Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7 64 bit Rechner mit System Doctor 2014 infiziert

Windows 7 64 bit Rechner mit System Doctor 2014 infiziert


Plagegeister aller Art und deren Bekämpfung: Windows 7 64 bit Rechner mit System Doctor 2014 infiziert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 04.06.2013, 18:49   #16
tekitha
 
Windows 7 64 bit Rechner mit System Doctor 2014 infiziert - Standard

Windows 7 64 bit Rechner mit System Doctor 2014 infiziert


JRT log file
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Detlev on 04.06.2013 at 19:35:07,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2013 at 19:41:05,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Farbar FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2013 03
Ran by Detlev (administrator) on 04-06-2013 19:42:35
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\kmsem\KMService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKCU\...\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [958352 2011-07-26] (Samsung)
HKCU\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3507088 2011-07-26] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-07-26] ()
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-19] (Google Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2011-05-16] (Google)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Detlev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
PDF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
PDF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B9859738-8E39-4899-B625-9DC4174700FA}: [NameServer]192.168.0.1

==================== Services (Whitelisted) =================

S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-05-16] (Google)
R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2011-08-08] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)

==================== Drivers (Whitelisted) ====================

R3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
U0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 05328003; system32\drivers\70786640.sys [x]
S3 76489202; system32\drivers\93268158.sys [x]
U3 JavaQuickStarterService; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-04 19:42 - 2013-06-04 19:42 - 00000000 ____D C:\FRST
2013-06-04 19:41 - 2013-06-04 19:41 - 00000626 ____A C:\Users\Detlev\Desktop\JRT.txt
2013-06-04 19:35 - 2013-06-04 19:35 - 00009182 ____A C:\Users\Detlev\Desktop\ActiveScan.txt
2013-06-04 19:34 - 2013-06-04 19:34 - 00000000 ____D C:\JRT
2013-06-04 19:28 - 2013-06-04 19:28 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-06-04 19:28 - 2009-06-30 10:37 - 00033800 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\pavboot64.sys
2013-06-04 19:20 - 2013-06-04 19:20 - 00000000 ____D C:\Users\Detlev\AppData\Roaming\QuickScan
2013-06-03 22:10 - 2013-06-04 19:17 - 00000280 ____A C:\Windows\setupact.log
2013-06-03 22:10 - 2013-06-03 22:10 - 00000000 ____A C:\Windows\setuperr.log
2013-06-03 21:50 - 2013-06-03 21:50 - 00001620 ____A C:\Users\Detlev\Desktop\TreeSize.lnk
2013-06-03 20:30 - 2013-06-03 20:30 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-03 20:27 - 2013-06-03 20:27 - 00000000 ____D C:\Windows\ERUNT
2013-05-15 15:57 - 2013-05-05 23:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 15:57 - 2013-05-05 23:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 15:57 - 2013-05-05 21:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-15 15:57 - 2013-05-05 21:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-15 15:55 - 2013-04-05 03:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 15:55 - 2013-04-05 03:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 15:55 - 2013-04-05 03:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 15:55 - 2013-04-05 03:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 15:55 - 2013-04-05 02:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-15 15:55 - 2013-04-05 02:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-15 15:55 - 2013-04-05 02:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 15:55 - 2013-04-05 02:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-15 15:55 - 2013-04-05 02:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 15:55 - 2013-04-05 02:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-15 15:55 - 2013-04-05 02:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 15:55 - 2013-04-05 02:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 15:55 - 2013-04-05 02:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-15 15:55 - 2013-04-05 02:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 15:55 - 2013-04-05 00:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-15 15:55 - 2013-04-05 00:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 15:55 - 2013-04-05 00:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-15 15:55 - 2013-04-05 00:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-15 15:55 - 2013-04-05 00:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-15 15:55 - 2013-04-05 00:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-15 15:55 - 2013-04-04 23:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-15 15:55 - 2013-04-04 23:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-15 15:55 - 2013-04-04 23:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-15 15:55 - 2013-04-04 23:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-15 15:55 - 2013-04-04 23:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-15 15:55 - 2013-04-04 23:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-15 15:55 - 2013-04-04 23:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-15 15:55 - 2013-04-04 23:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 14:46 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 14:46 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 14:46 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 14:46 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 14:46 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 14:46 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 14:46 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 14:46 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 14:46 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 14:46 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 14:46 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 14:45 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 14:45 - 2013-03-19 07:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 14:45 - 2013-03-19 07:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-07 22:40 - 2013-06-03 22:56 - 00084155 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-06-04 19:42 - 2013-06-04 19:42 - 00000000 ____D C:\FRST
2013-06-04 19:41 - 2013-06-04 19:41 - 00000626 ____A C:\Users\Detlev\Desktop\JRT.txt
2013-06-04 19:40 - 2012-02-19 21:05 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 19:35 - 2013-06-04 19:35 - 00009182 ____A C:\Users\Detlev\Desktop\ActiveScan.txt
2013-06-04 19:34 - 2013-06-04 19:34 - 00000000 ____D C:\JRT
2013-06-04 19:28 - 2013-06-04 19:28 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-06-04 19:24 - 2009-07-14 06:45 - 00015904 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-04 19:24 - 2009-07-14 06:45 - 00015904 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-04 19:23 - 2011-05-16 19:12 - 01534378 ____A C:\Windows\WindowsUpdate.log
2013-06-04 19:23 - 2009-07-14 19:58 - 00659554 ____A C:\Windows\System32\perfh007.dat
2013-06-04 19:23 - 2009-07-14 19:58 - 00131686 ____A C:\Windows\System32\perfc007.dat
2013-06-04 19:23 - 2009-07-14 07:13 - 01507342 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-04 19:20 - 2013-06-04 19:20 - 00000000 ____D C:\Users\Detlev\AppData\Roaming\QuickScan
2013-06-04 19:17 - 2013-06-03 22:10 - 00000280 ____A C:\Windows\setupact.log
2013-06-04 19:17 - 2012-02-19 21:05 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-04 19:17 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 22:56 - 2013-05-07 22:40 - 00084155 ____A C:\Windows\IE10_main.log
2013-06-03 22:10 - 2013-06-03 22:10 - 00000000 ____A C:\Windows\setuperr.log
2013-06-03 22:10 - 2011-05-16 19:25 - 00000000 ____D C:\Users\Detlev\AppData\Local\VirtualStore
2013-06-03 22:09 - 2011-05-16 19:28 - 04958588 ____A C:\Windows\{00000008-00000000-00000001-00001102-00000004-20021102}.BAK
2013-06-03 22:09 - 2011-05-16 19:27 - 04958588 ____A C:\Windows\{00000008-00000000-00000001-00001102-00000004-20021102}.CDF
2013-06-03 21:50 - 2013-06-03 21:50 - 00001620 ____A C:\Users\Detlev\Desktop\TreeSize.lnk
2013-06-03 21:48 - 2012-02-19 18:41 - 01541120 ____A C:\Users\Detlev\Documents\Outlook.pst
2013-06-03 20:30 - 2013-06-03 20:30 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-03 20:27 - 2013-06-03 20:27 - 00000000 ____D C:\Windows\ERUNT
2013-05-16 12:22 - 2011-05-16 19:25 - 00000000 ___RD C:\Users\Detlev\Virtual Machines
2013-05-16 12:22 - 2009-07-14 06:45 - 00313536 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 16:05 - 2011-05-16 19:21 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 15:55 - 2011-05-16 20:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-07 22:42 - 2013-05-07 22:42 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 23:36 - 2013-05-15 15:57 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-05 23:16 - 2013-05-15 15:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-05 21:25 - 2013-05-15 15:57 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-05 21:12 - 2013-05-15 15:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-25 08:47

