Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Log-Analyse und Auswertung: Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.06.2013, 12:54   #1
Hitchkock
 
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Standard

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Hallo,

habe ich einen Patienten hier bei dem eigentlich nur noch der berühmte weiße Bildschirm zu sehen ist. Ich hab echt kein Plan was genau ihr da immer aus dem Log lest aber kann mir bitte einer beim säubern helfen? Die FRST.exe bricht nach kurzer Zeit ab. Vielleicht kann mir ja jemand sagen warum.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by SYSTEM on 24-06-2013 13:45:55
Running from G:\
Microsoft Windows XP (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.


ATTENTION!:=====> THE OPERATING SYSTEM IS A X86 SYSTEM BUT THE BOOT DISK THAT IS USED TO BOOT TO RECOVERY ENVIRONMENT IS A X64 SYSTEM DISK.
==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [Alcmtr] ALCMTR.EXE [x]
HKLM\...\Run: [FixCamera] C:\WINDOWS\FixCamera.exe [20480 2007-07-11] ()
HKLM\...\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe [270336 2007-05-10] ()
HKLM\...\Run: [snp2std] C:\WINDOWS\vsnp2std.exe [344064 2007-05-10] (Sonix)
HKLM\...\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd.exe" [49152 2003-08-04] (Hewlett-Packard)
HKLM\...\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe" [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] "C:\Programme\Microsoft Security Client\msseces.exe" -hide -runkey [997408 2010-11-30] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit]  [x]
HKLM-x32\...\Winlogon: [Shell]  [x ] ()
HKLM\...\Winlogon: [UIHost] C:\Windows\System32\logonui.exe [515072 2008-04-14] ( (Microsoft Corporation))
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: %SystemRoot%\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: wlnotify.dll (Microsoft Corporation)
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)

==================== Services (Whitelisted) =================

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [256904 2013-06-13] (Adobe Systems Incorporated)
S4 Alerter; C:\Windows\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312 2008-07-25] (Microsoft Corporation)
S2 Ati HotKey Poller; C:\Windows\System32\Ati2evxx.exe [483328 2007-06-27] (ATI Technologies Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2007-06-29] ()
S4 ClipSrv; C:\Windows\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\Windows\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corp., Veritas Software)
S2 dmserver; C:\Windows\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.)
S4 ERSvc; C:\Windows\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
S3 FastUserSwitchingCompatibility; C:\Windows\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\System32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
S2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [153376 2010-02-12] (Sun Microsystems, Inc.)
S4 Messenger; C:\Windows\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\System32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S2 MsMpSvc; C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2010-11-11] (Microsoft Corporation)
S4 NetDDE; C:\Windows\system32\netdde.exe [114176 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\Windows\system32\netdde.exe [114176 2008-04-14] (Microsoft Corporation)
S3 Nla; C:\Windows\System32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\Windows\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\Windows\system32\ntmssvc.dll [438272 2008-04-14] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S2 PlugPlay; C:\Windows\system32\services.exe [111104 2009-02-09] (Microsoft Corporation)
S3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [65795 2005-07-29] (HP)
S2 PolicyAgent; C:\Windows\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [143360 2008-04-14] (Microsoft Corporation)
S3 RSVP; C:\Windows\System32\rsvp.exe [132608 2002-08-29] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [99840 2008-04-14] (Microsoft Corporation)
S2 srservice; C:\WINDOWS\System32\srsvc.dll [171520 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\Windows\system32\smlogsvc.exe [94208 2008-04-14] (Microsoft Corporation)
S2 TeamViewer5; C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe [185640 2009-12-08] (TeamViewer GmbH)
S4 TlntSvr; C:\WINDOWS\System32\tlntsvr.exe [75264 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [52736 2008-04-14] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [678400 2009-02-09] (Microsoft Corporation)
S2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
S2 WZCSVC; C:\Windows\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S2 Eventlog;  [x]

