Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Interpol Trojaner

Interpol Trojaner


Plagegeister aller Art und deren Bekämpfung: Interpol Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.09.2013, 15:12   #1
Decide
 
Interpol Trojaner - Standard

Interpol Trojaner


FRST-Log:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by Krise (administrator) on KRISE-PC on 05-09-2013 16:06:56
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [x]
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-17] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd [x]
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [226920 2011-02-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Web) - hxxp://www.google.com
CHR DefaultSuggestURL: (Web) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Krise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\Krise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (Gmail) - C:\Users\Krise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-05 15:48 - 2013-09-05 15:47 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-05 15:48 - 2013-09-05 15:47 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-05 15:48 - 2013-09-05 15:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-05 15:48 - 2013-09-05 15:47 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-05 15:48 - 2013-09-05 15:47 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-09-05 15:47 - 2013-09-05 15:47 - 00000000 ____D C:\Program Files\Java
2013-09-05 15:04 - 2013-09-05 15:04 - 00024576 _____ () C:\Users\Krise\AppData\Local\uninst.tmp
2013-09-05 14:58 - 2013-09-05 14:58 - 00000000 ____D C:\Users\Krise\AppData\Roaming\InstallShield
2013-09-05 14:58 - 2013-09-05 14:58 - 00000000 ____D C:\Program Files (x86)\Sonix
2013-09-05 08:21 - 2013-09-05 08:21 - 00000000 ____D C:\Windows\ERUNT
2013-09-05 07:56 - 2013-09-05 07:56 - 00000000 ____D C:\Users\Krise\AppData\Roaming\Malwarebytes
2013-09-05 07:55 - 2013-09-05 07:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 07:43 - 2013-09-05 07:43 - 00000000 __SHD C:\found.001
2013-09-03 18:34 - 2013-09-03 18:34 - 00000000 ____D C:\FRST
2013-08-25 10:56 - 2013-08-25 10:56 - 00011947 _____ C:\Users\Krise\Downloads\html-1.2 (3).html
2013-08-18 15:38 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-18 15:38 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-18 15:38 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-18 15:38 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-18 15:38 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-18 15:38 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-18 15:38 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-18 15:38 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-18 15:38 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-18 15:38 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-18 15:38 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-18 15:38 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-18 15:38 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-18 15:38 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-18 10:47 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 10:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-18 10:47 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 10:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 10:47 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 10:47 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 10:47 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 10:47 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 10:47 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 10:47 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 10:47 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 10:47 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 10:47 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 10:47 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 10:47 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 10:47 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-05 16:00 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-05 16:00 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-05 15:57 - 2012-08-07 19:20 - 01734723 _____ C:\Windows\WindowsUpdate.log
2013-09-05 15:51 - 2012-08-31 14:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 15:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-05 15:51 - 2009-07-14 06:51 - 00075828 _____ C:\Windows\setupact.log
