Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Brauche Fixlist für Farbar

Brauche Fixlist für Farbar


Plagegeister aller Art und deren Bekämpfung: Brauche Fixlist für Farbar

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.07.2013, 17:10   #1
themk777
 
Brauche Fixlist für Farbar - Standard

Brauche Fixlist für Farbar


Habe auch den "polizei" Trojaner und mich hier ein bisschen durchgelesen, aber
nicht herausgefunden wie ich die fixlist erstelle...
so habe ich einfach meinen Scan gemacht und hier ist der Code.
Vielen Dank im Vorraus für die Fixlist

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by SYSTEM on 18-07-2013 17:38:49
Running from G:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\Markus\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-11-23] (OCS)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] D:\Windows\system32\userinit.exe,
HKLM-x32\...\Run: [SunJavaUpdateSched] - "D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - "D:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [x]
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [x]
HKU\Default\...\RunOnce: [mctadmin] - D:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Markus\...\Run: [Skype] - "D:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [19549320 2011-10-13] (Skype Technologies S.A.)
HKU\Markus\...\Run: [Steam] - "C:\Programme\Steam\Steam.exe" -silent [x]
HKU\Markus\...\Run: [DAEMON Tools Lite] - "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKU\Markus\...\Run: [LOLReplay Recorder] - "C:\Spiele\LOLReplay\LOLRecorder.exe" -minimize [x]
HKU\Markus\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - D:\Users\Markus\AppData\Local\Temp\ymtvsujdigsknitju.exe [61440 2013-07-18] (NVIDIA Corporation) <===== ATTENTION
HKU\Markus\...\Winlogon: [Shell] cmd.exe [345088 2010-11-21] (Microsoft Corporation) <==== ATTENTION 
HKU\Markus\...\Command Processor: "D:\Users\Markus\AppData\Local\Temp\ymtvsujdigsknitju.exe" <===== ATTENTION!
HKU\UpdatusUser\...\RunOnce: [mctadmin] - D:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)