==================== Drivers (Whitelisted) ====================

S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [12160 2002-08-29] (Microsoft Corporation)
S3 aec; C:\Windows\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
S1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [43488 2010-02-12] (Oak Technology Inc.)
S3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [2303488 2007-06-27] (ATI Technologies Inc.)
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
S3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
S4 cbidf2k; C:\Windows\System32\Drivers\cbidf2k.sys [13952 2002-08-29] (Microsoft Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\Windows\System32\Drivers\Cdaudio.sys [18688 2002-08-29] (Microsoft Corporation)
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [800384 2008-04-14] (Microsoft Corp., Veritas Software)
S0 dmio; C:\Windows\System32\drivers\dmio.sys [154112 2008-04-14] (Microsoft Corp., Veritas Software)
S0 dmload; C:\Windows\System32\drivers\dmload.sys [5888 2002-08-29] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\Windows\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S1 Fips; C:\Windows\System32\Drivers\Fips.sys [44672 2008-04-14] (Microsoft Corporation)
S0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [126336 2002-08-29] (Microsoft Corporation)
S3 FXDrv32; C:\PROGRA~1\FOXCONN\FOXLIV~1\FXDrv32.sys [23872 2005-12-20] (Your Corporation)
S3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
S3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51056 2005-07-29] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-07-29] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21488 2005-07-29] (HP)
S1 Imapi; C:\Windows\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RtkHDAud.sys [4742144 2008-05-14] (Realtek Semiconductor Corp.)
S3 ip6fw; C:\Windows\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
S1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\Windows\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
S1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [4224 2002-08-29] (Microsoft Corporation)
S1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165264 2010-10-24] (Microsoft Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [12416 2002-08-29] (Microsoft Corporation)
S3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [32512 2002-08-29] (Microsoft Corporation)
S3 PSched; C:\Windows\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
S3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [17792 2002-08-29] (Parallel Technologies, Inc.)
S0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [43528 2009-11-14] (Sonic Solutions)
S3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [16512 2002-08-29] (Microsoft Corporation)
S1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [57728 2008-04-14] (Microsoft Corporation)
S3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.)
S3 RTLE8023xp; C:\Windows\System32\DRIVERS\Rtenicxp.sys [142336 2009-06-05] (Realtek Semiconductor Corporation                           )
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12216064 2007-09-22] ()
S3 splitter; C:\Windows\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
S0 sr; C:\Windows\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\Windows\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
S3 sysaudio; C:\Windows\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
S3 Update; C:\Windows\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
S3 wdmaud; C:\Windows\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
S4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S2 Scutum50; System32\Drivers\Scutum50.sys [x]
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-24 13:45 - 2013-06-24 13:45 - 00000000 ____D C:\FRST
2013-06-13 18:56 - 2011-09-28 08:20 - 00484352 ____A C:\Windows\System32\lame_enc.dll
2013-06-13 18:56 - 2011-09-28 08:20 - 00200704 ____A (vbAccelerator) C:\Windows\System32\vbalExpBar6.ocx
2013-06-13 18:56 - 2011-09-28 08:20 - 00152848 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.OCX
2013-06-13 18:56 - 2011-09-28 08:20 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\MSCMCFR.DLL
2013-06-13 18:56 - 2011-09-28 08:20 - 00119568 ____A (Microsoft Corporation) C:\Windows\System32\VB6FR.DLL
2013-06-13 18:56 - 2011-09-28 08:20 - 00115920 ____A (Microsoft Corporation) C:\Windows\System32\msinet.OCX
