Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Viren gefunden - Logdatei auswerten

Viren gefunden - Logdatei auswerten


Log-Analyse und Auswertung: Viren gefunden - Logdatei auswerten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.08.2013, 17:39   #13
MisterP
 
Viren gefunden - Logdatei auswerten - Standard

Viren gefunden - Logdatei auswerten


Oh sorry, bin nach der verlinkten Anleitung vom Programm Hitman verfahren.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013
Ran by NAME (administrator) on 07-08-2013 18:32:59
Running from C:\Users\NAME\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Meine Programme\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Meine Programme\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Meine Programme\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Meine Programme\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-02-16] (Lenovo)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-02-16] (Lenovo)
HKLM-x32\...\Run: [avgnt] - C:\Meine Programme\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [226920 2011-03-06] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\ldtoh93l.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.finanzen.net/rohstoffe/goldpreis/euro
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\NAME\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\ldtoh93l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Meine Programme\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Meine Programme\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Meine Programme\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-02-15] (Broadcom Corporation.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [39768 2013-04-04] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-28] (DT Soft Ltd)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U2 CLKMSVC10_3A60B698; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
U2 IAStorDataMgrSvc; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 Oasis2Service; 
U2 PCCarerServic; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SoftwareService; 
U2 Stereo Service; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-07 18:30 - 2013-08-07 18:30 - 00001936 _____ C:\Users\NAME\Desktop\HitmanPro_20130807_1830.log
2013-08-07 17:58 - 2013-08-07 18:00 - 00005958 _____ C:\Users\NAME\Desktop\HitmanPro_20130807_1758.log
2013-08-07 17:57 - 2013-08-07 17:57 - 00000806 _____ C:\windows\system32\.crusader
2013-08-07 17:53 - 2013-08-07 17:58 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-07 17:52 - 2013-08-07 17:53 - 09853928 _____ (SurfRight B.V.) C:\Users\NAME\Desktop\HitmanPro_x64(1).exe
2013-08-07 17:52 - 2013-08-07 17:52 - 09853928 _____ (SurfRight B.V.) C:\Users\NAME\Desktop\HitmanPro_x64.exe
2013-08-07 17:49 - 2013-08-07 17:41 - 00000967 _____ C:\Users\NAME\Desktop\AdwCleaner[S2].txt
2013-08-07 17:48 - 2013-08-07 17:49 - 00000801 _____ C:\Users\NAME\Desktop\JRT.txt
2013-08-07 17:42 - 2013-08-07 17:42 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\NAME\Desktop\JRT.exe
2013-08-07 17:42 - 2013-08-07 17:42 - 00000000 ____D C:\windows\ERUNT
2013-08-07 17:39 - 2013-08-07 17:39 - 00000999 _____ C:\Users\NAME\Desktop\1.txt
2013-08-07 17:37 - 2013-08-07 17:41 - 00000967 _____ C:\AdwCleaner[S2].txt
2013-08-07 17:37 - 2013-08-07 17:37 - 00666633 _____ C:\Users\NAME\Desktop\adwcleaner.exe
2013-08-07 17:16 - 2013-08-07 17:16 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\NAME\Desktop\tdsskiller.exe
2013-08-07 17:15 - 2013-08-07 17:15 - 00012780 _____ C:\Users\NAME\Desktop\a.txt
2013-08-07 17:11 - 2013-08-07 17:15 - 00012780 _____ C:\ComboFix.txt
2013-08-07 17:01 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2013-08-07 17:01 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2013-08-07 17:01 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-08-07 17:01 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-08-07 17:01 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-08-07 17:01 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2013-08-07 17:01 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2013-08-07 17:01 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2013-08-07 17:00 - 2013-08-07 17:11 - 00000000 ____D C:\Qoobox
2013-08-07 17:00 - 2013-08-07 17:09 - 00000000 ____D C:\windows\erdnt
2013-08-07 16:58 - 2013-08-07 16:59 - 05100713 ____R (Swearware) C:\Users\NAME\Desktop\ComboFix.exe
2013-08-07 16:56 - 2013-08-07 17:38 - 00001312 _____ C:\windows\PFRO.log
2013-08-07 16:51 - 2013-08-07 16:51 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-07 16:51 - 2013-08-07 16:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-07 16:46 - 2013-08-07 16:52 - 00000000 ____D C:\Users\NAME~1\AppData\Local\Adobe
2013-08-07 16:46 - 2013-08-07 16:48 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-08-07 16:46 - 2013-08-07 16:48 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-05 20:33 - 2013-08-05 20:34 - 00011171 _____ C:\AdwCleaner[S1].txt
2013-08-05 20:33 - 2013-08-05 20:33 - 00012450 _____ C:\AdwCleaner[R1].txt
2013-08-05 20:29 - 2013-08-07 17:59 - 00000504 _____ C:\windows\setupact.log
2013-08-05 20:29 - 2013-08-05 20:29 - 00000000 _____ C:\windows\setuperr.log
2013-08-05 20:10 - 2013-08-05 20:10 - 00000000 ____D C:\Users\NAME~1\AppData\Local\Macromedia
2013-08-05 20:09 - 2013-08-05 20:09 - 00000000 ____D C:\Users\NAME~1\AppData\Local\Mozilla
2013-08-05 18:05 - 2013-08-05 18:05 - 00000000 ____D C:\FRST
2013-08-05 16:39 - 2013-08-05 16:39 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-05 16:39 - 2013-08-05 16:39 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Malwarebytes
2013-08-05 16:39 - 2013-08-05 16:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-05 16:39 - 2013-08-05 16:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 16:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-08-05 14:13 - 2013-08-05 18:44 - 00000000 ____D C:\Users\NAME\Desktop\Abstellordner
2013-07-15 22:26 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-15 22:26 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-15 22:26 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-15 22:26 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-15 22:26 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-15 22:26 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-15 22:26 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-15 22:26 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-15 22:26 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-15 22:26 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-15 22:26 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-15 22:26 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-15 22:26 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-15 22:26 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-15 22:26 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-15 22:26 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-15 22:26 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-15 22:26 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-15 22:26 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-15 22:26 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-15 22:26 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-15 22:25 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 21:08 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 21:08 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 21:08 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 21:08 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 21:06 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 21:01 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 21:01 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
106

