\Users\Simon\Downloads\12.04.14. MUSIK
2014-04-10 12:45 - 2014-02-25 19:09 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 12:45 - 2014-02-25 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 17:51 - 2014-04-07 17:51 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-07 17:50 - 2014-02-23 20:29 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-06 21:18 - 2014-04-06 19:56 - 00000000 ____D () C:\Users\Simon\Desktop\Vorstell Bilder
2014-04-06 18:56 - 2014-04-06 16:33 - 00000000 ____D () C:\Users\Simon\Desktop\adi cd
2014-04-06 16:24 - 2014-03-07 21:14 - 00000000 ____D () C:\Users\Simon\Downloads\musikpacks
2014-04-06 15:39 - 2014-04-06 16:23 - 00000000 ____D () C:\Users\Simon\Downloads\Portfolio
2014-04-05 22:52 - 2014-04-05 22:52 - 00001801 _____ () C:\Users\Simon\Desktop\DJ MONREY INTRO.txt
2014-04-05 20:15 - 2014-04-05 20:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-04 21:59 - 2014-03-19 00:18 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-04-04 21:59 - 2014-03-19 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2014-04-04 21:59 - 2014-02-24 17:41 - 00000000 ____D () C:\Program Files\EslWire
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\IrfanView
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-04-04 19:57 - 2014-02-23 20:38 - 00000000 ____D () C:\Users\Simon\Desktop\DJ Keule - Personal Top 25 May DJ Edits (Serato Ready)
2014-04-04 18:59 - 2014-04-04 18:59 - 01192533 _____ () C:\Windows\unins000.exe
2014-04-04 18:59 - 2014-04-04 18:59 - 00018412 _____ () C:\Windows\unins000.dat
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MingGuan
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-04-03 09:51 - 2014-04-26 19:35 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-26 19:35 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-26 19:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 11:33 - 2014-04-02 11:33 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\SynthMaker
2014-03-31 03:16 - 2014-04-10 12:02 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 12:02 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 21:04 - 2014-03-28 17:41 - 00019295 _____ () C:\Windows\LDPINST.LOG
2014-03-30 21:04 - 2014-03-28 17:41 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-30 21:01 - 2014-02-28 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 20:08 - 2014-03-30 19:10 - 281961389 _____ () C:\Users\Simon\Downloads\Araab Muzik Drum Kit.rar
2014-03-30 16:33 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Simon\AppData\Local\Ubisoft Game Launcher
2014-03-30 15:37 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-03-30 14:56 - 2014-03-30 14:54 - 281636534 _____ () C:\Users\Simon\Downloads\Clean%20Crate.zip
2014-03-30 14:40 - 2014-03-30 14:40 - 00000000 ____D () C:\Users\Simon\Documents\Ubisoft
2014-03-30 14:17 - 2014-02-23 20:38 - 00046715 _____ () C:\Windows\DirectX.log
2014-03-30 13:54 - 2014-03-30 12:57 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-30 13:54 - 2014-02-23 19:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-30 12:57 - 2014-03-30 12:57 - 00001201 _____ () C:\Users\Simon\Desktop\Uplay.lnk
2014-03-30 12:57 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-03-29 22:14 - 2014-03-29 22:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Leadertech
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-28 17:42 - 2014-03-28 17:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logitech
2014-03-28 17:40 - 2014-03-28 17:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logishrd

Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 17:04

==================== End Of Log ============================
--- --- ---
 

Themen zu PopUp Trojaner
abspielen, aktualisieren, anweisung, browser, entfernen, flashplayer, gefunde, google, lösung, popup, problem, schei, spybot, tagen, trojaner, update, win32/adware.addlyrics.aj, win32/adware.adpeak.b, win32/adware.adpeak.d, win64/adware.adpeak.c, öffnen, öfters


« Boo/Cidox.B | Antivir meldet TR/Dropper.Gen »


Ähnliche Themen: PopUp Trojaner


  1. Polizei Popup bei Kinox, Zahlung innerhalb 46h, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 05.06.2014 (11)
  2. Werde Popup Trojaner nicht los
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (4)
  3. Windows7, Trojaner Software.Updater.UI.exe, Popup erscheint hartnäckig
    Log-Analyse und Auswertung - 21.03.2014 (17)
  4. Windows 7 Chrome Trojaner, Werbe-Popup Horror!
    Log-Analyse und Auswertung - 05.02.2014 (16)
  5. Popup Optional-Trojaner o.ä.
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (3)
  6. BKA-Trojaner durch Popup
    Log-Analyse und Auswertung - 25.10.2013 (4)
  7. Werbung & PopUp Trojaner
    Log-Analyse und Auswertung - 06.10.2013 (12)
  8. Bundespolizei-Trojaner,Wizebar Popup, Phising Alarm
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (14)
  9. BKA Trojaner: ukash bundespolizei trojaner bka popup
    Plagegeister aller Art und deren Bekämpfung - 09.08.2012 (17)
  10. Popup Trojaner gelöscht. Nun kein Systemloginscreen mehr
    Plagegeister aller Art und deren Bekämpfung - 25.04.2009 (10)
  11. Popup-Werbung trotz Popup-Blocker
    Plagegeister aller Art und deren Bekämpfung - 04.01.2009 (4)
  12. Popup-Werbung trotz Popup-Blocker
    Mülltonne - 03.01.2009 (0)
  13. trojaner (popup öffner)
    Log-Analyse und Auswertung - 12.03.2008 (5)
  14. PopUp´s / Trojaner
    Log-Analyse und Auswertung - 11.08.2007 (9)
  15. PopUp / Trojaner
    Mülltonne - 11.08.2007 (0)
  16. Trojaner Popup in Taskleiste
    Log-Analyse und Auswertung - 11.11.2006 (2)
  17. Popup Trojaner
    Log-Analyse und Auswertung - 10.11.2005 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PopUp Trojaner - FRST.txt FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 02 Ran by Simon (administrator) on SIMON-PC on 26-04-2014 22:14:57 Running - PopUp Trojaner...
Archiv
Du betrachtest: PopUp Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132