2013-09-05 15:47 - 2013-09-05 15:48 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-09-05 15:47 - 2013-09-05 15:48 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-05 15:47 - 2013-09-05 15:48 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-05 15:47 - 2013-09-05 15:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-05 15:47 - 2013-09-05 15:48 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-05 15:47 - 2013-09-05 15:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-09-05 15:47 - 2013-09-05 15:47 - 00000000 ____D C:\Program Files\Java
2013-09-05 15:47 - 2012-08-31 14:42 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-05 15:47 - 2012-08-31 14:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-05 15:47 - 2012-08-31 14:42 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-05 15:44 - 2011-01-12 17:50 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-05 15:15 - 2011-01-12 18:01 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-09-05 15:04 - 2013-09-05 15:04 - 00024576 _____ () C:\Users\Krise\AppData\Local\uninst.tmp
2013-09-05 15:01 - 2012-08-06 20:11 - 00000000 ____D C:\Users\Krise\AppData\Roaming\Asus WebStorage
2013-09-05 14:59 - 2012-08-07 19:15 - 00646990 _____ C:\Windows\PFRO.log
2013-09-05 14:59 - 2011-01-12 17:49 - 00000000 ____D C:\Program Files\Google
2013-09-05 14:59 - 2011-01-12 17:49 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-05 14:58 - 2013-09-05 14:58 - 00000000 ____D C:\Users\Krise\AppData\Roaming\InstallShield
2013-09-05 14:58 - 2013-09-05 14:58 - 00000000 ____D C:\Program Files (x86)\Sonix
2013-09-05 14:22 - 2012-08-31 22:50 - 00000000 ____D C:\ProgramData\Google
2013-09-05 14:22 - 2012-08-31 22:49 - 00000000 ____D C:\Users\Krise\AppData\Local\Google
2013-09-05 13:53 - 2009-08-04 12:40 - 00365612 _____ C:\Windows\system32\perfh00D.dat
2013-09-05 13:53 - 2009-08-04 12:40 - 00073266 _____ C:\Windows\system32\perfc00D.dat
2013-09-05 13:53 - 2009-08-04 12:34 - 00563860 _____ C:\Windows\system32\perfh008.dat
2013-09-05 13:53 - 2009-08-04 12:34 - 00093608 _____ C:\Windows\system32\perfc008.dat
2013-09-05 13:53 - 2009-08-04 12:28 - 00691432 _____ C:\Windows\system32\prfh0816.dat
2013-09-05 13:53 - 2009-08-04 12:28 - 00137924 _____ C:\Windows\system32\prfc0816.dat
2013-09-05 13:53 - 2009-08-04 12:22 - 00397410 _____ C:\Windows\system32\prfh0404.dat
2013-09-05 13:53 - 2009-08-04 12:22 - 00110560 _____ C:\Windows\system32\prfc0404.dat
2013-09-05 13:53 - 2009-08-04 12:15 - 00703282 _____ C:\Windows\system32\perfh013.dat
2013-09-05 13:53 - 2009-08-04 12:15 - 00137112 _____ C:\Windows\system32\perfc013.dat
2013-09-05 13:53 - 2009-08-04 12:09 - 00701198 _____ C:\Windows\system32\perfh010.dat
2013-09-05 13:53 - 2009-08-04 12:09 - 00131316 _____ C:\Windows\system32\perfc010.dat
2013-09-05 13:53 - 2009-08-04 12:03 - 00706520 _____ C:\Windows\system32\perfh00C.dat
2013-09-05 13:53 - 2009-08-04 12:03 - 00134312 _____ C:\Windows\system32\perfc00C.dat
2013-09-05 13:53 - 2009-08-04 11:57 - 00705544 _____ C:\Windows\system32\perfh00A.dat
2013-09-05 13:53 - 2009-08-04 11:57 - 00141234 _____ C:\Windows\system32\perfc00A.dat
2013-09-05 13:53 - 2009-08-04 11:51 - 00666256 _____ C:\Windows\system32\perfh007.dat
2013-09-05 13:53 - 2009-08-04 11:51 - 00134178 _____ C:\Windows\system32\perfc007.dat
2013-09-05 13:53 - 2009-07-14 07:13 - 07310304 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-05 08:21 - 2013-09-05 08:21 - 00000000 ____D C:\Windows\ERUNT
2013-09-05 07:56 - 2013-09-05 07:56 - 00000000 ____D C:\Users\Krise\AppData\Roaming\Malwarebytes
2013-09-05 07:55 - 2013-09-05 07:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 07:43 - 2013-09-05 07:43 - 00000000 __SHD C:\found.001
2013-09-03 21:48 - 2012-08-06 20:09 - 00000000 ___RD C:\Users\Krise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 18:34 - 2013-09-03 18:34 - 00000000 ____D C:\FRST
2013-09-03 11:57 - 2012-08-06 20:09 - 00000000 ___HD C:\ASUS.DAT
2013-09-03 07:47 - 2011-01-12 17:50 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-31 22:18 - 2013-01-24 14:11 - 00003118 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-08-31 14:45 - 2012-12-14 12:39 - 00000000 ____D C:\Users\Krise\AppData\Local\Windows Live
2013-08-31 14:37 - 2012-08-07 00:50 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2013-08-29 15:01 - 2013-01-24 14:10 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-08-25 10:56 - 2013-08-25 10:56 - 00011947 _____ C:\Users\Krise\Downloads\html-1.2 (3).html
2013-08-19 19:59 - 2012-12-10 19:48 - 00000000 ____D C:\Users\Krise\AppData\Roaming\SoftGrid Client
2013-08-19 14:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-08-19 14:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-07-29 07:04