==================== End Of Log ============================
Farbar Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2013 03
Ran by Detlev at 2013-06-04 19:43:20 Run:
Running from H:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 10 ActiveX (Version: 10.3.181.14)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
ATI Catalyst Install Manager (Version: 3.0.825.0)
Catalyst Control Center InstallProxy (Version: 2011.0419.2218.38209)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
Java(TM) 6 Update 17 (64-bit) (Version: 6.0.170)
Java(TM) 6 Update 17 (Version: 6.0.170)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
OpenOffice.org 3.3 (Version: 3.3.9567)
Panda ActiveScan 2.0 (Version: 01.04.01.0014)
Samsung Kies (Version: 2.0.2.11071_128)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.2.2)
TreeSize Free V2.7 (Version: 2.7)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
UxStyle Core Beta (Version: 0.2.1.1)
WMV9/VC-1 Video Playback (Version: 1.0.60419.2210)

==================== Restore Points  =========================


==================== Faulty Device Manager Devices =============

Name: Standard-VGA-Grafikkarte
Description: Standard-VGA-Grafikkarte
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardgrafikkartentypen)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: PCI-Eingabegerät
Description: PCI-Eingabegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2013 07:43:21 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
   VSS-Server wird instanziiert

Error: (06/04/2013 07:43:21 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   VSS-Server wird instanziiert


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (06/04/2013 07:43:21 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   VSS-Server wird instanziiert

Error: (06/04/2013 07:43:21 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   VSS-Server wird instanziiert


