Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: BKA - Windows 7 64 bit - frst64.exe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 25.10.2013, 16:59   #1
souljam
 
BKA - Windows 7 64 bit - frst64.exe - Standard

BKA - Windows 7 64 bit - frst64.exe



Hi ihr,

habe mit Hilfe des frst-Tools die .txt erstellt. Hoffe ihr könnt mir helfen. Habe bereits alles andere ausprobiert ... ohne Erfolg.
Danke.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013
Ran by SYSTEM on MININT-JCNDQLI on 25-10-2013 17:44:39
Running from K:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet004
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-24] (VIA)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [7322624 2009-09-10] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Realtime Audio Engine] - "mmrtkrnl.exe" /i
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4273976 2012-07-03] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKU\Administrator\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [26103592 2010-03-09] (Skype Technologies S.A.)
HKU\Kratzer\...\Run: [AudioBox VSL] - [x]
HKU\Kratzer\...\Winlogon: [Shell] explorer.exe,C:\Users\Kratzer\AppData\Roaming\Other.res [70144 2011-11-17] () <==== ATTENTION 
Startup: C:\Users\Kratzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: 

==================== Services (Whitelisted) =================

S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44808 2012-07-03] (AVAST Software)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
S2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [319488 2009-07-17] (DeviceVM, Inc.)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
S2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-07-03] (AVAST Software)
S1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-07] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71064 2012-07-03] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-07-03] (AVAST Software)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [958400 2012-07-03] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [355856 2012-07-03] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-07-03] (AVAST Software)
S3 L6PODX3LV; C:\Windows\System32\Drivers\L6PODX3LV64.sys [772096 2011-11-30] (Line 6)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-12-30] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2010-01-21] (Nokia)
S3 paeusbaudio; C:\Windows\System32\DRIVERS\paeusbaudio_x64.sys [245584 2011-08-26] ()
S3 paeusbaudiodsp; C:\Windows\System32\DRIVERS\paeusbaudiodsp_x64.sys [74576 2011-08-26] ()
S3 paeusbaudioks; C:\Windows\System32\DRIVERS\paeusbaudioks_x64.sys [52560 2011-08-26] ()
S3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [29432 2007-10-24] (SIA Syncrosoft)
S3 TASCAM_US1641; C:\Windows\System32\Drivers\tus1641u.sys [408128 2011-01-05] (TASCAM)
S3 TASCAM_US1641_MIDI; C:\Windows\System32\drivers\tus1641m.sys [31296 2011-01-05] (TASCAM)
S3 TASCAM_US1641_WDM; C:\Windows\System32\drivers\tus1641a.sys [50240 2011-01-05] (TASCAM)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-12-30] (Nokia)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [48200 2009-08-04] (Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-25 17:44 - 2013-10-25 17:44 - 00000000 ____D C:\FRST
2013-10-20 19:40 - 2013-10-20 19:40 - 00000000 __SHD C:\found.001
2013-10-20 11:23 - 2013-10-20 11:23 - 00000000 ____D C:\Users\Kratzer\Desktop\TMPGEnc-2.525.64.184-EN-Free
2013-10-19 11:49 - 2013-10-19 11:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ceccb8dadeac04.job
2013-10-16 21:38 - 2013-10-16 21:38 - 00001380 _____ C:\Users\Public\Desktop\Free Video Dub.lnk
2013-10-16 21:38 - 2013-10-16 21:38 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-16 21:38 - 2013-10-16 21:38 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-16 21:36 - 2013-10-16 21:37 - 25013552 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Kratzer\Downloads\FreeVideoDub2.0.22.925.exe
2013-10-16 21:36 - 2013-10-16 21:37 - 25013552 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Kratzer\Downloads\FreeVideoDub.exe
2013-10-16 21:31 - 2013-10-16 21:32 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\Cuttermaran
2013-10-16 21:30 - 2013-10-16 21:30 - 01476548 _____ C:\Users\Kratzer\Downloads\Cuttermaran_1.70.zip
2013-10-16 21:30 - 2013-10-16 21:30 - 00000000 ____D C:\Program Files (x86)\Cuttermaran
2013-10-16 21:25 - 2013-10-16 21:25 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\Windows Net Data
2013-10-16 21:24 - 2013-10-16 21:25 - 00000000 ____D C:\Users\Kratzer\AppData\Local\{15D8266E-0959-4F15-A4D3-B07EC38BBB88}
2013-10-16 21:24 - 2013-10-16 21:24 - 00000000 ____D C:\Users\Kratzer\AppData\Local\Windows Live
2013-10-16 21:23 - 2013-10-16 21:23 - 00400760 _____ (Softonic                                        ) C:\Users\Kratzer\Downloads\SoftonicDownloader_fuer_windows-live-movie-maker.exe
2013-10-09 13:33 - 2013-10-09 13:33 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\DivX
2013-10-09 13:22 - 2013-10-09 13:22 - 00024010 _____ C:\Users\Kratzer\Downloads\Watermelon Man - Piano Solo.gpx
2013-10-09 12:34 - 2013-10-09 12:34 - 01697913 _____ C:\Users\Kratzer\Downloads\pressemappe.pdf.zip
2013-10-07 22:15 - 2013-10-07 22:15 - 00000000 ____D C:\Program Files\DivX
2013-10-07 22:13 - 2013-10-07 22:15 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-07 22:12 - 2013-10-07 22:18 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-07 22:12 - 2013-10-07 22:16 - 00000000 ____D C:\ProgramData\DivX
2013-10-07 22:12 - 2013-10-07 22:16 - 00000000 ____D C:\Program Files (x86)\DivX
2013-10-07 22:12 - 2013-10-07 22:15 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\LavFilters
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\CDXReader
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\Users\Kratzer\AppData\Local\BonanzaDealsLive
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-07 22:11 - 2013-10-07 22:14 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-07 22:11 - 2013-10-07 22:11 - 00749216 _____ C:\Users\Kratzer\Downloads\CodecPackage.exe
2013-10-07 22:11 - 2013-10-07 22:11 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\DigitalSite
2013-10-01 18:57 - 2013-10-01 18:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-29 14:24 - 2013-09-29 14:24 - 00000000 ____D C:\Users\Kratzer\Desktop\Zipfel Camera