2013-06-13 18:56 - 2011-09-28 08:20 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\VB6STKIT.DLL
2013-06-13 18:56 - 2011-09-28 08:20 - 00040960 ____A (vbAccelerator) C:\Windows\System32\SSubTmr6.dll
2013-06-13 18:56 - 2011-09-28 08:20 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\CMDLGFR.DLL
2013-06-13 18:56 - 2011-09-28 08:20 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\inetfr.DLL
2013-06-13 18:48 - 2013-06-13 18:48 - 00000069 ____A C:\Windows\NeroDigital.ini
2013-06-13 08:54 - 2013-06-13 19:04 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-13 08:54 - 2013-06-13 08:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 08:54 - 2013-06-13 08:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-12 20:33 - 2013-06-12 20:34 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-12 20:31 - 2013-06-12 20:31 - 00144776 ____A C:\Windows\KB2659262.log
2013-06-12 20:31 - 2013-06-12 20:31 - 00141044 ____A C:\Windows\KB2564958.log
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-12 20:30 - 2013-06-12 20:30 - 00144337 ____A C:\Windows\KB2536276-v2.log
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-12 20:29 - 2013-06-12 20:29 - 00137086 ____A C:\Windows\KB2779562.log
2013-06-12 20:29 - 2013-06-12 20:29 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-12 20:29 - 2013-06-12 20:29 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-12 20:29 - 2013-06-12 20:29 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-12 20:28 - 2013-06-12 20:28 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-12 20:27 - 2013-06-12 20:27 - 00143105 ____A C:\Windows\KB2686509.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00143008 ____A C:\Windows\KB2485663.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00142990 ____A C:\Windows\KB2440591.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-12 20:26 - 2013-06-12 20:26 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-12 20:26 - 2013-06-12 20:26 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-12 20:24 - 2013-06-12 20:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-12 20:24 - 2013-06-12 20:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-12 20:21 - 2013-06-12 20:21 - 00141196 ____A C:\Windows\KB2753842-v2.log
2013-06-12 20:21 - 2013-06-12 20:21 - 00140990 ____A C:\Windows\KB2592799.log
2013-06-12 20:21 - 2013-06-12 20:21 - 00140611 ____A C:\Windows\KB2535512.log
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-12 20:20 - 2013-06-12 20:20 - 00141023 ____A C:\Windows\KB2807986.log
2013-06-12 20:20 - 2013-06-12 20:20 - 00140299 ____A C:\Windows\KB2570947.log
2013-06-12 20:20 - 2013-06-12 20:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-12 20:20 - 2013-06-12 20:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-12 20:17 - 2013-06-12 20:17 - 00139832 ____A C:\Windows\KB2603381.log
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-12 20:16 - 2013-06-12 20:17 - 00133186 ____A C:\Windows\KB2820197.log
2013-06-12 20:16 - 2013-06-12 20:16 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-12 20:16 - 2013-06-12 20:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-12 20:16 - 2013-06-12 20:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-12 20:15 - 2013-06-12 20:15 - 00132933 ____A C:\Windows\KB2698365.log
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-12 20:14 - 2013-06-12 20:14 - 00021538 ____A C:\Windows\KB2723135-v2.log
2013-06-12 20:14 - 2013-06-12 20:14 - 00020763 ____A C:\Windows\KB2618451.log
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-12 20:13 - 2013-06-12 20:13 - 00019329 ____A C:\Windows\KB2838727-IE8.log
2013-06-12 20:13 - 2013-06-12 20:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-12 20:13 - 2013-06-12 20:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-12 20:12 - 2013-06-12 20:13 - 00015265 ____A C:\Windows\KB2510531-IE8.log
2013-06-12 20:12 - 2013-06-12 20:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-12 20:10 - 2013-06-12 20:10 - 00015757 ____A C:\Windows\KB2393802.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00013658 ____A C:\Windows\KB2566454.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00013277 ____A C:\Windows\KB2661637.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-12 20:08 - 2013-06-12 20:08 - 00013280 ____A C:\Windows\KB2423089.log
2013-06-12 20:08 - 2013-06-12 20:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-12 19:27 - 2013-06-12 20:34 - 00158695 ____A C:\Windows\KB2712808.log