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 2559.55 MB
Available physical RAM: 1314.77 MB
Total Pagefile: 5117.29 MB
Available Pagefile: 3831.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:27.95 GB) (Free:3.03 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Alte Platte System) (Fixed) (Total:9.77 GB) (Free:1.46 GB) NTFS (Disk=1 Partition=1)
Drive e: (Alte Platte Files) (Fixed) (Total:64.75 GB) (Free:34.86 GB) NTFS (Disk=1 Partition=2)
Drive h: (1 GB STICK) (Removable) (Total:0.93 GB) (Free:0.92 GB) FAT (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 28 GB) (Disk ID: 49DA7D64)
Partition 1: (Active) - (Size=28 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 75 GB) (Disk ID: 11091108)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=65 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 954 MB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=954 MB) - (Type=06)

==================== End Of Log ============================

Alt 04.06.2013, 18:51   #17
markusg
/// Malware-holic
 
Windows 7 64 bit Rechner mit System Doctor 2014 infiziert - Standard

Windows 7 64 bit Rechner mit System Doctor 2014 infiziert


kaspersky tdss killer log nachreichen, und nich wild irgendwelche tools laufen lassen, das kann mehr schaden als nutzen
__________________

__________________
Alt 04.06.2013, 20:16   #18
tekitha
 
Windows 7 64 bit Rechner mit System Doctor 2014 infiziert - Standard

Windows 7 64 bit Rechner mit System Doctor 2014 infiziert


Schau mal in den 2. Code aus meinem ersten Post, da hab ich den log gepostet.
__________________
Alt 05.06.2013, 12:04   #19
markusg
/// Malware-holic
 
Windows 7 64 bit Rechner mit System Doctor 2014 infiziert - Standard

Windows 7 64 bit Rechner mit System Doctor 2014 infiziert


kaspersky tdss killer wie folgt laufen lassen:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort
Seite 2 von 2 1 2

Themen zu Windows 7 64 bit Rechner mit System Doctor 2014 infiziert
adobe, association, desktop, explorer, explorer.exe, farbar recovery scan tool, forum, free, frst.txt, google, helper, helper.exe, home, ics, infiziert, infizierte, logfile, löschen, microsoft, regclean, regclean pro, registry, scan, security, services.exe, stick, svchost.exe, system, system doctor 2014, system32, windows, winlogon.exe


« GVU Trojaner - abgesicherter Modus funktioniert nicht | Probleme mit qvo6 und SpyHunter 4 »


Ähnliche Themen: Windows 7 64 bit Rechner mit System Doctor 2014 infiziert


  1. Windows 7 - Ist der Rechner noch infiziert?
    Log-Analyse und Auswertung - 18.04.2015 (11)
  2. Mit BKA Trojaner auf Windows XP Rechner infiziert
    Log-Analyse und Auswertung - 21.04.2014 (11)
  3. Windows 7 System mit Internet-Trojaner infiziert
    Log-Analyse und Auswertung - 19.03.2014 (26)
  4. Windows 7 Rechner mit Mysearchdial infiziert
    Log-Analyse und Auswertung - 02.02.2014 (5)
  5. System doctor 2014 -> Google -> Spyhunter 4 -> Malebytes Anti Root kit
    Log-Analyse und Auswertung - 15.06.2013 (11)
  6. Wie entferne ich System Doctor 2014?
    Log-Analyse und Auswertung - 14.06.2013 (27)
  7. Und noch ein System Doctor 2014 Opfer
    Log-Analyse und Auswertung - 10.06.2013 (7)
  8. Laptop (Win 7, 64bit) von "System Doktor 2014" infiziert
    Log-Analyse und Auswertung - 09.06.2013 (31)
  9. Laptop von "System Doctor 2014" betroffen
    Log-Analyse und Auswertung - 09.06.2013 (35)
  10. Wie System Doctor 2014 auf WinXp entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (15)
  11. System Doktor 2014 auf Windows 7
    Log-Analyse und Auswertung - 07.06.2013 (7)
  12. G Data: 2014-Update legt Rechner lahm
    Nachrichten - 04.06.2013 (0)
  13. Laptop von System Doctor 2014 befallen (Win7 / 64bit)
    Plagegeister aller Art und deren Bekämpfung - 04.06.2013 (24)
  14. System Doctor 2014 entfernen
    Anleitungen, FAQs & Links - 31.05.2013 (2)
  15. windows system mit trojaner infiziert
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (1)
  16. Antimalware Doctor. Nach Anti-Malware Rechner weiterhin infiziert
    Plagegeister aller Art und deren Bekämpfung - 30.09.2010 (1)
  17. Anitimaleware Doctor ( PC schon infiziert )
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 64 bit Rechner mit System Doctor 2014 infiziert - JRT log file Code: Alles auswählen Aufklappen ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Detlev on 04.06.2013 at - Windows 7 64 bit Rechner mit System Doctor 2014 infiziert...
Archiv
Du betrachtest: Windows 7 64 bit Rechner mit System Doctor 2014 infiziert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129