==================== One Month Modified Files and Folders =======

2013-10-25 17:44 - 2013-10-25 17:44 - 00000000 ____D C:\FRST
2013-10-25 17:13 - 2010-03-25 23:32 - 00000000 ____D C:\users\Kratzer
2013-10-25 17:13 - 2010-03-25 18:29 - 00000000 ___HD C:\dvmexp
2013-10-25 17:13 - 2010-03-25 15:38 - 00000000 ____D C:\users\Administrator
2013-10-25 17:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-25 16:23 - 2010-03-25 18:29 - 00000672 ____H C:\dvmexp.idx
2013-10-25 16:22 - 2013-08-10 13:50 - 00005578 _____ C:\Windows\setupact.log
2013-10-25 16:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 15:48 - 2012-08-28 19:31 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-25 15:41 - 2010-03-25 15:35 - 01185332 _____ C:\Windows\WindowsUpdate.log
2013-10-25 15:29 - 2012-03-29 18:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 15:21 - 2009-07-14 05:45 - 00011120 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-25 15:21 - 2009-07-14 05:45 - 00011120 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-20 19:40 - 2013-10-20 19:40 - 00000000 __SHD C:\found.001
2013-10-20 11:24 - 2009-07-14 18:58 - 00654150 _____ C:\Windows\System32\perfh007.dat
2013-10-20 11:24 - 2009-07-14 18:58 - 00130022 _____ C:\Windows\System32\perfc007.dat
2013-10-20 11:24 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-20 11:23 - 2013-10-20 11:23 - 00000000 ____D C:\Users\Kratzer\Desktop\TMPGEnc-2.525.64.184-EN-Free
2013-10-19 11:49 - 2013-10-19 11:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ceccb8dadeac04.job
2013-10-17 18:44 - 2013-08-11 15:09 - 00011266 _____ C:\Windows\PFRO.log
2013-10-16 22:00 - 2013-09-15 15:47 - 00000000 ____D C:\Users\Kratzer\Desktop\Zipfel Sandkerwa
2013-10-16 21:38 - 2013-10-16 21:38 - 00001380 _____ C:\Users\Public\Desktop\Free Video Dub.lnk
2013-10-16 21:38 - 2013-10-16 21:38 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-16 21:38 - 2013-10-16 21:38 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-16 21:38 - 2012-08-16 22:19 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\DVDVideoSoft
2013-10-16 21:37 - 2013-10-16 21:36 - 25013552 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Kratzer\Downloads\FreeVideoDub2.0.22.925.exe
2013-10-16 21:37 - 2013-10-16 21:36 - 25013552 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Kratzer\Downloads\FreeVideoDub.exe
2013-10-16 21:32 - 2013-10-16 21:31 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\Cuttermaran
2013-10-16 21:30 - 2013-10-16 21:30 - 01476548 _____ C:\Users\Kratzer\Downloads\Cuttermaran_1.70.zip
2013-10-16 21:30 - 2013-10-16 21:30 - 00000000 ____D C:\Program Files (x86)\Cuttermaran
2013-10-16 21:25 - 2013-10-16 21:25 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\Windows Net Data
2013-10-16 21:25 - 2013-10-16 21:24 - 00000000 ____D C:\Users\Kratzer\AppData\Local\{15D8266E-0959-4F15-A4D3-B07EC38BBB88}
2013-10-16 21:24 - 2013-10-16 21:24 - 00000000 ____D C:\Users\Kratzer\AppData\Local\Windows Live