==================== End Of Log ============================
--- --- ---


Falls nötig Addition-Log:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2013 01
Ran by Krise at 2013-09-05 16:08:42
Running from E:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 2012 (Version: 2012.1.2242)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
ASUS AI Recovery (x32 Version: 1.0.13)
ASUS FancyStart (x32 Version: 1.0.8)
ASUS LifeFrame3 (x32 Version: 3.0.20)
ASUS Power4Gear Hybrid (Version: 1.1.43)
ASUS SmartLogon (x32 Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0030)
ASUS Virtual Camera (x32 Version: 1.0.21)
ATK Package (x32 Version: 1.0.0008)
AVG 2012 (Version: 12.0.3211)
AVG 2012 (Version: 12.0.3222)
AVG 2012 (Version: 12.1.2242)
Bookworm Deluxe (x32)
Complément Messenger (x32 Version: 15.4.3502.0922)
Complemento Messenger (x32 Version: 15.4.3502.0922)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Cooking Dash (x32)
CyberLink LabelPrint (x32 Version: 2.5.1908)
CyberLink Power2Go (x32 Version: 6.1.3602c)
D3DX10 (x32 Version: 15.4.2368.0902)
EA Installer (x32 Version: 2.3.0.74)
ETDWare PS/2-X64 8.0.5.0_WHQL (Version: 8.0.5.0)
Fast Boot (Version: 1.0.9)
FUSSBALL MANAGER 11 (x32)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Update Helper (x32 Version: 1.3.21.153)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2291)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.400.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 9 (x32 Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Messenger 分享元件 (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
Nuance PDF Reader (x32 Version: 6.00.0041)
NVIDIA Control Panel 267.21 (Version: 267.21)
NVIDIA Graphics Driver 267.21 (Version: 267.21)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA Update Components (Version: 1.0.21)
Plants vs Zombies (x32)
QuickShare (x32 Version: 1.6.1.952)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.38.113.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6294)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10001)
Sonic Focus (x32 Version: 1.00.0000)
syncables desktop SE (x32 Version: 5.5.746.11492)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
WinFlash (x32 Version: 2.31.0)
Wireless Console 3 (x32 Version: 3.0.19)
World of Goo (x32)
Zipper (x32 Version: 1.0.3)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
מסייע Messenger (x32 Version: 15.4.3502.0922)
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (x32 Version: 15.4.5722.2)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)

==================== Restore Points  =========================

05-09-2013 12:56:10 Installed Wireless Console 3
05-09-2013 13:02:52 Removed Nuance PDF Reader.
05-09-2013 13:12:04 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
05-09-2013 13:44:55 Installed Adobe Flash Player 11 ActiveX.
05-09-2013 13:47:02 Installed Adobe Flash Player 11 Plugin.
05-09-2013 13:47:40 Installed Java 7 Update 25 (64-bit)

