Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Spyhunter 4 Malware oder nicht?

Spyhunter 4 Malware oder nicht?


Plagegeister aller Art und deren Bekämpfung: Spyhunter 4 Malware oder nicht?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.12.2014, 21:22   #1
nKatsie
 
Spyhunter 4 Malware oder nicht? - Standard

Spyhunter 4 Malware oder nicht?


Danke für die Info wg. windows.old. Das war mein Fehler, hatte einen schlimmen Virus und habe dann laienhaft versucht das ganze zu lösen.....:-(

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-12-2014
Ran by Katrin at 2014-12-14 21:20:33 Run:1
Running from C:\Users\Katrin\Downloads
Loaded Profile: Katrin (Available profiles: Katrin)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\Katrin\AppData\Local\Temp\SHSetup.exe
*****************

C:\Users\Katrin\AppData\Local\Temp\SHSetup.exe => Moved successfully.

==== End of Fixlog ====

Alt 15.12.2014, 20:18   #2
nKatsie
 
Spyhunter 4 Malware oder nicht? - Standard

Spyhunter 4 Malware oder nicht?


So, hier der Scan. Nein, Probleme gibt es keine.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by Katrin (administrator) on KATRIN-PC on 15-12-2014 20:13:57
Running from C:\Users\Katrin\Downloads
Loaded Profile: Katrin (Available profiles: Katrin)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) D:\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
(Malwarebytes Corporation) D:\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\FSC\Wireless Wheel Mouse\Mouse32A.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-03-23] (Synaptics, Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [68640 2007-01-08] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [LWBMOUSE] => C:\Program Files\FSC\Wireless Wheel Mouse\MOUSE32A.EXE [356352 2001-11-09] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1089536 2008-02-19] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [86016 2007-12-21] (Brother Industries, Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2636814367-2854564503-1898298517-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2636814367-2854564503-1898298517-1000\...\Policies\system: [NoHotStart] 0
HKU\S-1-5-21-2636814367-2854564503-1898298517-1000\...\MountPoints2: {3ffe9e03-4ad8-11e4-a784-0013773ddb5a} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2636814367-2854564503-1898298517-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
SearchScopes: HKU\S-1-5-21-2636814367-2854564503-1898298517-1000 -> {9B6DF60E-1CDE-4E73-B54D-A9E942C2D32A} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-04]
FF HKU\S-1-5-21-2636814367-2854564503-1898298517-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-03-30]

