Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
BKA Trojaner auf meinem Rechner

BKA Trojaner auf meinem Rechner


Log-Analyse und Auswertung: BKA Trojaner auf meinem Rechner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.09.2013, 19:35   #1
mibi
 
BKA Trojaner auf meinem Rechner - Standard

BKA Trojaner auf meinem Rechner


Hallo,
habe den Scan durchgeführt.
Hier die Text-Datei


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013
Ran by SYSTEM on MININT-53ONIBA on 26-09-2013 18:17:04
Running from G:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [592240 2011-01-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-10-01] ()
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [OfficeScanNT Monitor] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe [1705296 2010-06-25] (Trend Micro Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] - C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini [324 2012-03-31] ()
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1167360 2009-08-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMFBoxMonitor] - C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2011-08-25] ()
HKLM-x32\...\Run: [SMB50StarMoneyRunEntry] - C:\Program Files (x86)\StarMoney Business 5.0 Commerzbank-Edition\app\oflagent.exe [56976 2013-08-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [518640 2010-09-03] ()
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [892928 2012-07-12] (Sony Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKU\Mipo\...\Run: [1&1_1&1 Office-Drive Manager] - C:\Program Files (x86)\1&1\1&1 Office-Drive Manager\DAVSRV.EXE [993392 2012-09-24] (1&1 Internet AG)
HKU\Mipo\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [455608 2013-05-23] (TomTom)
HKU\Mipo\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
HKU\Mipo\...\Winlogon: [Shell] explorer.exe,C:\Users\Mipo\AppData\Roaming\cache.dat [71680 2013-08-02] () <==== ATTENTION 
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Mipo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [511920 2011-07-22] (REINER SCT)
S2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
S2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 Megatech-Software-Protection; C:\Program Files (x86)\Common Files\Megatech\MProtect\MPSERV.EXE [36864 2007-12-12] ()
S2 MSSQLSERVER; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S2 ntrtscan; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe [1835912 2010-06-22] (Trend Micro Inc.)
S2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 5.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
S2 svcGenericHost; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [45056 2010-07-05] (Trend Micro Inc.)
S2 tmlisten; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe [2057096 2010-06-22] (Trend Micro Inc.)
S3 TmPfw; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exe [595960 2009-07-15] (Trend Micro Inc.)
S3 TmProxy; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe [917768 2009-07-15] (Trend Micro Inc.)
S2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
S2 msftesql; "c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:MSSQLSERVER [x]