==================== Services (Whitelisted) =================

S2 AdobeARMservice; "D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [x]
S2 Apple Mobile Device; "D:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [x]
S2 avast! Antivirus; "D:\Program Files\AVAST Software\Avast\AvastSvc.exe" [x]
S2 Bonjour Service; "D:\Program Files\Bonjour\mDNSResponder.exe" [x]
S2 clr_optimization_v4.0.30319_32; D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x]
S2 clr_optimization_v4.0.30319_64; D:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [x]
S3 gusvc; "D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [x]
S3 iPod Service; "D:\Program Files\iPod\bin\iPodService.exe" [x]
S3 McComponentHostService; "D:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [x]
S4 NetMsmqActivator; "D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
S4 NetPipeActivator; D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
S4 NetTcpActivator; D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
S4 NetTcpPortSharing; D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
S2 nvsvc; "D:\Windows\system32\nvvsvc.exe" [x]
S2 nvUpdatusService; "D:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [x]
S2 PSI_SVC_2; "d:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [x]
S2 SearchAnonymizer; "D:\Users\Markus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe" [x]
S3 Steam Client Service; D:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [x]
S2 Stereo Service; "D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [x]
S3 TunngleService; c:\spiele\Tunngle\TnglCtrl.exe [x]
S2 wlidsvc; "D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2011-09-06] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-09-06] (AVAST Software)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [601944 2011-09-06] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [301912 2011-09-06] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [58200 2011-09-06] (AVAST Software)
S2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2012-01-31] (CACE Technologies)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-10-20] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S2 aswMonFlt; \??\D:\Windows\system32\drivers\aswMonFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 17:38 - 2013-07-18 17:38 - 00000000 ____D C:\FRST
2013-07-18 15:52 - 2013-07-18 15:52 - 00393543 _____ C:\Users\Markus\AppData\Roaming\2433f433
2013-07-18 15:52 - 2013-07-18 15:52 - 00393525 _____ C:\ProgramData\2433f433
2013-07-18 15:52 - 2013-07-18 15:52 - 00393480 _____ C:\Users\Markus\AppData\Local\2433f433
2013-07-12 02:06 - 2013-06-12 00:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 02:06 - 2013-06-12 00:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 02:06 - 2013-06-12 00:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 02:06 - 2013-06-12 00:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 02:06 - 2013-06-12 00:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 02:06 - 2013-06-12 00:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 02:06 - 2013-06-12 00:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 02:06 - 2013-06-12 00:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 02:06 - 2013-06-12 00:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 02:06 - 2013-06-12 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 02:06 - 2013-06-12 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 02:06 - 2013-06-12 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 02:06 - 2013-06-12 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 02:06 - 2013-06-12 00:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-12 02:06 - 2013-06-12 00:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-12 02:06 - 2013-06-12 00:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-12 02:06 - 2013-06-12 00:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-12 02:06 - 2013-06-12 00:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-12 02:06 - 2013-06-11 23:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 02:06 - 2013-06-11 23:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-12 02:06 - 2013-06-07 04:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-12 02:06 - 2013-06-07 03:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 20:13 - 2013-06-04 07:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-11 20:13 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 20:13 - 2013-05-06 07:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-11 20:13 - 2013-05-06 05:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 20:12 - 2013-06-05 04:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-11 20:12 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 20:12 - 2013-04-02 23:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-07 21:35 - 2013-07-07 21:35 - 00042311 _____ C:\Users\Markus\Downloads\TS3MusicBot-plugin.rar
2013-07-07 21:35 - 2013-07-07 21:35 - 00000000 ____D C:\Users\Markus\Desktop\1.8
2013-07-03 08:04 - 2013-07-03 08:04 - 64922258 _____ C:\Users\Markus\Desktop\Werkstofftechnik.zip
2013-07-01 15:32 - 2013-07-01 15:32 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 15:30 - 2013-06-21 13:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-01 15:30 - 2013-06-21 13:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-01 15:30 - 2013-06-21 13:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-01 15:29 - 2013-07-01 15:29 - 00000000 ____D C:\NVIDIA
2013-07-01 15:28 - 2013-07-01 15:28 - 00000000 ____D C:\Users\Markus\AppData\Local\NVIDIA
2013-06-30 11:33 - 2013-06-30 11:33 - 84167392 _____ C:\Users\Markus\Downloads\BattleForgeInstall.exe
2013-06-30 11:32 - 2013-06-30 11:32 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-06-29 10:59 - 2013-06-29 11:00 - 14925176 _____ (Last.fm                                                     ) C:\Users\Markus\Downloads\Last.fm-2.1.35.exe
2013-06-24 20:01 - 2013-06-24 20:01 - 01720508 _____ C:\Users\Markus\troll.wav
2013-06-21 04:16 - 2013-06-21 04:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-19 19:34 - 2013-06-19 19:34 - 55854060 _____ C:\Users\Markus\Downloads\Werkstofftechnik Dani.rar

