Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 7 64 bit Rechner mit System Doctor 2014 infiziert (https://www.trojaner-board.de/135991-windows-7-64-bit-rechner-system-doctor-2014-infiziert.html)

tekitha 04.06.2013 18:49
JRT log file
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Detlev on 04.06.2013 at 19:35:07,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2013 at 19:41:05,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Farbar FRST.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2013 03
Ran by Detlev (administrator) on 04-06-2013 19:42:35
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\kmsem\KMService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKCU\...\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [958352 2011-07-26] (Samsung)
HKCU\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3507088 2011-07-26] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-07-26] ()
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-19] (Google Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2011-05-16] (Google)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Detlev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
PDF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
PDF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B9859738-8E39-4899-B625-9DC4174700FA}: [NameServer]192.168.0.1

==================== Services (Whitelisted) =================

S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-05-16] (Google)
R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2011-08-08] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)

==================== Drivers (Whitelisted) ====================

R3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
U0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 05328003; system32\drivers\70786640.sys [x]
S3 76489202; system32\drivers\93268158.sys [x]
U3 JavaQuickStarterService;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-04 19:42 - 2013-06-04 19:42 - 00000000 ____D C:\FRST
2013-06-04 19:41 - 2013-06-04 19:41 - 00000626 ____A C:\Users\Detlev\Desktop\JRT.txt
2013-06-04 19:35 - 2013-06-04 19:35 - 00009182 ____A C:\Users\Detlev\Desktop\ActiveScan.txt
2013-06-04 19:34 - 2013-06-04 19:34 - 00000000 ____D C:\JRT
2013-06-04 19:28 - 2013-06-04 19:28 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-06-04 19:28 - 2009-06-30 10:37 - 00033800 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\pavboot64.sys
2013-06-04 19:20 - 2013-06-04 19:20 - 00000000 ____D C:\Users\Detlev\AppData\Roaming\QuickScan
2013-06-03 22:10 - 2013-06-04 19:17 - 00000280 ____A C:\Windows\setupact.log
2013-06-03 22:10 - 2013-06-03 22:10 - 00000000 ____A C:\Windows\setuperr.log
2013-06-03 21:50 - 2013-06-03 21:50 - 00001620 ____A C:\Users\Detlev\Desktop\TreeSize.lnk
2013-06-03 20:30 - 2013-06-03 20:30 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-03 20:27 - 2013-06-03 20:27 - 00000000 ____D C:\Windows\ERUNT
2013-05-15 15:57 - 2013-05-05 23:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 15:57 - 2013-05-05 23:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 15:57 - 2013-05-05 21:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-15 15:57 - 2013-05-05 21:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-15 15:55 - 2013-04-05 03:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 15:55 - 2013-04-05 03:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 15:55 - 2013-04-05 03:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 15:55 - 2013-04-05 03:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 15:55 - 2013-04-05 02:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-15 15:55 - 2013-04-05 02:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-15 15:55 - 2013-04-05 02:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 15:55 - 2013-04-05 02:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-15 15:55 - 2013-04-05 02:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 15:55 - 2013-04-05 02:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-15 15:55 - 2013-04-05 02:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 15:55 - 2013-04-05 02:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 15:55 - 2013-04-05 02:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-15 15:55 - 2013-04-05 02:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 15:55 - 2013-04-05 00:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-15 15:55 - 2013-04-05 00:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 15:55 - 2013-04-05 00:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-15 15:55 - 2013-04-05 00:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-15 15:55 - 2013-04-05 00:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-15 15:55 - 2013-04-05 00:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-15 15:55 - 2013-04-04 23:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-15 15:55 - 2013-04-04 23:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-15 15:55 - 2013-04-04 23:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-15 15:55 - 2013-04-04 23:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-15 15:55 - 2013-04-04 23:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-15 15:55 - 2013-04-04 23:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-15 15:55 - 2013-04-04 23:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-15 15:55 - 2013-04-04 23:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 14:46 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 14:46 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 14:46 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 14:46 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 14:46 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 14:46 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 14:46 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 14:46 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 14:46 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 14:46 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 14:46 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 14:45 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 14:45 - 2013-03-19 07:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 14:45 - 2013-03-19 07:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-07 22:40 - 2013-06-03 22:56 - 00084155 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-06-04 19:42 - 2013-06-04 19:42 - 00000000 ____D C:\FRST
2013-06-04 19:41 - 2013-06-04 19:41 - 00000626 ____A C:\Users\Detlev\Desktop\JRT.txt
2013-06-04 19:40 - 2012-02-19 21:05 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 19:35 - 2013-06-04 19:35 - 00009182 ____A C:\Users\Detlev\Desktop\ActiveScan.txt
2013-06-04 19:34 - 2013-06-04 19:34 - 00000000 ____D C:\JRT
2013-06-04 19:28 - 2013-06-04 19:28 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-06-04 19:24 - 2009-07-14 06:45 - 00015904 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-04 19:24 - 2009-07-14 06:45 - 00015904 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-04 19:23 - 2011-05-16 19:12 - 01534378 ____A C:\Windows\WindowsUpdate.log
2013-06-04 19:23 - 2009-07-14 19:58 - 00659554 ____A C:\Windows\System32\perfh007.dat
2013-06-04 19:23 - 2009-07-14 19:58 - 00131686 ____A C:\Windows\System32\perfc007.dat
2013-06-04 19:23 - 2009-07-14 07:13 - 01507342 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-04 19:20 - 2013-06-04 19:20 - 00000000 ____D C:\Users\Detlev\AppData\Roaming\QuickScan
2013-06-04 19:17 - 2013-06-03 22:10 - 00000280 ____A C:\Windows\setupact.log
2013-06-04 19:17 - 2012-02-19 21:05 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-04 19:17 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 22:56 - 2013-05-07 22:40 - 00084155 ____A C:\Windows\IE10_main.log
2013-06-03 22:10 - 2013-06-03 22:10 - 00000000 ____A C:\Windows\setuperr.log
2013-06-03 22:10 - 2011-05-16 19:25 - 00000000 ____D C:\Users\Detlev\AppData\Local\VirtualStore
2013-06-03 22:09 - 2011-05-16 19:28 - 04958588 ____A C:\Windows\{00000008-00000000-00000001-00001102-00000004-20021102}.BAK
2013-06-03 22:09 - 2011-05-16 19:27 - 04958588 ____A C:\Windows\{00000008-00000000-00000001-00001102-00000004-20021102}.CDF
2013-06-03 21:50 - 2013-06-03 21:50 - 00001620 ____A C:\Users\Detlev\Desktop\TreeSize.lnk
2013-06-03 21:48 - 2012-02-19 18:41 - 01541120 ____A C:\Users\Detlev\Documents\Outlook.pst
2013-06-03 20:30 - 2013-06-03 20:30 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-03 20:27 - 2013-06-03 20:27 - 00000000 ____D C:\Windows\ERUNT
2013-05-16 12:22 - 2011-05-16 19:25 - 00000000 ___RD C:\Users\Detlev\Virtual Machines
2013-05-16 12:22 - 2009-07-14 06:45 - 00313536 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 16:05 - 2011-05-16 19:21 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 15:55 - 2011-05-16 20:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-07 22:42 - 2013-05-07 22:42 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 23:36 - 2013-05-15 15:57 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-05 23:16 - 2013-05-15 15:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-05 21:25 - 2013-05-15 15:57 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-05 21:12 - 2013-05-15 15:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-25 08:47