==================== One Month Modified Files and Folders =======

2013-08-07 18:32 - 2013-08-07 18:32 - 01788943 _____ (Farbar) C:\Users\NAME\Desktop\FRST64.exe
2013-08-07 18:30 - 2013-08-07 18:30 - 00001936 _____ C:\Users\NAME\Desktop\HitmanPro_20130807_1830.log
2013-08-07 18:26 - 2009-07-14 06:45 - 00021072 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-07 18:26 - 2009-07-14 06:45 - 00021072 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-07 18:24 - 2012-02-17 01:45 - 00654400 _____ C:\windows\system32\perfh007.dat
2013-08-07 18:24 - 2012-02-17 01:45 - 00130240 _____ C:\windows\system32\perfc007.dat
2013-08-07 18:24 - 2009-07-14 07:13 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-07 18:02 - 2012-02-16 17:54 - 01514870 _____ C:\windows\WindowsUpdate.log
2013-08-07 18:00 - 2013-08-07 17:58 - 00005958 _____ C:\Users\NAME\Desktop\HitmanPro_20130807_1758.log
2013-08-07 17:59 - 2013-08-05 20:29 - 00000504 _____ C:\windows\setupact.log
2013-08-07 17:59 - 2012-02-16 18:40 - 00130643 _____ C:\windows\system32\fastboot.set
2013-08-07 17:59 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-07 17:58 - 2013-08-07 17:53 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-07 17:57 - 2013-08-07 17:57 - 00000806 _____ C:\windows\system32\.crusader
2013-08-07 17:53 - 2013-08-07 17:52 - 09853928 _____ (SurfRight B.V.) C:\Users\NAME\Desktop\HitmanPro_x64(1).exe
2013-08-07 17:52 - 2013-08-07 17:52 - 09853928 _____ (SurfRight B.V.) C:\Users\NAME\Desktop\HitmanPro_x64.exe
2013-08-07 17:49 - 2013-08-07 17:48 - 00000801 _____ C:\Users\NAME\Desktop\JRT.txt
2013-08-07 17:42 - 2013-08-07 17:42 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\NAME\Desktop\JRT.exe
2013-08-07 17:42 - 2013-08-07 17:42 - 00000000 ____D C:\windows\ERUNT
2013-08-07 17:41 - 2013-08-07 17:49 - 00000967 _____ C:\Users\NAME\Desktop\AdwCleaner[S2].txt
2013-08-07 17:41 - 2013-08-07 17:37 - 00000967 _____ C:\AdwCleaner[S2].txt
2013-08-07 17:39 - 2013-08-07 17:39 - 00000999 _____ C:\Users\NAME\Desktop\1.txt
2013-08-07 17:38 - 2013-08-07 16:56 - 00001312 _____ C:\windows\PFRO.log
2013-08-07 17:37 - 2013-08-07 17:37 - 00666633 _____ C:\Users\NAME\Desktop\adwcleaner.exe
2013-08-07 17:16 - 2013-08-07 17:16 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\NAME\Desktop\tdsskiller.exe
2013-08-07 17:15 - 2013-08-07 17:15 - 00012780 _____ C:\Users\NAME\Desktop\a.txt
2013-08-07 17:15 - 2013-08-07 17:11 - 00012780 _____ C:\ComboFix.txt
2013-08-07 17:11 - 2013-08-07 17:00 - 00000000 ____D C:\Qoobox
2013-08-07 17:09 - 2013-08-07 17:00 - 00000000 ____D C:\windows\erdnt
2013-08-07 17:08 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2013-08-07 16:59 - 2013-08-07 16:58 - 05100713 ____R (Swearware) C:\Users\NAME\Desktop\ComboFix.exe
2013-08-07 16:55 - 2012-04-07 22:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-07 16:52 - 2013-08-07 16:46 - 00000000 ____D C:\Users\NAME~1\AppData\Local\Adobe