==================== Drivers (Whitelisted) ====================

S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
S2 TmFilter; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [265744 2010-05-11] (Trend Micro Inc.)
S1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [200720 2009-07-15] (Trend Micro Inc.)
S2 TmPreFilter; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys [42000 2010-05-11] (Trend Micro Inc.)
S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-07-15] (Trend Micro Inc.)
S2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [339984 2009-07-15] (Trend Micro Inc.)
S1 ui11drdr; C:\Windows\System32\DRIVERS\ui11drdr.sys [201072 2012-09-24] (1&1 Internet AG)
S2 VSApiNt; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys [2007056 2010-05-11] (Trend Micro Inc.)
S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hardlock.sys D619BA1712B83D14149850E758B835AD
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D469B77687E12FE43E344806740B624D
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\iBtFltCoex.sys E44F0B4DC753C14930B8DC48BB7A1644
C:\Windows\System32\DRIVERS\igdkmd64.sys 0AC9E321D604BE48A0D72B69BA484BDC
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys A9853214CC97796579D75B1F59C51DCD
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 035C83CD72E06C47000793D32B1A642D
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys 5D262402B0634C998F8CBCEAD7DD8676
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\ccdcmbx64.sys 907B5E1E4A592E5EDC5E4CCBDE4863C2
C:\Windows\System32\drivers\ccdcmbox64.sys 41C1AC1F3613435EB32D67BCB80A5FA5
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\DRIVERS\nusb3hub.sys A7127E86F9FFE2A53E271B56B2C4CEDF
C:\Windows\System32\DRIVERS\nusb3xhc.sys 49BBEC6F48D5F9284B03ABF3A959B19B
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys BC0018C2D29F655188A0ED3FA94FDB24
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 135A64530D7699AD48F29D73A658DD11
C:\Windows\System32\DRIVERS\Rt64win7.sys A73ED14670220307874AD6BC2F279349
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssadbus.sys 8F8324ED1DE63FFC7B1A02CD2D963C72
C:\Windows\System32\DRIVERS\ssadmdfl.sys 58221EFCB74167B73667F0024C661CE0
C:\Windows\System32\DRIVERS\ssadmdm.sys 4DA7C71BFAC5AD71255B7E4CAB980163
C:\Windows\System32\DRIVERS\ssudmdm.sys AD42CA614E086BCADBD53FFFC404AC24
C:\Windows\System32\DRIVERS\stdcfltn.sys 92E7F6666633D2DD91D527503DAA7BE0
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys 2D5ADAF5BF9F3EB97BDA7C250A638EBF
C:\Windows\System32\DRIVERS\tmlwf.sys 35A6AEB61C7CF21B10CC05BDA47339B5
c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys 3DC786F0A14A6262C3F0F366B34F687F
C:\Windows\System32\DRIVERS\tmtdi.sys 21CC12B7F8B44E91D03EAD5B17AAF0B2
C:\Windows\System32\DRIVERS\tmwfp.sys A4670E50C15D7BCE7226E4B62700DF09
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ui11drdr.sys 4AD47E4A6AEBB8D2D54414BCDAC0AA38
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys 4E93C8496359E97830C75AC36393654D
C:\Windows\System32\Drivers\usbaapl64.sys FB251567F41BC61988B26731DEC19E4B
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2
C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys 8844CB19A37B65E27049D4A7786726A9
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
c:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys 742421E475FED2B000EFB5BDAD9CFEAE
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\WDKMD.sys 94DC2BF6CBAAA95E369C3756D3115A76
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys 3762B4C538B9D710F85042849C20319F
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys 3762B4C538B9D710F85042849C20319F
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys 3762B4C538B9D710F85042849C20319F