2013-06-12 19:27 - 2013-06-12 20:31 - 00158249 ____A C:\Windows\KB2479943.log
2013-06-12 19:27 - 2013-06-12 20:31 - 00155763 ____A C:\Windows\KB2478971.log
2013-06-12 19:27 - 2013-06-12 20:31 - 00155081 ____A C:\Windows\KB2758857.log
2013-06-12 19:26 - 2013-06-12 20:30 - 00155174 ____A C:\Windows\KB2585542.log
2013-06-12 19:26 - 2013-06-12 20:30 - 00155068 ____A C:\Windows\KB2691442.log
2013-06-12 19:26 - 2013-06-12 20:30 - 00154221 ____A C:\Windows\KB2631813.log
2013-06-12 19:26 - 2013-06-12 20:29 - 00154457 ____A C:\Windows\KB2655992.log
2013-06-12 19:26 - 2013-06-12 20:29 - 00154144 ____A C:\Windows\KB2443105.log
2013-06-12 19:26 - 2013-06-12 20:28 - 00153769 ____A C:\Windows\KB2802968.log
2013-06-12 19:26 - 2013-06-12 20:27 - 00154772 ____A C:\Windows\KB2481109.log
2013-06-12 19:26 - 2013-06-12 20:27 - 00153765 ____A C:\Windows\KB2598479.log
2013-06-12 19:26 - 2010-11-02 16:17 - 00040960 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndproxy.sys
2013-06-12 19:24 - 2013-06-12 20:26 - 00152648 ____A C:\Windows\KB2780091.log
2013-06-12 19:24 - 2013-06-12 20:26 - 00152511 ____A C:\Windows\KB2507938.log
2013-06-12 19:24 - 2013-06-12 20:24 - 00152338 ____A C:\Windows\KB2624667.log
2013-06-12 19:24 - 2013-06-12 20:21 - 00151272 ____A C:\Windows\KB2719985.log
2013-06-12 19:23 - 2013-06-12 20:21 - 00149881 ____A C:\Windows\KB2770660.log
2013-06-12 19:23 - 2013-06-12 20:21 - 00149077 ____A C:\Windows\KB2839229.log
2013-06-12 19:23 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-06-12 19:23 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023.sys
2013-06-12 19:23 - 2011-04-21 14:37 - 00105472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mup.sys
2013-06-12 19:22 - 2013-06-12 20:17 - 00150901 ____A C:\Windows\KB2419632.log
2013-06-12 19:22 - 2013-06-12 20:17 - 00150197 ____A C:\Windows\KB2820917.log
2013-06-12 19:22 - 2013-06-12 20:17 - 00149379 ____A C:\Windows\KB2757638.log
2013-06-12 19:22 - 2013-06-12 20:17 - 00143933 ____A C:\Windows\KB2508429.log
2013-06-12 19:22 - 2013-06-12 20:16 - 00142572 ____A C:\Windows\KB2749655.log
2013-06-12 19:22 - 2013-06-12 20:16 - 00142005 ____A C:\Windows\KB971029.log
2013-06-12 19:22 - 2013-06-12 20:15 - 00141738 ____A C:\Windows\KB2506212.log
2013-06-12 19:22 - 2013-06-12 20:15 - 00140843 ____A C:\Windows\KB2705219-v2.log
2013-06-12 19:22 - 2013-06-12 20:15 - 00140031 ____A C:\Windows\KB2619339.log
2013-06-12 19:22 - 2013-06-12 20:14 - 00030461 ____A C:\Windows\KB2813345.log
2013-06-12 19:22 - 2013-06-12 20:14 - 00030239 ____A C:\Windows\KB2661254-v2.log
2013-06-12 19:22 - 2013-06-12 20:14 - 00029561 ____A C:\Windows\KB2727528.log
2013-06-12 19:22 - 2012-07-04 15:05 - 00139784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2013-06-12 19:22 - 2012-05-28 19:16 - 00536576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msado15.dll
2013-06-12 19:21 - 2013-06-12 20:13 - 00030820 ____A C:\Windows\KB2676562.log
2013-06-12 19:21 - 2013-06-12 20:13 - 00030131 ____A C:\Windows\KB2509553.log
2013-06-12 19:21 - 2013-05-07 23:28 - 00522240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2013-06-12 19:20 - 2013-06-12 20:31 - 00151848 ____A C:\Windows\KB2544893-v2.log
2013-06-12 19:20 - 2013-06-12 20:12 - 00021517 ____A C:\Windows\KB2829361.log
2013-06-12 19:20 - 2013-06-12 20:10 - 00022359 ____A C:\Windows\KB2478960.log
2013-06-12 19:20 - 2013-06-12 20:10 - 00021574 ____A C:\Windows\KB2620712.log
2013-06-12 19:20 - 2013-06-12 20:10 - 00021148 ____A C:\Windows\KB2584146.log
2013-06-12 19:20 - 2012-01-11 20:06 - 00003072 ____N C:\Windows\System32\iacenc.dll
2013-06-12 19:20 - 2012-01-11 20:06 - 00003072 ____C C:\Windows\System32\dllcache\iacenc.dll
2013-06-12 19:20 - 2011-07-08 15:02 - 00010496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndistapi.sys
2013-06-12 19:20 - 2010-10-11 15:59 - 00045568 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wab.exe
2013-06-12 19:19 - 2013-06-12 20:24 - 00150864 ____A C:\Windows\KB2483185.log
2013-06-12 19:19 - 2013-06-12 20:17 - 00141697 ____A C:\Windows\KB2653956.log
2013-06-12 05:47 - 2013-06-13 08:57 - 00000416 ___AH C:\Windows\Tasks\MP Scheduled Scan.job
2013-06-12 05:42 - 2013-06-12 05:42 - 00001912 ____A C:\Windows\epplauncher.mif
2013-06-12 05:41 - 2013-06-12 05:41 - 00000000 ____D C:\Windows\Temp0CFD192A-12E4-A16F-4DB2-1243EB8ABA52-Signatures