2013-08-07 16:51 - 2013-08-07 16:51 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-07 16:51 - 2013-08-07 16:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-07 16:51 - 2012-04-09 17:41 - 00000000 ____D C:\ProgramData\Adobe
2013-08-07 16:48 - 2013-08-07 16:46 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-08-07 16:48 - 2013-08-07 16:46 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-05 20:34 - 2013-08-05 20:33 - 00011171 _____ C:\AdwCleaner[S1].txt
2013-08-05 20:34 - 2013-04-02 15:01 - 00000828 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-05 20:34 - 2013-04-02 14:19 - 00000862 _____ C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-08-05 20:34 - 2012-04-07 21:07 - 00001009 _____ C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-05 20:33 - 2013-08-05 20:33 - 00012450 _____ C:\AdwCleaner[R1].txt
2013-08-05 20:29 - 2013-08-05 20:29 - 00000000 _____ C:\windows\setuperr.log
2013-08-05 20:22 - 2012-02-16 18:46 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-08-05 20:14 - 2012-04-07 22:49 - 00000000 ____D C:\Users\NAME\Desktop\Fotos
2013-08-05 20:10 - 2013-08-05 20:10 - 00000000 ____D C:\Users\NAME~1\AppData\Local\Macromedia
2013-08-05 20:09 - 2013-08-05 20:09 - 00000000 ____D C:\Users\NAME~1\AppData\Local\Mozilla
2013-08-05 20:06 - 2012-05-26 14:36 - 00001312 _____ C:\Users\NAME\Desktop\eXtra4.lnk
2013-08-05 18:44 - 2013-08-05 14:13 - 00000000 ____D C:\Users\NAME\Desktop\Abstellordner
2013-08-05 18:05 - 2013-08-05 18:05 - 00000000 ____D C:\FRST
2013-08-05 16:39 - 2013-08-05 16:39 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-05 16:39 - 2013-08-05 16:39 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Malwarebytes
2013-08-05 16:39 - 2013-08-05 16:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-05 16:39 - 2013-08-05 16:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 14:17 - 2013-06-28 19:09 - 00000000 ____D C:\Users\NAME\AppData\Roaming\DAEMON Tools Lite
2013-08-05 14:17 - 2011-02-22 13:19 - 00000000 ____D C:\windows\Panther
2013-08-05 14:15 - 2013-04-25 17:06 - 00002790 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-08-05 14:15 - 2012-04-07 22:14 - 00000796 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-05 14:07 - 2012-04-07 21:03 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-08-05 14:07 - 2012-02-16 18:22 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-08-05 14:07 - 2012-02-16 18:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-16 11:00 - 2009-07-14 06:45 - 00283160 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 10:59 - 2013-03-17 17:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 10:59 - 2013-03-17 17:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-15 23:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-15 23:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-15 23:47 - 2011-09-29 05:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-15 09:45 - 2012-04-26 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-04 20:38