Chrome: 
=======
CHR Profile: C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (YouTube) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; D:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
R2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2006-11-14] (SAMSUNG ELECTRONICS CO., LTD.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 20:13 - 2014-12-15 20:13 - 00000000 ____D () C:\Users\Katrin\Downloads\FRST-OlderVersion
2014-12-14 21:17 - 2014-12-14 21:17 - 00026451 _____ () C:\Users\Katrin\Downloads\Addition.txt
2014-12-14 13:56 - 2014-12-14 13:56 - 00001206 _____ () C:\mbam.txt
2014-12-11 10:40 - 2014-11-04 01:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 10:39 - 2014-11-07 02:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 10:31 - 2014-12-03 03:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-11 07:54 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 07:54 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 07:54 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 07:54 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 07:54 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 07:54 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 07:54 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 07:54 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-11 07:54 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 07:54 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 07:54 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 07:54 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 07:54 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 07:54 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 07:54 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-11 07:54 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 07:54 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 07:54 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 07:54 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 07:54 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 07:54 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-11 07:54 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-11 00:09 - 2014-12-15 20:12 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-11 00:09 - 2014-12-11 00:09 - 00000565 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-11 00:09 - 2014-12-11 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-11 00:09 - 2014-12-11 00:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-11 00:09 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-11 00:09 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-11 00:09 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-10 23:50 - 2014-12-10 23:50 - 00464381 _____ () C:\Users\Katrin\Downloads\SpyHunterKiller.exe
2014-12-10 16:02 - 2014-12-15 20:14 - 00013067 _____ () C:\Users\Katrin\Downloads\FRST.txt
2014-12-10 16:02 - 2014-12-15 20:14 - 00000000 ____D () C:\FRST
2014-12-10 16:01 - 2014-12-15 20:13 - 01111040 _____ (Farbar) C:\Users\Katrin\Downloads\FRST.exe
2014-12-10 13:13 - 2014-12-10 13:13 - 00000000 ____D () C:\Users\Katrin\AppData\Roaming\Enigma Software Group
2014-12-03 19:13 - 2014-12-03 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-03 19:13 - 2014-12-03 19:13 - 00002151 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2014-12-03 19:13 - 2014-12-03 19:13 - 00001083 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 6500 E710n-z.lnk
2014-12-03 19:13 - 2012-10-17 04:04 - 00580712 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5412.dll
2014-12-03 09:36 - 2014-12-03 09:36 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-12-03 09:36 - 2014-12-03 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-03 09:33 - 2014-12-03 09:35 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-12-03 09:33 - 2014-12-03 09:35 - 00000000 ____D () C:\Program Files\iTunes
2014-12-03 09:33 - 2014-12-03 09:33 - 00000000 ____D () C:\Program Files\iPod
2014-12-03 08:00 - 2014-12-03 08:00 - 00000000 ___RD () C:\Users\Katrin\AppData\Roaming\Brother
2014-11-21 17:56 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-21 17:56 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-21 17:56 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-21 17:55 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-21 17:55 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-21 17:55 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-21 17:55 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-21 17:52 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-21 17:52 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-21 17:51 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-21 17:51 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 17:50 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-21 17:48 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-21 17:48 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-21 17:48 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-21 17:48 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-21 17:47 - 2014-10-18 02:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-21 17:47 - 2014-09-05 00:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-11-21 17:38 - 2014-10-13 00:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 20:13 - 2013-08-04 16:42 - 00000000 ____D () C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-12-15 20:11 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 20:11 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 20:10 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-14 21:28 - 2006-11-02 14:01 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-14 21:28 - 2006-11-02 13:52 - 01888725 _____ () C:\Windows\WindowsUpdate.log
2014-12-14 21:27 - 2014-08-02 16:54 - 00000000 ____D () C:\Users\Katrin\Desktop\Buch
2014-12-14 21:17 - 2006-11-02 11:33 - 01564930 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-14 17:49 - 2014-05-02 00:48 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-14 15:29 - 2013-08-03 19:19 - 00000000 ___DC () C:\Windows.old
2014-12-14 14:25 - 2013-08-03 20:16 - 00000000 ____D () C:\Users\Katrin
2014-12-11 15:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-12-11 15:19 - 2013-08-04 17:36 - 00063230 _____ () C:\Windows\PFRO.log
2014-12-11 15:19 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-11 10:39 - 2013-08-04 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 10:34 - 2006-11-02 11:24 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-12-11 08:09 - 2014-05-02 01:03 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 13:12 - 2014-06-11 20:33 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-12-10 13:10 - 2014-08-02 16:54 - 00000000 ____D () C:\Users\Katrin\Desktop\Schule
2014-12-10 11:14 - 2013-08-21 20:54 - 00000000 ____D () C:\Users\Katrin\AppData\Roaming\HpUpdate
2014-12-03 19:14 - 2013-08-21 20:48 - 00000000 ____D () C:\Program Files\HP
2014-12-03 19:09 - 2013-08-21 20:48 - 00000000 ____D () C:\ProgramData\HP
2014-12-03 19:08 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\twain_32
2014-12-03 09:33 - 2014-08-14 14:27 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-12-03 09:33 - 2013-08-16 14:25 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-03 09:33 - 2013-08-16 14:18 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-02 13:46 - 2013-08-04 16:34 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-02 13:44 - 2013-08-04 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-12-02 13:44 - 2013-08-04 16:41 - 00000000 ____D () C:\Program Files\CyberLink
2014-11-27 19:50 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-24 17:55 - 2014-03-30 22:30 - 00000000 ____D () C:\Users\Katrin\AppData\Roaming\vlc
2014-11-22 17:38 - 2014-08-14 13:44 - 00000000 ____D () C:\Users\Katrin\Desktop\privat
2014-11-22 14:01 - 2006-11-02 13:47 - 00253944 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-21 16:44 - 2014-05-02 00:48 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