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started
Task: {0D909572-EAD6-4E58-8C9E-75ED62065D38} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => start osppsvc
Task: {0E517BEB-FA3D-466B-8B87-C014E75E73A9} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {1D1644EB-972B-404D-AD57-D5D535247579} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {485E28B6-3210-46AC-BB8A-06144420C326} - \RegClean Pro_UPDATES No Task File
Task: {5E477AF2-BAC1-4983-8EC3-D5E375020EB4} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {6454799E-A467-4F70-881E-4C5B66B78103} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12] (Google Inc.)
Task: {8651D6E8-5CEF-4AE7-92FC-84E77B3ECF3A} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe No File
Task: {881FEAEB-AA48-4B32-947A-FE4B8F3C4153} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {8B5CD2C6-4DFD-4BA7-A0B6-065E943ED5C9} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {8E937B68-0D08-45E4-B251-71FDBF6A4A30} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {C12012C5-397F-4104-98C2-396321DCF603} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12] (Google Inc.)
Task: {C22002BC-DA78-4247-B2E9-BBD564AD9D8E} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {D48453A9-8D0D-48DE-9BA3-1F2A670FD3C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {F9742340-F4DD-4021-ABDB-0557B756C2F9} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2010-12-18] (ASUSTek Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (whitelisted) =============

2012-08-07 19:40 - 2011-02-21 10:07 - 00226920 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2011-03-08 05:39 - 2011-01-27 02:47 - 07386112 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\FunDisc.dll
2012-08-19 17:22 - 2010-11-20 15:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdproxy.dll
2011-03-08 05:39 - 2011-01-27 02:23 - 00109056 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2011-03-08 05:39 - 2011-01-27 02:24 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2011-03-08 05:39 - 2011-01-27 02:25 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2011-03-08 05:39 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-07 19:43 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2012-08-07 19:43 - 2011-01-18 09:32 - 02838120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2012-08-07 19:43 - 2010-07-22 10:48 - 00081232 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCom64.dll
2011-03-08 05:37 - 2010-12-13 23:12 - 00351016 _____ (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDFavorite.dll
2011-03-08 05:37 - 2010-12-13 23:12 - 00335144 _____ (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDApix.dll
2011-03-08 05:37 - 2010-12-13 23:12 - 00369960 _____ (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCmds.dll
2012-08-19 17:23 - 2010-11-20 15:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Cabinet.dll
2012-08-07 00:22 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2012-02-14 04:53 - 2012-02-14 04:53 - 00366432 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgsysx.dll
2012-09-04 17:09 - 2012-09-04 17:09 - 03781960 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
2012-02-14 04:52 - 2012-02-14 04:52 - 00889696 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgntopensslx.dll
2012-09-04 17:09 - 2012-09-04 17:09 - 00063312 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL
2012-06-13 03:48 - 2012-06-13 03:48 - 00286328 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avglogx.dll
2012-11-08 04:50 - 2012-11-08 04:50 - 01066104 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcfgx.dll
2012-02-14 04:52 - 2012-02-14 04:52 - 00176992 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avglngx.dll
2012-07-31 03:36 - 2012-07-31 03:36 - 00851576 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidpsdkx.dll
2012-07-26 03:23 - 2012-07-26 03:23 - 03178104 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avguires.dll
2012-02-14 04:52 - 2012-02-14 04:52 - 00343392 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidpmx.dll
2012-06-13 03:48 - 2012-06-13 03:48 - 00507512 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgsrmx.dll
2012-03-23 05:56 - 2012-03-23 05:56 - 00385920 _____ (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgdecider.dll
2009-07-14 01:42 - 2009-07-14 03:14 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/05/2013 04:01:58 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event

Error: (09/05/2013 04:01:58 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/05/2013 03:54:56 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (09/05/2013 03:54:26 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (09/05/2013 03:37:46 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event

Error: (09/05/2013 03:37:46 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/05/2013 03:31:26 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (09/05/2013 03:30:56 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (09/05/2013 03:10:27 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event

Error: (09/05/2013 03:10:26 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.


System errors:
=============
Error: (09/05/2013 03:53:05 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ASLDR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/05/2013 03:51:21 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.

Error: (09/05/2013 03:29:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (09/05/2013 03:27:24 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.