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2013-09-26 18:16 - 2013-09-26 18:16 - 00000000 ____D C:\FRST
2013-09-26 05:44 - 2013-09-26 05:53 - 00000004 _____ C:\Users\Mipo\AppData\Roaming\cache.ini
2013-09-26 05:43 - 2013-09-26 05:43 - 00053199 _____ C:\Users\Mipo\Downloads\movie1080p.mkv (1).zip
2013-09-26 05:42 - 2013-09-26 05:43 - 00053199 _____ C:\Users\Mipo\Downloads\movie1080p.mkv.zip
2013-09-11 14:44 - 2013-08-10 06:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-11 14:44 - 2013-08-10 06:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-11 14:44 - 2013-08-10 06:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-09-11 14:44 - 2013-08-10 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-09-11 14:44 - 2013-08-10 04:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 14:44 - 2013-08-10 04:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 14:44 - 2013-08-10 04:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-09-11 14:44 - 2013-08-10 04:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 14:44 - 2013-08-10 03:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-11 14:44 - 2013-08-10 03:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 14:43 - 2013-08-10 06:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-11 14:43 - 2013-08-10 06:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-11 14:43 - 2013-08-10 06:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-09-11 14:43 - 2013-08-10 06:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-11 14:43 - 2013-08-10 04:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 14:43 - 2013-08-10 04:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 14:43 - 2013-08-10 04:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 14:43 - 2013-08-10 04:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 06:18 - 2013-08-08 02:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-09-11 06:18 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-09-11 06:18 - 2013-08-02 03:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-09-11 06:18 - 2013-08-02 03:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-09-11 06:18 - 2013-08-02 03:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-09-11 06:18 - 2013-08-02 03:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-09-11 06:18 - 2013-08-02 03:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-09-11 06:18 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-09-11 06:18 - 2013-08-02 03:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-09-11 06:18 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-09-11 06:18 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 06:18 - 2013-08-02 02:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 06:18 - 2013-08-02 02:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 06:18 - 2013-08-02 02:51 - 00071680 _____ C:\Users\Mipo\AppData\Roaming\cache.dat
2013-09-11 06:18 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 06:18 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 06:18 - 2013-08-02 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-09-11 06:18 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-09-11 06:18 - 2013-08-02 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 06:18 - 2013-08-02 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 06:18 - 2013-08-02 01:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 06:18 - 2013-08-02 01:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 06:18 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 06:18 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 06:17 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-09-11 06:17 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-09-11 06:17 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 06:17 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-05 14:51 - 2013-09-05 14:51 - 00002898 _____ C:\Windows\System32\Tasks\{D966B03F-C560-45E8-B704-E939C4ADBD79}
2013-08-30 08:33 - 2010-05-31 06:32 - 04225160 _____ (Amyuni Technologies
2013-08-29 08:39 - 2013-08-29 08:39 - 00000000 ____H C:\Users\Mipo\Documents\Default.rdp
2013-08-29 06:53 - 2013-08-29 06:53 - 00007597 _____ C:\Users\Mipo\AppData\Local\Resmon.ResmonCfg
2013-08-28 12:58 - 2013-08-28 12:58 - 00448512 _____ (OldTimer Tools) C:\Users\Mipo\Desktop\TFC.exe
2013-08-28 10:02 - 2013-08-28 10:02 - 00001092 _____ C:\DelFix.txt
2013-08-27 13:23 - 2013-08-27 13:23 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-27 07:19 - 2013-08-28 10:02 - 00000000 ____D C:\Windows\ERUNT
2013-08-27 06:46 - 2013-08-27 06:47 - 00000000 ____D C:\AdwCleaner
2013-08-27 06:18 - 2013-08-27 06:18 - 00000000 ____D C:\Users\Mipo\AppData\Roaming\Malwarebytes
2013-08-27 06:17 - 2013-08-27 06:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-27 06:17 - 2013-08-27 06:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-27 06:17 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