==================== End Of Log ============================
--- --- ---
 

Themen zu Viren gefunden - Logdatei auswerten
anhang, auswerten, bekannte, erkenne, funde, gefunde, laptop, logdatei, malwarebytes, programm, pup.babylon.a, pup.optional.amonetize, pup.optional.dealply.a, pup.optional.delta.a, quarantäne, recht, schonmal, säubern, trojan.pup.optional.filescout.a, unerfahren, zugehörige


« Firefox öffnet ständig neue Seiten...Computer reagiert sehr langsam | Windows XP bzw. Betriebssystem unabhängig, Rootkit plagt selbst nach Formatierung »


Ähnliche Themen: Viren gefunden - Logdatei auswerten


  1. combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT
    Mülltonne - 19.12.2012 (1)
  2. 9 Viren mit Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (12)
  3. 15 Viren gefunden was nun?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (2)
  4. 2 TR/PSW Viren gefunden
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (1)
  5. 74 Viren gefunden, Firewall down, 95p und Media.. Viren
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (1)
  6. 23 Viren gefunden
    Log-Analyse und Auswertung - 26.12.2011 (2)
  7. Trojaner und Viren gefunden
    Log-Analyse und Auswertung - 29.06.2011 (6)
  8. Virus gefunden! Wer kann HijackThis-Datei auswerten?
    Log-Analyse und Auswertung - 30.06.2009 (1)
  9. Kann das mal jemand auswerten bitte hab da was gefunden
    Mülltonne - 18.12.2008 (0)
  10. Trojaner & Viren gefunden!
    Plagegeister aller Art und deren Bekämpfung - 26.11.2008 (0)
  11. Trojaner Spy.Gen gefunden, kann mir jemand die Logfile auswerten?
    Mülltonne - 27.10.2008 (0)
  12. tr/vundo.gen gefunden! bitte hjt auswerten!
    Mülltonne - 26.07.2008 (0)
  13. 5 Viren gefunden
    Mülltonne - 10.07.2008 (0)
  14. Viren/Trojaner gefunden
    Plagegeister aller Art und deren Bekämpfung - 15.02.2007 (12)
  15. Bitte Log-File auswerten!!Viren Meldung!!
    Log-Analyse und Auswertung - 03.08.2006 (3)
  16. 4 viren gefunden
    Plagegeister aller Art und deren Bekämpfung - 22.06.2005 (24)
  17. Viren gefunden, was tun??
    Plagegeister aller Art und deren Bekämpfung - 23.02.2005 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Viren gefunden - Logdatei auswerten - Oh sorry, bin nach der verlinkten Anleitung vom Programm Hitman verfahren. FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 Ran - Viren gefunden - Logdatei auswerten...
Archiv
Du betrachtest: Viren gefunden - Logdatei auswerten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19