Error: (09/05/2013 03:00:19 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.

Error: (09/05/2013 02:17:04 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.

Error: (09/05/2013 11:55:48 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.


Microsoft Office Sessions:
=========================
Error: (09/05/2013 04:01:58 PM) (Source: CVHSVC)(User: )
Description: Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event

Error: (09/05/2013 04:01:58 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/05/2013 03:54:56 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (09/05/2013 03:54:26 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (09/05/2013 03:37:46 PM) (Source: CVHSVC)(User: )
Description: Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event

Error: (09/05/2013 03:37:46 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/05/2013 03:31:26 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (09/05/2013 03:30:56 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (09/05/2013 03:10:27 PM) (Source: CVHSVC)(User: )
Description: Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event

Error: (09/05/2013 03:10:26 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 6055.85 MB
Available physical RAM: 4411.13 MB
Total Pagefile: 12109.89 MB
Available Pagefile: 10517.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:571.17 GB) (Free:514.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (KINGSTON) (Removable) (Total:28.8 GB) (Free:28.74 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: FD65E542)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=571 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 29 GB) (Disk ID: 15724949)
Partition 1: (Active) - (Size=29 GB) - (Type=0B)

==================== End Of Log ============================

Antwort

Themen zu Interpol Trojaner
adobe, adobe flash player, association, bootmgr, farbar, farbar recovery scan tool, flash player, focus, hdaudio.sys, helper, html/iframe.b.gen, java/exploit.agent.pll, js/exploit.pdfka.qhe, log, microsoft, nvpciflt.sys, regclean, services.exe, smartbar, svchost.exe, trojaner, usbvideo.sys, wallpaper, win32/reveton.u, winlogon.exe


« Win 7 - Verdacht auf Virenbefall, Internet spinnt | Pop-Up: Spyware gefunden; langsamer Rechner »


Ähnliche Themen: Interpol Trojaner


  1. Interpol Trojaner
    Log-Analyse und Auswertung - 20.11.2014 (7)
  2. Interpol Trojaner
    Log-Analyse und Auswertung - 21.10.2014 (25)
  3. GUV/Interpol-Trojaner Win 7/32 Bit
    Log-Analyse und Auswertung - 21.04.2014 (10)
  4. Interpol hat zugeschlagen! Interpol Troyaner/Virus legt Rechner Lahm!
    Log-Analyse und Auswertung - 30.03.2014 (7)
  5. Interpol Trojaner
    Log-Analyse und Auswertung - 20.03.2014 (16)
  6. Interpol Trojaner 100€ etc..
    Log-Analyse und Auswertung - 23.02.2014 (1)
  7. Trojaner Interpol Win XP - trotz abgesicherten Modus kein Zugriff - Standard AW: Trojaner Interpol Win XP - trotz abgesicherten Modus kein
    Log-Analyse und Auswertung - 18.02.2014 (18)
  8. GVU Interpol Trojaner!
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (1)
  9. interpol bka trojaner!
    Log-Analyse und Auswertung - 12.12.2013 (14)
  10. Interpol Trojaner
    Plagegeister aller Art und deren Bekämpfung - 25.11.2013 (14)
  11. GVU-Interpol-BKA-Trojaner
    Log-Analyse und Auswertung - 01.11.2013 (17)
  12. Bka interpol trojaner
    Log-Analyse und Auswertung - 29.10.2013 (7)
  13. Interpol-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.10.2013 (16)
  14. Interpol-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (9)
  15. Interpol-Trojaner
    Log-Analyse und Auswertung - 02.09.2013 (1)
  16. Trojaner - Interpol
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (3)
  17. Interpol trojaner
    Log-Analyse und Auswertung - 27.05.2013 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Interpol Trojaner - FRST-Log: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01 Ran by Krise (administrator) on KRISE-PC on 05-09-2013 16:06:56 Running - Interpol Trojaner...
Archiv
Du betrachtest: Interpol Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131