==================== End Of Log ============================
Farbar Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2013 03
Ran by Detlev at 2013-06-04 19:43:20 Run:
Running from H:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 10 ActiveX (Version: 10.3.181.14)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
ATI Catalyst Install Manager (Version: 3.0.825.0)
Catalyst Control Center InstallProxy (Version: 2011.0419.2218.38209)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
Java(TM) 6 Update 17 (64-bit) (Version: 6.0.170)
Java(TM) 6 Update 17 (Version: 6.0.170)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
OpenOffice.org 3.3 (Version: 3.3.9567)
Panda ActiveScan 2.0 (Version: 01.04.01.0014)
Samsung Kies (Version: 2.0.2.11071_128)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.2.2)
TreeSize Free V2.7 (Version: 2.7)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
UxStyle Core Beta (Version: 0.2.1.1)
WMV9/VC-1 Video Playback (Version: 1.0.60419.2210)

==================== Restore Points  =========================


==================== Faulty Device Manager Devices =============

Name: Standard-VGA-Grafikkarte
Description: Standard-VGA-Grafikkarte
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardgrafikkartentypen)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: PCI-Eingabegerät
Description: PCI-Eingabegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2013 07:43:21 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
  VSS-Server wird instanziiert

Error: (06/04/2013 07:43:21 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
  VSS-Server wird instanziiert


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (06/04/2013 07:43:21 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
  VSS-Server wird instanziiert

Error: (06/04/2013 07:43:21 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
  VSS-Server wird instanziiert


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 2559.55 MB
Available physical RAM: 1314.77 MB
Total Pagefile: 5117.29 MB
Available Pagefile: 3831.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:27.95 GB) (Free:3.03 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Alte Platte System) (Fixed) (Total:9.77 GB) (Free:1.46 GB) NTFS (Disk=1 Partition=1)
Drive e: (Alte Platte Files) (Fixed) (Total:64.75 GB) (Free:34.86 GB) NTFS (Disk=1 Partition=2)
Drive h: (1 GB STICK) (Removable) (Total:0.93 GB) (Free:0.92 GB) FAT (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 28 GB) (Disk ID: 49DA7D64)
Partition 1: (Active) - (Size=28 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 75 GB) (Disk ID: 11091108)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=65 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 954 MB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=954 MB) - (Type=06)

==================== End Of Log ============================

markusg 04.06.2013 18:51
kaspersky tdss killer log nachreichen, und nich wild irgendwelche tools laufen lassen, das kann mehr schaden als nutzen

tekitha 04.06.2013 20:16
Schau mal in den 2. Code aus meinem ersten Post, da hab ich den log gepostet.

markusg 05.06.2013 12:04
kaspersky tdss killer wie folgt laufen lassen:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:08 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19