2013-10-16 21:23 - 2013-10-16 21:23 - 00400760 _____ (Softonic                                        ) C:\Users\Kratzer\Downloads\SoftonicDownloader_fuer_windows-live-movie-maker.exe
2013-10-16 21:09 - 2013-07-24 11:55 - 00013513 _____ C:\Users\Kratzer\Desktop\Adressen Souljam.odt
2013-10-16 21:09 - 2012-05-09 20:38 - 03286016 ___SH C:\Users\Kratzer\Desktop\Thumbs.db
2013-10-09 21:29 - 2011-08-17 15:44 - 00000000 ____D C:\Users\Kratzer\Desktop\SOULJAM
2013-10-09 15:29 - 2012-03-29 18:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 15:29 - 2011-05-20 22:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 13:33 - 2013-10-09 13:33 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\DivX
2013-10-09 13:22 - 2013-10-09 13:22 - 00024010 _____ C:\Users\Kratzer\Downloads\Watermelon Man - Piano Solo.gpx
2013-10-09 12:34 - 2013-10-09 12:34 - 01697913 _____ C:\Users\Kratzer\Downloads\pressemappe.pdf.zip
2013-10-09 12:18 - 2010-03-25 23:33 - 00064176 _____ C:\Users\Kratzer\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-09 12:17 - 2009-07-14 05:45 - 00302792 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-07 22:18 - 2013-10-07 22:12 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-07 22:16 - 2013-10-07 22:12 - 00000000 ____D C:\ProgramData\DivX
2013-10-07 22:16 - 2013-10-07 22:12 - 00000000 ____D C:\Program Files (x86)\DivX
2013-10-07 22:16 - 2010-03-25 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-07 22:15 - 2013-10-07 22:15 - 00000000 ____D C:\Program Files\DivX
2013-10-07 22:15 - 2013-10-07 22:13 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-07 22:15 - 2013-10-07 22:12 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-07 22:14 - 2013-10-07 22:11 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\LavFilters
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\CDXReader
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\Users\Kratzer\AppData\Local\BonanzaDealsLive
2013-10-07 22:12 - 2013-10-07 22:12 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-07 22:11 - 2013-10-07 22:11 - 00749216 _____ C:\Users\Kratzer\Downloads\CodecPackage.exe
2013-10-07 22:11 - 2013-10-07 22:11 - 00000000 ____D C:\Users\Kratzer\AppData\Roaming\DigitalSite
2013-10-04 12:07 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-02 15:20 - 2012-05-17 11:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-02 15:14 - 2010-03-25 16:43 - 00000000 ____D C:\Users\Kratzer\AppData\Local\Mozilla
2013-10-01 18:57 - 2013-10-01 18:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 18:11 - 2013-07-17 12:24 - 00018136 _____ C:\Users\Kratzer\Desktop\Termine für Zipfel.odt
2013-09-29 14:58 - 2011-06-06 20:43 - 00000000 ____D C:\Users\Kratzer\Desktop\Rickbop
2013-09-29 14:24 - 2013-09-29 14:24 - 00000000 ____D C:\Users\Kratzer\Desktop\Zipfel Camera
2013-09-25 16:48 - 2012-12-02 18:00 - 00000000 ____D C:\Users\Kratzer\Desktop\Edits
2013-09-25 16:48 - 2012-08-16 22:25 - 00000000 ____D C:\Users\Kratzer\Desktop\Images
2013-09-25 16:48 - 2012-08-16 22:25 - 00000000 ____D C:\Users\Kratzer\Desktop\Audio
2013-09-25 13:38 - 2010-03-25 15:47 - 00000000 ____D C:\Program Files (x86)\Zattoo4

