|
Plagegeister aller Art und deren Bekämpfung: Windows 7 64 bit Rechner mit System Doctor 2014 infiziertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.06.2013, 18:49 | #16 |
| Windows 7 64 bit Rechner mit System Doctor 2014 infiziert JRT log file Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Detlev on 04.06.2013 at 19:35:07,60 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 04.06.2013 at 19:41:05,35 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2013 03 Ran by Detlev (administrator) on 04-06-2013 19:42:35 Running from H:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () C:\Windows\SysWOW64\srvany.exe () C:\Windows\kmsem\KMService.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe (Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL [x] HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation) HKCU\...\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [958352 2011-07-26] (Samsung) HKCU\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3507088 2011-07-26] (Samsung Electronics Co., Ltd.) HKCU\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-07-26] () HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-19] (Google Inc.) HKLM-x32\...\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL [x] HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-04-09] (Creative Technology Ltd) HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd) HKLM-x32\...\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2011-05-16] (Google) HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated) Startup: C:\Users\Detlev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File PDF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab PDF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B9859738-8E39-4899-B625-9DC4174700FA}: [NameServer]192.168.0.1 ==================== Services (Whitelisted) ================= S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-05-16] (Google) R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2011-08-08] () R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation) R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC) ==================== Drivers (Whitelisted) ==================== R3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd) S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.) R3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd) S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd) S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd) S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd) S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd) S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd) S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.) S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.) R3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation) U0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.) R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] () S3 05328003; system32\drivers\70786640.sys [x] S3 76489202; system32\drivers\93268158.sys [x] U3 JavaQuickStarterService; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-04 19:42 - 2013-06-04 19:42 - 00000000 ____D C:\FRST 2013-06-04 19:41 - 2013-06-04 19:41 - 00000626 ____A C:\Users\Detlev\Desktop\JRT.txt 2013-06-04 19:35 - 2013-06-04 19:35 - 00009182 ____A C:\Users\Detlev\Desktop\ActiveScan.txt 2013-06-04 19:34 - 2013-06-04 19:34 - 00000000 ____D C:\JRT 2013-06-04 19:28 - 2013-06-04 19:28 - 00000000 ____D C:\Program Files (x86)\Panda Security 2013-06-04 19:28 - 2009-06-30 10:37 - 00033800 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\pavboot64.sys 2013-06-04 19:20 - 2013-06-04 19:20 - 00000000 ____D C:\Users\Detlev\AppData\Roaming\QuickScan 2013-06-03 22:10 - 2013-06-04 19:17 - 00000280 ____A C:\Windows\setupact.log 2013-06-03 22:10 - 2013-06-03 22:10 - 00000000 ____A C:\Windows\setuperr.log 2013-06-03 21:50 - 2013-06-03 21:50 - 00001620 ____A C:\Users\Detlev\Desktop\TreeSize.lnk 2013-06-03 20:30 - 2013-06-03 20:30 - 00000000 ____D C:\Program Files (x86)\ESET 2013-06-03 20:27 - 2013-06-03 20:27 - 00000000 ____D C:\Windows\ERUNT 2013-05-15 15:57 - 2013-05-05 23:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-15 15:57 - 2013-05-05 23:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-15 15:57 - 2013-05-05 21:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-15 15:57 - 2013-05-05 21:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-15 15:55 - 2013-04-05 03:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-15 15:55 - 2013-04-05 03:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-15 15:55 - 2013-04-05 03:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-15 15:55 - 2013-04-05 03:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-15 15:55 - 2013-04-05 02:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-15 15:55 - 2013-04-05 02:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-15 15:55 - 2013-04-05 02:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-15 15:55 - 2013-04-05 02:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-15 15:55 - 2013-04-05 02:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-15 