Some content of TEMP:
====================
C:\Users\Katrin\AppData\Local\Temp\AudibleDM_iTunesSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-14 21:16

==================== End Of Log ============================
--- --- ---
__________________
Alt 19.12.2014, 12:17   #3
nKatsie
 
Spyhunter 4 Malware oder nicht? - Standard

Spyhunter 4 Malware oder nicht?


Super! Danke
__________________
Antwort

Themen zu Spyhunter 4 Malware oder nicht?
absoluter, bedrohungen, dokumente, fehlercode %nt-autorität601, fehlercode %nt-autorität607, funktionieren, grafiken, msil/toolbar.linkury.a, msil/toolbar.linkury.c, msil/toolbar.linkury.d, msil/toolbar.linkury.e, msil/toolbar.linkury.i, pup.optional.dvdvideosofttb.a, pup.optional.koyote.a, spyhunter, spyhunter entfernen, unsicher, win32/toolbar.babylon.c, win32/toolbar.babylon.m, win32/toolbar.linkury.d, win32/toolbar.linkury.e, win32/toolbar.linkury.f, windows vista


« Hotmail verschickt Spam | Weiterleiten auf andere Seite »


Ähnliche Themen: Spyhunter 4 Malware oder nicht?


  1. Plus500 Smart Installer - Malware oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 27.07.2015 (2)
  2. viren befall ?? oder malware oder unerwuenschte software ?? oder ....
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (6)
  3. Win7 Home Premium 64 Bit Malware Colormedia + Plus-HD-1.6 + Spyhunter wie entfernen?
    Log-Analyse und Auswertung - 12.05.2015 (10)
  4. Malwarebytes Anti-Malware Pro + X (Was dazu oder nicht?)
    Antiviren-, Firewall- und andere Schutzprogramme - 05.06.2014 (16)
  5. Win7 + Malwarebytes Anti-Malware: Trojaner oder nicht?
    Log-Analyse und Auswertung - 29.04.2014 (3)
  6. Search Protect von Conduit Malware oder nicht?
    Log-Analyse und Auswertung - 11.02.2014 (16)
  7. spyhunter gut oder ?
    Log-Analyse und Auswertung - 17.01.2014 (1)
  8. komputer von spyhunter malware bereinigen
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (19)
  9. Mit Optimizer Pro und Spyhunter infiziert - Malware ._.
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (1)
  10. Explorer_exe. Virus oder nicht (19 viren malware bytes gefunden)
    Log-Analyse und Auswertung - 16.01.2013 (4)
  11. Claro Search und Spyhunter 4 Malware !
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (8)
  12. multiple Malware: Live Security Platinum, SpyHunter
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (22)
  13. Spyhunter 4 immer malware, wenn ja wie kann ich es wieder los werden
    Plagegeister aller Art und deren Bekämpfung - 03.06.2012 (12)
  14. Problem mit Spyhunter und eventuell weiteren Trojanern oder Malware
    Log-Analyse und Auswertung - 26.03.2010 (10)
  15. malware defense und spyhunter
    Plagegeister aller Art und deren Bekämpfung - 15.01.2010 (58)
  16. Malware oder nicht?
    Mülltonne - 02.01.2009 (2)
  17. Bin mir nicht sicher ob ich n Vundo oder ne andere Malware eingefangen hab!
    Log-Analyse und Auswertung - 05.06.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Spyhunter 4 Malware oder nicht? - Danke für die Info wg. windows.old. Das war mein Fehler, hatte einen schlimmen Virus und habe dann laienhaft versucht das ganze zu lösen.....:-( Code: Alles auswählen Aufklappen ATTFilter Fix result - Spyhunter 4 Malware oder nicht?...
Archiv
Du betrachtest: Spyhunter 4 Malware oder nicht? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131