==================== One Month Modified Files and Folders =======

2013-06-24 13:45 - 2013-06-24 13:45 - 00000000 ____D C:\FRST
2013-06-13 19:31 - 2010-02-12 15:59 - 00000275 ____A C:\Windows\wiadebug.log
2013-06-13 19:31 - 2010-02-12 15:59 - 00000050 ____A C:\Windows\wiaservc.log
2013-06-13 19:31 - 2010-02-12 14:01 - 01344060 ____A C:\Windows\WindowsUpdate.log
2013-06-13 19:31 - 2010-02-12 13:24 - 00327680 ____A C:\Windows\System32\config\ACEEvent.evt
2013-06-13 19:31 - 2010-02-12 13:00 - 00023660 ____A C:\Windows\SchedLgU.Txt
2013-06-13 19:31 - 2010-02-12 12:57 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-13 19:04 - 2013-06-13 08:54 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-13 18:55 - 2010-02-12 12:53 - 00000000 ___RD C:\Programme
2013-06-13 18:48 - 2013-06-13 18:48 - 00000069 ____A C:\Windows\NeroDigital.ini
2013-06-13 18:19 - 2010-02-12 19:40 - 00105699 ____A C:\Windows\setupapi.log
2013-06-13 08:57 - 2013-06-12 05:47 - 00000416 ___AH C:\Windows\Tasks\MP Scheduled Scan.job
2013-06-13 08:54 - 2013-06-13 08:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 08:54 - 2013-06-13 08:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-13 08:52 - 2010-02-12 19:49 - 00000000 ____A C:\Windows\0.log
2013-06-13 08:52 - 2002-08-29 14:00 - 00013646 ____A C:\Windows\System32\wpa.dbl
2013-06-13 08:51 - 2010-02-12 12:52 - 00115768 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-12 20:35 - 2010-02-12 12:53 - 01032974 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-12 20:35 - 2002-08-29 14:00 - 00462398 ____A C:\Windows\System32\perfh007.dat
2013-06-12 20:35 - 2002-08-29 14:00 - 00085758 ____A C:\Windows\System32\perfc007.dat
2013-06-12 20:34 - 2013-06-12 20:33 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-12 20:34 - 2013-06-12 19:27 - 00158695 ____A C:\Windows\KB2712808.log
2013-06-12 20:34 - 2010-02-12 19:38 - 01189022 ____A C:\Windows\iis6.log
2013-06-12 20:34 - 2010-02-12 19:38 - 01094373 ____A C:\Windows\FaxSetup.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00523212 ____A C:\Windows\ocgen.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00499326 ____A C:\Windows\tsoc.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00364487 ____A C:\Windows\comsetup.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00336248 ____A C:\Windows\msmqinst.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00220481 ____A C:\Windows\ntdtcsetup.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00191691 ____A C:\Windows\netfxocm.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00075225 ____A C:\Windows\MedCtrOC.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00060534 ____A C:\Windows\ocmsn.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00055047 ____A C:\Windows\tabletoc.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00054693 ____A C:\Windows\msgsocm.log
2013-06-12 20:34 - 2010-02-12 19:38 - 00001374 ____A C:\Windows\imsins.log
2013-06-12 20:31 - 2013-06-12 20:31 - 00144776 ____A C:\Windows\KB2659262.log
2013-06-12 20:31 - 2013-06-12 20:31 - 00141044 ____A C:\Windows\KB2564958.log
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-12 20:31 - 2013-06-12 20:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-12 20:31 - 2013-06-12 19:27 - 00158249 ____A C:\Windows\KB2479943.log
2013-06-12 20:31 - 2013-06-12 19:27 - 00155763 ____A C:\Windows\KB2478971.log
2013-06-12 20:31 - 2013-06-12 19:27 - 00155081 ____A C:\Windows\KB2758857.log
2013-06-12 20:31 - 2013-06-12 19:20 - 00151848 ____A C:\Windows\KB2544893-v2.log
2013-06-12 20:31 - 2010-02-12 19:38 - 00046101 ____A C:\Windows\updspapi.log
2013-06-12 20:31 - 2010-02-12 19:38 - 00001374 ____A C:\Windows\imsins.BAK
2013-06-12 20:30 - 2013-06-12 20:30 - 00144337 ____A C:\Windows\KB2536276-v2.log
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-12 20:30 - 2013-06-12 20:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-12 20:30 - 2013-06-12 19:26 - 00155174 ____A C:\Windows\KB2585542.log
2013-06-12 20:30 - 2013-06-12 19:26 - 00155068 ____A C:\Windows\KB2691442.log
2013-06-12 20:30 - 2013-06-12 19:26 - 00154221 ____A C:\Windows\KB2631813.log
2013-06-12 20:30 - 2010-02-12 19:55 - 00000000 ____D C:\Windows\System32\XPSViewer
2013-06-12 20:30 - 2010-02-12 14:08 - 00000000 ___HD C:\Windows\$hf_mig$
2013-06-12 20:29 - 2013-06-12 20:29 - 00137086 ____A C:\Windows\KB2779562.log
2013-06-12 20:29 - 2013-06-12 20:29 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-12 20:29 - 2013-06-12 20:29 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-12 20:29 - 2013-06-12 20:29 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-12 20:29 - 2013-06-12 19:26 - 00154457 ____A C:\Windows\KB2655992.log
2013-06-12 20:29 - 2013-06-12 19:26 - 00154144 ____A C:\Windows\KB2443105.log
2013-06-12 20:29 - 2010-02-12 19:45 - 00022304 ____A C:\Windows\System32\TZLog.log
2013-06-12 20:28 - 2013-06-12 20:28 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-12 20:28 - 2013-06-12 19:26 - 00153769 ____A C:\Windows\KB2802968.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00143105 ____A C:\Windows\KB2686509.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00143008 ____A C:\Windows\KB2485663.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00142990 ____A C:\Windows\KB2440591.log
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-12 20:27 - 2013-06-12 20:27 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-12 20:27 - 2013-06-12 19:26 - 00154772 ____A C:\Windows\KB2481109.log
2013-06-12 20:27 - 2013-06-12 19:26 - 00153765 ____A C:\Windows\KB2598479.log