15:55 - 2013-04-05 02:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-15 15:55 - 2013-04-05 02:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-15 15:55 - 2013-04-05 02:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-15 15:55 - 2013-04-05 02:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-15 15:55 - 2013-04-05 02:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-15 15:55 - 2013-04-05 00:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-15 15:55 - 2013-04-05 00:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-15 15:55 - 2013-04-05 00:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-15 15:55 - 2013-04-05 00:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-15 15:55 - 2013-04-05 00:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-15 15:55 - 2013-04-05 00:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-15 15:55 - 2013-04-04 23:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-15 15:55 - 2013-04-04 23:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-15 15:55 - 2013-04-04 23:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-15 15:55 - 2013-04-04 23:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-15 15:55 - 2013-04-04 23:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-15 15:55 - 2013-04-04 23:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-15 15:55 - 2013-04-04 23:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-15 15:55 - 2013-04-04 23:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-15 14:46 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-15 14:46 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2013-05-15 14:46 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe 2013-05-15 14:46 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-05-15 14:46 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-05-15 14:46 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-05-15 14:46 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll 2013-05-15 14:46 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-05-15 14:46 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-05-15 14:46 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-05-15 14:46 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-15 14:45 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-05-15 14:45 - 2013-03-19 07:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll 2013-05-15 14:45 - 2013-03-19 07:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-07 22:40 - 2013-06-03 22:56 - 00084155 ____A C:\Windows\IE10_main.log ==================== One Month Modified Files and Folders ======= 2013-06-04 19:42 - 2013-06-04 19:42 - 00000000 ____D C:\FRST 2013-06-04 19:41 - 2013-06-04 19:41 - 00000626 ____A C:\Users\Detlev\Desktop\JRT.txt 2013-06-04 19:40 - 2012-02-19 21:05 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-06-04 19:35 - 2013-06-04 19:35 - 00009182 ____A C:\Users\Detlev\Desktop\ActiveScan.txt 2013-06-04 19:34 - 2013-06-04 19:34 - 00000000 ____D C:\JRT 2013-06-04 19:28 - 2013-06-04 19:28 - 00000000 ____D C:\Program Files (x86)\Panda Security 2013-06-04 19:24 - 2009-07-14 06:45 - 00015904 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-04 19:24 - 2009-07-14 06:45 - 00015904 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-04 19:23 - 2011-05-16 19:12 - 01534378 ____A C:\Windows\WindowsUpdate.log 2013-06-04 19:23 - 2009-07-14 19:58 - 00659554 ____A C:\Windows\System32\perfh007.dat 2013-06-04 19:23 - 2009-07-14 19:58 - 00131686 ____A C:\Windows\System32\perfc007.dat 2013-06-04 19:23 - 2009-07-14 07:13 - 01507342 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-04 19:20 - 2013-06-04 19:20 - 00000000 ____D C:\Users\Detlev\AppData\Roaming\QuickScan 2013-06-04 19:17 - 2013-06-03 22:10 - 00000280 ____A C:\Windows\setupact.log 2013-06-04 19:17 - 2012-02-19 21:05 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-04 19:17 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-03 22:56 - 2013-05-07 22:40 - 00084155 ____A C:\Windows\IE10_main.log 2013-06-03 22:10 - 2013-06-03 22:10 - 00000000 ____A C:\Windows\setuperr.log 2013-06-03 22:10 - 2011-05-16 19:25 - 00000000 ____D C:\Users\Detlev\AppData\Local\VirtualStore 2013-06-03 22:09 - 2011-05-16 19:28 - 04958588 ____A C:\Windows\{00000008-00000000-00000001-00001102-00000004-20021102}.BAK 2013-06-03 22:09 - 2011-05-16 19:27 - 04958588 ____A C:\Windows\{00000008-00000000-00000001-00001102-00000004-20021102}.CDF 2013-06-03 21:50 - 2013-06-03 21:50 - 00001620 ____A C:\Users\Detlev\Desktop\TreeSize.lnk 2013-06-03 21:48 - 2012-02-19 18:41 - 01541120 ____A C:\Users\Detlev\Documents\Outlook.pst 2013-06-03 20:30 - 2013-06-03 20:30 - 00000000 ____D C:\Program Files (x86)\ESET 2013-06-03 20:27 - 2013-06-03 20:27 - 00000000 ____D C:\Windows\ERUNT 2013-05-16 12:22 - 2011-05-16 19:25 - 00000000 ___RD C:\Users\Detlev\Virtual Machines 2013-05-16 12:22 - 2009-07-14 06:45 - 00313536 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-15 16:05 - 2011-05-16 19:21 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-05-15 15:55 - 2011-05-16 20:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-08 14:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-07 22:42 - 2013-05-07 22:42 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-07 22:42 - 2013-05-07 22:42 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-05 23:36 - 2013-05-15 15:57 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-05 23:16 - 2013-05-15 15:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-05 21:25 - 2013-05-15 15:57 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-05 21:12 - 2013-05-15 15:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit Last Boot: 2013-05-25 08:47 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2013 03 Ran by Detlev at 2013-06-04 19:43:20 Run: Running from H:\ Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 10 ActiveX (Version: 10.3.181.14) Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7) Adobe Shockwave Player 11.5 (Version: 11.5.1.601) AMD Drag and Drop Transcoding (Version: 2.00.0000) ATI Catalyst Install Manager (Version: 3.0.825.0) Catalyst Control Center InstallProxy (Version: 2011.0419.2218.38209) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Google Desktop (Version: 5.9.1005.12335) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.4.3607.2246) Google Update Helper (Version: 1.3.21.145) Java(TM) 6 Update 17 (64-bit) (Version: 6.0.170) Java(TM) 6 Update 17 (Version: 6.0.170) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Outlook 2010 (Version: 14.0.6029.1000) Microsoft Security Client (Version: 4.2.0223.1) Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0) Microsoft Security Essentials (Version: 4.2.223.1) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) OpenOffice.org 3.3 (Version: 3.3.9567) Panda ActiveScan 2.0 (Version: 01.04.01.0014) Samsung Kies (Version: 2.0.2.11071_128) SAMSUNG USB Driver for Mobile Phones (Version: 1.4.2.2) TreeSize Free V2.7 (Version: 2.7) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition UxStyle Core Beta (Version: 0.2.1.1) WMV9/VC-1 Video Playback (Version: 1.0.60419.2210) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Standard-VGA-Grafikkarte Description: Standard-VGA-Grafikkarte Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardgrafikkartentypen) Service: vga Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: PCI-Eingabegerät Description: PCI-Eingabegerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (06/04/2013 07:43:21 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: VSS-Server wird instanziiert Error: (06/04/2013 07:43:21 PM) (Source: VSS) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: VSS-Server wird instanziiert System errors: ============= Microsoft Office Sessions: ========================= Error: (06/04/2013 07:43:21 PM) (Source: VSS)(User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: VSS-Server wird instanziiert Error: (06/04/2013 07:43:21 PM) (Source: VSS)(User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: VSS-Server wird instanziiert ==================== Memory info =========================== Percentage of memory in use: 48% Total physical RAM: 2559.55 MB Available physical RAM: 1314.77 MB Total Pagefile: 5117.29 MB Available Pagefile: 3831.32 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:27.95 GB) (Free:3.03 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)] Drive d: (Alte Platte System) (Fixed) (Total:9.77 GB) (Free:1.46 GB) NTFS (Disk=1 Partition=1) Drive e: (Alte Platte Files) (Fixed) (Total:64.75 GB) (Free:34.86 GB) NTFS (Disk=1 Partition=2) Drive h: (1 GB STICK) (Removable) (Total:0.93 GB) (Free:0.92 GB) FAT (Disk=2 Partition=1) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 28 GB) (Disk ID: 49DA7D64) Partition 1: (Active) - (Size=28 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 75 GB) (Disk ID: 11091108) Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=65 GB) - (Type=OF Extended) ======================================================== Disk: 2 (Size: 954 MB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=954 MB) - (Type=06) ==================== End Of Log ============================ |
04.06.2013, 18:51 | #17 |
/// Malware-holic | Windows 7 64 bit Rechner mit System Doctor 2014 infiziert kaspersky tdss killer log nachreichen, und nich wild irgendwelche tools laufen lassen, das kann mehr schaden als nutzen
__________________
__________________ |
04.06.2013, 20:16 | #18 |
| Windows 7 64 bit Rechner mit System Doctor 2014 infiziert Schau mal in den 2. Code aus meinem ersten Post, da hab ich den log gepostet.
__________________ |
05.06.2013, 12:04 | #19 |
/// Malware-holic | Windows 7 64 bit Rechner mit System Doctor 2014 infiziert kaspersky tdss killer wie folgt laufen lassen: Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu Windows 7 64 bit Rechner mit System Doctor 2014 infiziert |
adobe, association, desktop, explorer, explorer.exe, farbar recovery scan tool, forum, free, frst.txt, google, helper, helper.exe, home, ics, infiziert, infizierte, logfile, löschen, microsoft, regclean, regclean pro, registry, scan, security, services.exe, stick, svchost.exe, system, system doctor 2014, system32, windows, winlogon.exe |