==================== One Month Modified Files and Folders =======

2013-07-18 17:38 - 2013-07-18 17:38 - 00000000 ____D C:\FRST
2013-07-18 16:29 - 2011-10-16 19:04 - 01215614 _____ C:\Windows\WindowsUpdate.log
2013-07-18 16:29 - 2009-07-14 05:45 - 00022032 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 16:29 - 2009-07-14 05:45 - 00022032 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 16:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 16:25 - 2011-11-03 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-18 16:25 - 2009-07-14 05:51 - 00399232 _____ C:\Windows\setupact.log
2013-07-18 16:01 - 2009-07-14 05:45 - 00024576 _____ C:\Windows\System32\umstartup.etl
2013-07-18 15:52 - 2013-07-18 15:52 - 00393543 _____ C:\Users\Markus\AppData\Roaming\2433f433
2013-07-18 15:52 - 2013-07-18 15:52 - 00393525 _____ C:\ProgramData\2433f433
2013-07-18 15:52 - 2013-07-18 15:52 - 00393480 _____ C:\Users\Markus\AppData\Local\2433f433
2013-07-18 15:48 - 2011-10-16 20:17 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Skype
2013-07-18 15:16 - 2011-10-16 20:26 - 00000000 ____D C:\Users\Markus\AppData\Local\PMB Files
2013-07-18 15:16 - 2011-10-16 20:26 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-18 10:40 - 2011-10-16 19:38 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Dropbox
2013-07-17 21:05 - 2011-10-18 14:45 - 00000000 ____D C:\Users\Markus\AppData\Roaming\TS3Client
2013-07-16 01:04 - 2012-11-09 12:29 - 00000000 ____D C:\Users\Markus\AppData\Local\CrashDumps
2013-07-14 23:00 - 2012-01-09 14:36 - 00000000 ____D C:\Users\Markus\AppData\Local\PokerStars.EU
2013-07-14 22:54 - 2012-01-28 11:59 - 00732160 ___SH C:\Users\Markus\Thumbs.db
2013-07-14 22:53 - 2011-10-16 19:33 - 00000000 ____D C:\users\Markus
2013-07-12 10:05 - 2009-07-14 05:45 - 00294952 _____ C:\Windows\System32\FNTCACHE.DAT
2013-07-12 10:04 - 2013-03-13 18:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 10:04 - 2013-03-13 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 02:10 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 02:10 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 02:10 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-09 16:06 - 2011-10-16 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-09 15:52 - 2012-09-26 14:33 - 00000000 ____D C:\Users\Markus\Documents\Guild Wars 2
2013-07-07 21:36 - 2011-10-16 20:16 - 00000000 ____D C:\Users\Markus\AppData\Roaming\TeraCopy
2013-07-07 21:35 - 2013-07-07 21:35 - 00042311 _____ C:\Users\Markus\Downloads\TS3MusicBot-plugin.rar
2013-07-07 21:35 - 2013-07-07 21:35 - 00000000 ____D C:\Users\Markus\Desktop\1.8
2013-07-03 08:04 - 2013-07-03 08:04 - 64922258 _____ C:\Users\Markus\Desktop\Werkstofftechnik.zip
2013-07-01 15:32 - 2013-07-01 15:32 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 15:32 - 2011-11-03 00:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 15:29 - 2013-07-01 15:29 - 00000000 ____D C:\NVIDIA
2013-07-01 15:28 - 2013-07-01 15:28 - 00000000 ____D C:\Users\Markus\AppData\Local\NVIDIA
2013-07-01 15:24 - 2011-11-03 00:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-06-30 11:53 - 2012-01-17 13:11 - 00000000 ____D C:\Users\Markus\Documents\BattleForge
2013-06-30 11:33 - 2013-06-30 11:33 - 84167392 _____ C:\Users\Markus\Downloads\BattleForgeInstall.exe
2013-06-30 11:32 - 2013-06-30 11:32 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-06-29 11:00 - 2013-06-29 10:59 - 14925176 _____ (Last.fm                                                     ) C:\Users\Markus\Downloads\Last.fm-2.1.35.exe
2013-06-24 20:01 - 2013-06-24 20:01 - 01720508 _____ C:\Users\Markus\troll.wav
2013-06-22 23:20 - 2013-01-17 17:18 - 00000000 ____D C:\Users\Markus\Documents\Euro Truck Simulator 2
2013-06-21 13:06 - 2013-07-01 15:30 - 27781920 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 11235104 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 13:06 - 2013-07-01 15:30 - 09239344 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 07641832 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 02953504 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 02363680 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 01832224 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 00572704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 00570656 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 13:06 - 2013-07-01 15:30 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 13:06 - 2013-02-25 23:32 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 13:06 - 2012-02-21 18:45 - 15144928 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 13:06 - 2012-02-21 18:45 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 13:06 - 2011-05-21 06:01 - 02936208 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 13:06 - 2011-05-21 06:01 - 00021578 _____ C:\Windows\System32\nvinfo.pb
2013-06-21 13:06 - 2009-07-13 22:59 - 15920536 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 13:06 - 2009-06-10 21:37 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 11:23 - 2011-11-03 00:24 - 06496544 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 11:23 - 2011-11-03 00:24 - 03514656 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 11:23 - 2011-11-03 00:24 - 02555680 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 11:23 - 2011-11-03 00:24 - 00884512 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 11:23 - 2011-11-03 00:24 - 00237856 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 11:23 - 2011-11-03 00:24 - 00063776 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 04:16 - 2013-06-21 04:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 19:08 - 2011-04-12 08:43 - 01711148 _____ C:\Windows\System32\perfh007.dat
2013-06-20 19:08 - 2011-04-12 08:43 - 00464978 _____ C:\Windows\System32\perfc007.dat
2013-06-20 19:08 - 2009-07-14 06:13 - 00006458 _____ C:\Windows\System32\PerfStringBackup.INI
2013-06-19 19:34 - 2013-06-19 19:34 - 55854060 _____ C:\Users\Markus\Downloads\Werkstofftechnik Dani.rar