2013-06-12 20:26 - 2013-06-12 20:26 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-12 20:26 - 2013-06-12 20:26 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-12 20:26 - 2013-06-12 19:24 - 00152648 ____A C:\Windows\KB2780091.log
2013-06-12 20:26 - 2013-06-12 19:24 - 00152511 ____A C:\Windows\KB2507938.log
2013-06-12 20:24 - 2013-06-12 20:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-12 20:24 - 2013-06-12 20:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-12 20:24 - 2013-06-12 19:24 - 00152338 ____A C:\Windows\KB2624667.log
2013-06-12 20:24 - 2013-06-12 19:19 - 00150864 ____A C:\Windows\KB2483185.log
2013-06-12 20:24 - 2002-08-29 14:00 - 00000696 ____A C:\Windows\win.ini
2013-06-12 20:21 - 2013-06-12 20:21 - 00141196 ____A C:\Windows\KB2753842-v2.log
2013-06-12 20:21 - 2013-06-12 20:21 - 00140990 ____A C:\Windows\KB2592799.log
2013-06-12 20:21 - 2013-06-12 20:21 - 00140611 ____A C:\Windows\KB2535512.log
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-12 20:21 - 2013-06-12 20:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-12 20:21 - 2013-06-12 19:24 - 00151272 ____A C:\Windows\KB2719985.log
2013-06-12 20:21 - 2013-06-12 19:23 - 00149881 ____A C:\Windows\KB2770660.log
2013-06-12 20:21 - 2013-06-12 19:23 - 00149077 ____A C:\Windows\KB2839229.log
2013-06-12 20:20 - 2013-06-12 20:20 - 00141023 ____A C:\Windows\KB2807986.log
2013-06-12 20:20 - 2013-06-12 20:20 - 00140299 ____A C:\Windows\KB2570947.log
2013-06-12 20:20 - 2013-06-12 20:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-12 20:20 - 2013-06-12 20:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-12 20:17 - 2013-06-12 20:17 - 00139832 ____A C:\Windows\KB2603381.log
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-12 20:17 - 2013-06-12 20:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-12 20:17 - 2013-06-12 20:16 - 00133186 ____A C:\Windows\KB2820197.log
2013-06-12 20:17 - 2013-06-12 19:22 - 00150901 ____A C:\Windows\KB2419632.log
2013-06-12 20:17 - 2013-06-12 19:22 - 00150197 ____A C:\Windows\KB2820917.log
2013-06-12 20:17 - 2013-06-12 19:22 - 00149379 ____A C:\Windows\KB2757638.log
2013-06-12 20:17 - 2013-06-12 19:22 - 00143933 ____A C:\Windows\KB2508429.log
2013-06-12 20:17 - 2013-06-12 19:19 - 00141697 ____A C:\Windows\KB2653956.log
2013-06-12 20:16 - 2013-06-12 20:16 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-12 20:16 - 2013-06-12 20:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-12 20:16 - 2013-06-12 20:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-12 20:16 - 2013-06-12 19:22 - 00142572 ____A C:\Windows\KB2749655.log
2013-06-12 20:16 - 2013-06-12 19:22 - 00142005 ____A C:\Windows\KB971029.log
2013-06-12 20:15 - 2013-06-12 20:15 - 00132933 ____A C:\Windows\KB2698365.log
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-12 20:15 - 2013-06-12 20:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-12 20:15 - 2013-06-12 19:22 - 00141738 ____A C:\Windows\KB2506212.log
2013-06-12 20:15 - 2013-06-12 19:22 - 00140843 ____A C:\Windows\KB2705219-v2.log
2013-06-12 20:15 - 2013-06-12 19:22 - 00140031 ____A C:\Windows\KB2619339.log
2013-06-12 20:14 - 2013-06-12 20:14 - 00021538 ____A C:\Windows\KB2723135-v2.log
2013-06-12 20:14 - 2013-06-12 20:14 - 00020763 ____A C:\Windows\KB2618451.log
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-12 20:14 - 2013-06-12 19:22 - 00030461 ____A C:\Windows\KB2813345.log
2013-06-12 20:14 - 2013-06-12 19:22 - 00030239 ____A C:\Windows\KB2661254-v2.log
2013-06-12 20:14 - 2013-06-12 19:22 - 00029561 ____A C:\Windows\KB2727528.log
2013-06-12 20:13 - 2013-06-12 20:13 - 00019329 ____A C:\Windows\KB2838727-IE8.log
2013-06-12 20:13 - 2013-06-12 20:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-12 20:13 - 2013-06-12 20:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-12 20:13 - 2013-06-12 20:12 - 00015265 ____A C:\Windows\KB2510531-IE8.log
2013-06-12 20:13 - 2013-06-12 19:21 - 00030820 ____A C:\Windows\KB2676562.log
2013-06-12 20:13 - 2013-06-12 19:21 - 00030131 ____A C:\Windows\KB2509553.log
2013-06-12 20:12 - 2013-06-12 20:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-12 20:12 - 2013-06-12 19:20 - 00021517 ____A C:\Windows\KB2829361.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00015757 ____A C:\Windows\KB2393802.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00013658 ____A C:\Windows\KB2566454.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00013277 ____A C:\Windows\KB2661637.log
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-12 20:10 - 2013-06-12 20:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-12 20:10 - 2013-06-12 19:20 - 00022359 ____A C:\Windows\KB2478960.log
2013-06-12 20:10 - 2013-06-12 19:20 - 00021574 ____A C:\Windows\KB2620712.log
2013-06-12 20:10 - 2013-06-12 19:20 - 00021148 ____A C:\Windows\KB2584146.log
2013-06-12 20:08 - 2013-06-12 20:08 - 00013280 ____A C:\Windows\KB2423089.log
2013-06-12 20:08 - 2013-06-12 20:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-12 05:54 - 2010-02-12 13:47 - 00000000 ____D C:\Windows\Help
2013-06-12 05:42 - 2013-06-12 05:42 - 00001912 ____A C:\Windows\epplauncher.mif
2013-06-12 05:41 - 2013-06-12 05:41 - 00000000 ____D C:\Windows\Temp0CFD192A-12E4-A16F-4DB2-1243EB8ABA52-Signatures
2013-06-12 05:23 - 2010-02-12 19:42 - 00005245 ____A C:\Windows\spupdsvc.log
2013-06-12 05:23 - 2010-02-12 19:38 - 00000498 ____A C:\Windows\setupact.log
2013-06-02 16:21 - 2010-02-12 14:35 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