==================== One Month Modified Files and Folders =======

2013-09-26 18:16 - 2013-09-26 18:16 - 00000000 ____D C:\FRST
2013-09-26 05:53 - 2013-09-26 05:44 - 00000004 _____ C:\Users\Mipo\AppData\Roaming\cache.ini
2013-09-26 05:53 - 2012-03-30 12:02 - 00327680 _____ C:\Windows\System32\Ikeext.etl
2013-09-26 05:53 - 2009-07-14 06:10 - 01942726 _____ C:\Windows\WindowsUpdate.log
2013-09-26 05:53 - 2009-07-14 05:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-26 05:53 - 2009-07-14 05:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-26 05:51 - 2013-08-23 11:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-26 05:51 - 2011-03-31 23:32 - 00000031 _____ C:\tmuninst.ini
2013-09-26 05:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-09-26 05:49 - 2011-08-12 21:50 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 05:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-26 05:49 - 2009-07-14 05:51 - 00267442 _____ C:\Windows\setupact.log
2013-09-26 05:45 - 2011-05-18 19:21 - 00000000 ____D C:\Users\Mipo\Documents\Outlook-Dateien
2013-09-26 05:44 - 2011-08-12 21:50 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-26 05:43 - 2013-09-26 05:43 - 00053199 _____ C:\Users\Mipo\Downloads\movie1080p.mkv (1).zip
2013-09-26 05:43 - 2013-09-26 05:42 - 00053199 _____ C:\Users\Mipo\Downloads\movie1080p.mkv.zip
2013-09-26 05:39 - 2011-05-19 21:22 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{92B89F0F-5C92-46DC-A6D0-DD51AD8EC82D}
2013-09-26 05:34 - 2012-04-23 19:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-25 20:56 - 2011-06-15 15:40 - 00017142 _____ C:\Windows\TMFilter.log
2013-09-25 15:46 - 2011-08-09 15:17 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 5.0 Commerzbank-Edition
2013-09-23 12:42 - 2009-07-14 18:58 - 00765348 _____ C:\Windows\System32\perfh007.dat
2013-09-23 12:42 - 2009-07-14 18:58 - 00169910 _____ C:\Windows\System32\perfc007.dat
2013-09-23 12:42 - 2009-07-14 06:13 - 01778424 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-21 23:48 - 2012-08-23 15:57 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-20 07:34 - 2012-04-23 19:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 07:34 - 2012-04-23 19:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 07:34 - 2011-06-05 09:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-15 19:03 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-14 05:45 - 2011-03-31 16:03 - 00103816 _____ C:\Windows\PFRO.log
2013-09-13 05:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 14:33 - 2012-02-03 19:48 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-09-11 15:33 - 2009-07-14 05:45 - 00493600 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-11 14:43 - 2013-08-23 11:29 - 00000000 ____D C:\Windows\System32\MRT
2013-09-11 14:40 - 2011-08-13 06:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-09-11 14:40 - 2011-05-18 19:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 05:57 - 2013-08-23 11:53 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-05 14:51 - 2013-09-05 14:51 - 00002898 _____ C:\Windows\System32\Tasks\{D966B03F-C560-45E8-B704-E939C4ADBD79}
2013-08-30 14:54 - 2011-05-18 15:09 - 00135008 _____ C:\Users\Mipo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-30 08:48 - 2013-08-23 11:54 - 00033400 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 01030952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 00378944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 00204880 _____ C:\Windows\System32\Drivers\aswVmm.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 00080816 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 00072016 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 00065336 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2013-08-30 08:48 - 2013-08-23 11:53 - 00064288 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-08-30 08:47 - 2013-08-23 11:53 - 00287840 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-08-30 08:47 - 2013-08-23 11:53 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-30 08:32 - 2011-05-18 20:15 - 00000585 _____ C:\Windows\ODBC.INI
2013-08-30 08:32 - 2011-05-18 20:14 - 00000000 ____D C:\Program Files (x86)\Casa
2013-08-30 08:22 - 2013-08-24 05:50 - 00000000 ____D C:\virenscan
2013-08-30 07:26 - 2011-08-12 21:50 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-30 07:25 - 2012-03-05 11:56 - 00000600 _____ C:\Users\Mipo\AppData\Roaming\winscp.rnd
2013-08-30 07:23 - 2012-12-31 07:32 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-29 08:39 - 2013-08-29 08:39 - 00000000 ____H C:\Users\Mipo\Documents\Default.rdp
2013-08-29 06:58 - 2012-01-31 21:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-08-29 06:53 - 2013-08-29 06:53 - 00007597 _____ C:\Users\Mipo\AppData\Local\Resmon.ResmonCfg
2013-08-28 14:39 - 2011-09-20 20:23 - 00000000 ____D C:\Users\Mipo\AppData\Local\FRITZ!
2013-08-28 12:58 - 2013-08-28 12:58 - 00448512 _____ (OldTimer Tools) C:\Users\Mipo\Desktop\TFC.exe
2013-08-28 10:02 - 2013-08-28 10:02 - 00001092 _____ C:\DelFix.txt
2013-08-28 10:02 - 2013-08-27 07:19 - 00000000 ____D C:\Windows\ERUNT
2013-08-28 10:00 - 2013-08-26 10:29 - 00000000 ____D C:\Windows\erdnt
2013-08-28 09:52 - 2011-05-18 15:08 - 00000000 ____D C:\users\Mipo
2013-08-27 13:23 - 2013-08-27 13:23 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-27 06:47 - 2013-08-27 06:46 - 00000000 ____D C:\AdwCleaner
2013-08-27 06:18 - 2013-08-27 06:18 - 00000000 ____D C:\Users\Mipo\AppData\Roaming\Malwarebytes
2013-08-27 06:17 - 2013-08-27 06:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-27 06:17 - 2013-08-27 06:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