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad


Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Administrator\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Administrator\AppData\Local\Temp\L6GPInst.dll
C:\Users\Administrator\AppData\Local\Temp\NEventMessages.dll
C:\Users\Administrator\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Administrator\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Kratzer\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kratzer\AppData\Local\Temp\dp.exe
C:\Users\Kratzer\AppData\Local\Temp\Installer-3-.exe
C:\Users\Kratzer\AppData\Local\Temp\rvaaagwkmkpfofbvurnvinrlsy.exe
C:\Users\Kratzer\AppData\Local\Temp\uninst1.exe
C:\Users\Kratzer\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Kratzer\AppData\Local\Temp\vis-de.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

6
Restore point made on: 2013-09-25 14:55:35
Restore point made on: 2013-09-29 16:57:20
Restore point made on: 2013-10-04 13:04:05
Restore point made on: 2013-10-11 16:35:41
Restore point made on: 2013-10-16 21:30:52
Restore point made on: 2013-10-25 15:51:22

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4087.05 MB
Available physical RAM: 3442.98 MB
Total Pagefile: 4085.2 MB
Available Pagefile: 3445.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (Primäre Festplatte) (Fixed) (Total:931.51 GB) (Free:428.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (GRMCHPXFRER_DE_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
Drive k: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5A8FD34A)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 1011 MB) (Disk ID: B1BFF350)
Partition 1: (Active) - (Size=961 MB) - (Type=06)


LastRegBack: 2013-10-25 15:43

==================== End Of Log ============================
         

 

Themen zu BKA - Windows 7 64 bit - frst64.exe
administrator, adobe flash player, association, computer, dllhost.exe, dvdvideosoft ltd., explorer, explorer.exe, farbar, farbar recovery scan tool, microsoft, msiexec.exe, pup.optional.babylon.a, pup.optional.bonanzadeals.a, pup.optional.conduit.a, pup.optional.dealply.a, pup.optional.delta, pup.optional.delta.a, pup.optional.elex, pup.optional.installcore, pup.optional.linkswift.a, pup.optional.opencandy, pup.optional.pcfixspeed.a, pup.optional.searchgoltb.a, pup.optional.softonic.a, pup.optional.sweetim.a, pup.optional.wajam, services.exe, svchost.exe, vcredist, winlogon.exe, wsearch




Ähnliche Themen: BKA - Windows 7 64 bit - frst64.exe


  1. Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows
    Log-Analyse und Auswertung - 24.11.2015 (14)
  2. Logfile nach FRST64.exe
    Log-Analyse und Auswertung - 26.06.2015 (11)
  3. FRST64.exe Scan-Tool enthält Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (4)
  4. Windows 8, Windows 7, Android, Windows Phone - Websiten werden auf adfoc.us umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (7)
  5. Kinderkrankheiten Malwarebytes Antimalware, Emsisoft EEK und FRST64?
    Diskussionsforum - 26.11.2014 (7)
  6. Windows 7: Windows-Sicherheitscenter und Windows Defender funktionieren nicht mehr, Services.exe verseucht?
    Log-Analyse und Auswertung - 07.01.2014 (8)
  7. PC gesperrt wegen Interpol-Seite 100 € Strafe - frst64 funktioniert nicht
    Log-Analyse und Auswertung - 28.11.2013 (15)
  8. Logfile mit FRST64
    Log-Analyse und Auswertung - 12.09.2013 (12)
  9. GVU-Trojaner eingegangen logfile von FRST64 schon erstellt
    Log-Analyse und Auswertung - 27.08.2013 (3)
  10. Logauswertung von FRST64 nach Virenbefall und Virenbereinigung
    Log-Analyse und Auswertung - 21.08.2013 (24)
  11. Win7 GVU Trojaner / abges. Modus geht nicht / frst64 scan liegt vor
    Log-Analyse und Auswertung - 21.07.2013 (9)
  12. GUV TRojaner abgesicherter modus funtioniert nicht Frst64 ausgefürt
    Log-Analyse und Auswertung - 12.07.2013 (9)
  13. Systemdoctor 2014 - frst64.exe - logfile erstellt
    Log-Analyse und Auswertung - 02.06.2013 (4)

Zum Thema BKA - Windows 7 64 bit - frst64.exe - Hi ihr, habe mit Hilfe des frst-Tools die .txt erstellt. Hoffe ihr könnt mir helfen. Habe bereits alles andere ausprobiert ... ohne Erfolg. Danke. Code: Alles auswählen Aufklappen ATTFilter Scan - BKA - Windows 7 64 bit - frst64.exe...
Archiv
Du betrachtest: BKA - Windows 7 64 bit - frst64.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.