==================== Known DLLs (Whitelisted) ================

C:\Windows\SysWOW64\advapi32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\comdlg32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\gdi32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\imagehlp.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\kernel32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\lz32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\ole32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\oleaut32.dll IS MISSING <==== ATTENTION!
[2002-08-29 14:00] - [2008-04-14 07:52] - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\olecli32.dll
C:\Windows\SysWOW64\olecli32.dll IS MISSING <==== ATTENTION!
[2002-08-29 14:00] - [2008-04-14 07:52] - 0037376 ____A (Microsoft Corporation) C:\Windows\System32\olecnv32.dll
C:\Windows\SysWOW64\olecnv32.dll IS MISSING <==== ATTENTION!
[2002-08-29 14:00] - [2002-08-29 14:00] - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\olesvr32.dll
C:\Windows\SysWOW64\olesvr32.dll IS MISSING <==== ATTENTION!
[2002-08-29 14:00] - [2002-08-29 14:00] - 0069120 ____A (Microsoft Corporation) C:\Windows\System32\olethk32.dll
C:\Windows\SysWOW64\olethk32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\rpcrt4.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\shell32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\url.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\urlmon.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\user32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\version.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\wininet.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\wldap32.dll IS MISSING <==== ATTENTION!

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2002-08-29 14:00] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) F09A527B422E25C478E38CAA0E44417A

C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe
[2002-08-29 14:00] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045A93CD87A352098AB7DABE1B53E

C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe
[2002-08-29 14:00] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4FBC75B74479C7A6F829E0CA19DF3366

C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe
[2002-08-29 14:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) A3EDBE9053889FB24AB22492472B39DC

C:\Windows\System32\User32.dll
[2002-08-29 14:00] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) B0050CC5340E3A0760DD8B417FF7AEBD

C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe
[2002-08-29 14:00] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788F95312E26389D596C0FA55834E106

C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys
[2002-08-29 14:00] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) A5A712F4E880874A477AF790B5186E1D

C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 1791.18 MB
Available physical RAM: 1380.07 MB
Total Pagefile: 1791.18 MB
Available Pagefile: 1370.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Gruß
Hitchi

Alt 24.06.2013, 13:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Standard

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Hi,

was ist das für ein Betriebssystem? Und mit was hast Du da gebootet?
__________________

__________________
Alt 24.06.2013, 13:13   #3
Hitchkock
 
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Standard

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Das ist Windows 7 und wohl noch eine alte Partition mit Windows XP. Die aktive ist Windows 7.