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4094.49 MB
Available physical RAM: 3451.34 MB
Total Pagefile: 4092.69 MB
Available Pagefile: 3435.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.83 GB) (Free:2.23 GB) NTFS (Disk=0 Partition=2)
Drive e: () (Fixed) (Total:547.24 GB) (Free:142.02 GB) NTFS (Disk=0 Partition=3)
Drive g: (INTENSO) (Removable) (Total:3.77 GB) (Free:1.05 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: FF252D57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=547 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)


LastRegBack: 2013-07-03 08:40

==================== End Of Log ============================

 

Themen zu Brauche Fixlist für Farbar
adobe, antivirus, association, avast, bonjour, desktop, euro, explorer, farbar, farbar recovery scan tool, frst.txt, google, log, lws.exe, microsoft, mozilla, nvidia, programme, registry, scan, secure, security, services.exe, software, system, temp, trojaner, windows xp, winlogon, winlogon.exe


« Bei mir erschien heute: "Auf ihrem PC wurde Spyware entdeckt" | Weißer Bildschirm Windows 7/FRST-Log »


Ähnliche Themen: Brauche Fixlist für Farbar


  1. Bundestrojaner Fixlist
    Log-Analyse und Auswertung - 01.07.2014 (4)
  2. FRST.exe (Farbar) -> probably unknown NewHeur_PE virus [7] ?
    Log-Analyse und Auswertung - 13.04.2014 (5)
  3. Bundestrojaner, benötige fixlist.txt
    Log-Analyse und Auswertung - 28.03.2014 (7)
  4. Bundestrojaner Fixlist
    Log-Analyse und Auswertung - 16.03.2014 (5)
  5. Interpool Trojaner, brauche Fixlist.txt
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (3)
  6. Windows 7 GVU Sperrung / Farbar Log Vorhanden
    Plagegeister aller Art und deren Bekämpfung - 21.11.2013 (3)
  7. BKA-Trojaner benötige Fixlist.txt
    Plagegeister aller Art und deren Bekämpfung - 19.11.2013 (9)
  8. Interpol Virus - wie erstelle ich den Fixlist.txt ?
    Log-Analyse und Auswertung - 14.10.2013 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Brauche Fixlist für Farbar - Habe auch den "polizei" Trojaner und mich hier ein bisschen durchgelesen, aber nicht herausgefunden wie ich die fixlist erstelle... so habe ich einfach meinen Scan gemacht und hier ist der - Brauche Fixlist für Farbar...
Archiv
Du betrachtest: Brauche Fixlist für Farbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131