Files to move or delete:
====================
C:\Users\Mipo\AppData\Roaming\cache.dat
C:\Users\Mipo\AppData\Roaming\cache.ini


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

6
Restore point made on: 2013-09-06 13:45:17
Restore point made on: 2013-09-11 06:03:38
Restore point made on: 2013-09-11 06:25:37
Restore point made on: 2013-09-11 14:33:07
Restore point made on: 2013-09-17 15:23:31
Restore point made on: 2013-09-21 23:03:54

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {f6eab0f1-5bf8-11e0-9108-14feb59f13e8}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {f6eab0f1-5bf8-11e0-9108-14feb59f13e8}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{f6eab0f4-5bf8-11e0-9108-14feb59f13e8}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{f6eab0f4-5bf8-11e0-9108-14feb59f13e8}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {f6eab0f1-5bf8-11e0-9108-14feb59f13e8}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {f6eab0f4-5bf8-11e0-9108-14feb59f13e8}
description             Ramdisk Options
ramdisksdidevice        partition=Y:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 2980.17 MB
Available physical RAM: 2353.85 MB
Total Pagefile: 2978.32 MB
Available Pagefile: 2346.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:210.32 GB) (Free:94.67 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:3.62 GB) (Free:0.06 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:22.46 GB) (Free:14.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=22 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=210 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)


LastRegBack: 2013-09-22 19:56

==================== End Of Log ============================

 

Themen zu BKA Trojaner auf meinem Rechner
adobe, antivirus, association, avast, bootmgr, combofix, desktop, dsl, explorer, farbar, farbar recovery scan tool, flash player, helper, home, monitor, realtek, registry, rundll, scan, security, server, services.exe, software, svchost.exe, system, trojaner, usbvideo.sys, vista, windows xp, winlogon.exe


« Windows 7: Polizei Virus mit weißem Bildschirm | Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst »


Ähnliche Themen: BKA Trojaner auf meinem Rechner


  1. Trojaner vom BKA auf meinem rechner
    Log-Analyse und Auswertung - 03.07.2015 (1)
  2. Trojaner auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (30)
  3. Trojaner Yantoo auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (1)
  4. GVU Trojaner auf meinem Rechner
    Log-Analyse und Auswertung - 11.04.2013 (13)
  5. GVU Trojaner auch in meinem Rechner !
    Log-Analyse und Auswertung - 02.03.2013 (9)
  6. Trojaner FAKEMS auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 26.01.2013 (25)
  7. more for you-trojaner auf meinem rechner
    Plagegeister aller Art und deren Bekämpfung - 30.10.2012 (4)
  8. GVU - Trojaner noch auf meinem Rechner?
    Log-Analyse und Auswertung - 20.10.2012 (13)
  9. Trojaner Hermes_V01 auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (3)
  10. XP REchner: kann nicht erkennen, ob ich immer noch Trojaner auf meinem Rechner habe
    Plagegeister aller Art und deren Bekämpfung - 13.09.2011 (43)
  11. BKA-Trojaner auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 20.04.2011 (48)
  12. TR/AG cfx - Trojaner auf meinem Rechner was nun?
    Plagegeister aller Art und deren Bekämpfung - 30.11.2010 (30)
  13. Trojaner Carberp auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 02.10.2010 (5)
  14. 100 Tan Trojaner auf meinem Rechner Windows 7
    Plagegeister aller Art und deren Bekämpfung - 08.09.2010 (19)
  15. Diverse Trojaner auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 27.07.2009 (2)
  16. Trojaner TR/Patched.CK.56 auf meinem Rechner
    Log-Analyse und Auswertung - 18.01.2009 (14)
  17. Trojaner TR/Dropper.Gen auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 23.07.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BKA Trojaner auf meinem Rechner - Hallo, habe den Scan durchgeführt. Hier die Text-Datei Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013 Ran by SYSTEM on MININT-53ONIBA on - BKA Trojaner auf meinem Rechner...
Archiv
Du betrachtest: BKA Trojaner auf meinem Rechner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131