Gebootet hab ich mit "F8" Windows 7 Reparatur.

Kein Sinn?
__________________
Alt 24.06.2013, 13:54   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Standard

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Weil er XP ausliest und zudem noch sagt es wäre mit falscher BS Bit-Version gebootet worden.

So kann man nix fixen. Haste ne CD von Win/? Wenn ja bitte mit der in die REcovery booten und FRST nochmal scannen lassen? Ist dein Win7 32 oder 64bit? Bitte passende Version von FRST verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.06.2013, 15:01   #5
Hitchkock
 
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Standard

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Vielen Dank für deine Mühe aber ich hab mich entschlossen den Rechner doch neu zu machen. Der scheint dermaßen zugemüllt...

Kann dann also geschlossen werden


Alt 24.06.2013, 15:11   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Standard

Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


Alles klar.
__________________
--> Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)

Antwort

Themen zu Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)
adobe flash player, association, bildschirm, dateien, dllcache, explorer, farbar, farbar recovery scan tool, flash player, fontcache, frst.exe, frst.txt, hotkey, log, lsass.exe, opera, policyagent, programme, realtek, registry, scan, security, services.exe, software, system, temp, ups, usb, windows, windows xp, winlogon, wmi


« Trojaner .exe Datei? | Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" »


Ähnliche Themen: Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)


  1. GVU Virus - Bundesamt für Sicherheit und Informationstechnik - kein abgesicherter Modus möglich FRST.txt vorhanden
    Log-Analyse und Auswertung - 02.04.2015 (25)
  2. WinXP - Weißer Bildschirm nach Anmeldung bei einem User - Abgesicherter Modus funktioniert - FRST32 bricht ab
    Log-Analyse und Auswertung - 22.01.2014 (9)
  3. Malewarebite meldet Infektion in Installationsdatei - FRST bricht ab.
    Log-Analyse und Auswertung - 09.11.2013 (17)
  4. FRST Logfile analysieren, nach BKA Trojaner, weißer Bildschirm etc
    Log-Analyse und Auswertung - 03.11.2013 (3)
  5. Problem mit Win7 nach der Anmeldung weißer Bildschirm - frst.exe bereits ausgeführt siehe logfile
    Log-Analyse und Auswertung - 30.10.2013 (5)
  6. KOBIK-Trojaner eingefangen.. FRST-Logfile bereits vorhanden
    Plagegeister aller Art und deren Bekämpfung - 03.10.2013 (12)
  7. Win7: GVU Trojaner, Abgesicherter Modus sowie Booten von USB und CD nicht möglich, FRST Logfile vorhanden
    Log-Analyse und Auswertung - 29.08.2013 (21)
  8. Weißer Bildschirm Win7, FRST.txt erstellt, weiteres Vorgehen
    Log-Analyse und Auswertung - 12.08.2013 (15)
  9. Weißer Bildschirm nach Neustart, scan via FRST.exe --> FRST.txt
    Log-Analyse und Auswertung - 06.08.2013 (5)
  10. Weißer Bildschirm Windows 7/FRST-Log
    Plagegeister aller Art und deren Bekämpfung - 29.07.2013 (16)
  11. Plötzlich nur noch weißer Bildschirm auf laptop - Frst.text erstellt
    Log-Analyse und Auswertung - 20.07.2013 (7)
  12. Weißer Bildschirm win7 Frst. log gemacht bitte um Auswertung
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (12)
  13. "Weißer Bildschirm Trojaner", Nach dem Windowsstart nur weißer Bildschirm!
    Log-Analyse und Auswertung - 01.09.2012 (1)
  14. Trojaner, weißer Bildschirm, auch abgesicherter Modus (OTL Logfile bereits vorhanden)
    Log-Analyse und Auswertung - 18.08.2012 (9)
  15. Trojaner: Weißer Bildschirm
    Log-Analyse und Auswertung - 03.06.2012 (1)
  16. OTL.TXT bereits vorhanden weißer bildschirm REATOGO-X-PE
    Plagegeister aller Art und deren Bekämpfung - 20.04.2012 (5)
  17. 50€ Trojaner, weißer Bildschirm ...Verbinung wird hergestellt... OTL.txt vorhanden
    Plagegeister aller Art und deren Bekämpfung - 08.04.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) - Hallo, habe ich einen Patienten hier bei dem eigentlich nur noch der berühmte weiße Bildschirm zu sehen ist. Ich hab echt kein Plan was genau ihr da immer aus dem - Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)...
Archiv
Du betrachtest: Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130