Interpol BKA virus Win 7

sebi1 · 02.11.2013, 14:47

Hallo,

Bitte um Hilfe.
hier mein Logfile mit frst64 erstellt:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013
Ran by SYSTEM on MININT-NVTI0C7 on 02-11-2013 14:13:59
Running from F:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKU\ich\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPANEL.exe [2273608 2011-08-02] (Gainward Co.)
HKU\ich\...\Run: [Spotify Web Helper] - C:\Users\ich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-29] (Spotify Ltd)
HKU\ich\...\Run: [Spotify] - C:\Users\ich\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-29] (Spotify Ltd)
HKU\ich\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20474016 2013-10-02] (Skype Technologies S.A.)
HKU\ich\...\Winlogon: [Shell] explorer.exe,C:\Users\ich\AppData\Roaming\cache.dat [156672 2013-08-29] () <==== ATTENTION 
AppInit_DLLs: [0 ] ()
 
==================== Services (Whitelisted) =================
 
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [93984 2013-03-06] (Conduit)
S2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-27] ()
 
==================== Drivers (Whitelisted) ====================
 
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch)
S1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch)
S3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Intel Corporation)
S0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)
S1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-03-11] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 TBPanel; No ImagePath
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 athr; system32\DRIVERS\athrx.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-02 14:00 - 2013-11-02 14:00 - 00000000 ____D C:\FRST
2013-10-29 20:38 - 2013-10-31 12:34 - 00000004 _____ C:\Users\ich\AppData\Roaming\cache.ini
2013-10-28 23:27 - 2013-10-28 23:27 - 00000000 ____D C:\Users\ich\.swt
2013-10-28 23:20 - 2013-10-28 23:20 - 15746728 _____ (Ankama Games) C:\Users\ich\Downloads\wakfu-setup.exe
2013-10-28 23:20 - 2013-10-28 23:20 - 00000967 _____ C:\Users\ich\Desktop\Wakfu.lnk
2013-10-28 23:20 - 2013-10-28 23:20 - 00000000 ____D C:\Users\ich\AppData\Local\Ankama
2013-10-28 23:20 - 2013-10-28 23:20 - 00000000 ____D C:\Program Files (x86)\Wakfu
2013-10-20 16:51 - 2013-10-20 21:23 - 00000000 ____D C:\Users\ich\AppData\Roaming\.aether
2013-10-20 16:51 - 2013-10-20 16:51 - 00014817 _____ C:\Users\ich\Desktop\launcher-start.jar
2013-10-19 16:00 - 2013-10-19 16:00 - 12177169 _____ C:\Users\ich\Downloads\Sky Den 1.1.rar
2013-10-18 16:14 - 2013-10-18 16:14 - 00000000 ___HD C:\Users\ich\Desktop\.updtmp
2013-10-14 18:28 - 2013-10-19 13:53 - 00001276 _____ C:\Users\ich\Desktop\server.log.1
2013-10-14 18:28 - 2013-10-19 13:21 - 00000000 _____ C:\Users\ich\Desktop\server.log.1.lck
2013-10-12 12:52 - 2013-10-19 15:27 - 00022844 _____ C:\Users\ich\Desktop\server.log
2013-10-11 16:23 - 2013-10-11 16:24 - 00000000 __SHD C:\AI_RecycleBin
2013-10-09 16:16 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 16:16 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 16:16 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 16:16 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-10-09 16:16 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-10-09 16:16 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-10-09 16:16 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-10-09 16:16 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-10-09 16:16 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-10-09 16:16 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 16:16 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-09 16:16 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 13:14 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-10-09 13:14 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-10-09 13:14 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-10-09 13:14 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 13:14 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-10-09 13:14 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-10-09 13:14 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-10-09 13:14 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-10-09 13:14 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-10-09 13:14 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-10-09 13:14 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-10-09 13:14 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-10-09 13:14 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-10-09 13:14 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2013-10-09 13:14 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-10-09 13:14 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2013-10-09 13:14 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 13:14 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 13:14 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 13:14 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 13:14 - 2013-08-29 02:50 - 00156672 _____ C:\Users\ich\AppData\Roaming\cache.dat
2013-10-09 13:14 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 13:14 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 13:14 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 13:14 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 13:14 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 13:14 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 13:14 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-10-09 13:14 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2013-10-09 13:14 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-10-09 13:14 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 13:14 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 13:14 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-10-09 13:14 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2013-10-09 13:14 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2013-10-09 13:14 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-10-09 13:14 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-10-09 13:14 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-10-09 13:14 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 13:14 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 13:14 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 13:14 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2013-10-09 13:14 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-10-09 13:14 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2013-10-09 13:14 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-10-09 13:14 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-10-09 13:14 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-10-09 13:14 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-10-09 13:14 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-10-09 13:14 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 13:14 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 13:14 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 13:14 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-10-09 13:14 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 13:14 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-07 15:14 - 2013-10-07 15:16 - 126388964 _____ C:\Users\ich\Downloads\Folge 244.rar.part
2013-10-07 15:14 - 2013-10-07 15:14 - 00000000 _____ C:\Users\ich\Downloads\Folge 244.rar
2013-10-07 14:01 - 2013-10-07 14:01 - 00005217 _____ C:\Users\ich\AppData\Local\recently-used.xbel
2013-10-06 10:16 - 2013-10-21 11:01 - 00217600 _____ C:\Users\ich\Desktop\jacob-1.17-M2-x64.dll
2013-10-06 10:16 - 2013-10-21 11:01 - 00176128 _____ C:\Users\ich\Desktop\jacob-1.17-M2-x86.dll
2013-10-05 14:46 - 2013-10-05 14:48 - 00001378 _____ C:\Users\ich\Desktop\Terraria.lnk
2013-10-05 14:45 - 2013-10-05 14:45 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-10-05 14:43 - 2013-10-05 14:46 - 00000000 ____D C:\Program Files (x86)\4325
2013-10-05 14:26 - 2013-10-05 14:29 - 15504681 _____ C:\Users\ich\Desktop\Terraria v.1.1.2.rar
2013-10-04 19:07 - 2013-10-04 19:07 - 05703908 _____ C:\Users\ich\Desktop\MAtmos Mod 1.4.7.zip
2013-10-04 18:00 - 2013-10-04 18:00 - 138176863 _____ C:\Users\ich\Downloads\multiMAN ver 04.46.01 BASE (20130707).zip
2013-10-04 17:26 - 2013-10-04 17:26 - 00096557 _____ C:\Users\ich\Downloads\toggle_qa.rar
2013-10-04 17:18 - 2013-10-04 17:19 - 178890463 _____ C:\Users\ich\Downloads\PS3_3.55.rar
2013-10-04 17:15 - 2013-10-04 17:16 - 203643442 _____ C:\Users\ich\Downloads\RB446DKIPF.PUP
2013-10-04 13:31 - 2013-10-04 13:31 - 00894600 _____ (CNET Download.com) C:\Users\ich\Downloads\cbsidlm-cbsi134-Slender_Space-ORG-75915961.exe
2013-10-04 10:50 - 2013-10-04 10:50 - 00000000 ____D C:\Users\ich\AppData\Local\LogMeIn
2013-10-04 10:50 - 2013-10-04 10:50 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-03 18:40 - 2013-10-07 14:00 - 00000000 ____D C:\Users\ich\Desktop\tekkit bilder
2013-10-03 17:59 - 2013-10-03 17:59 - 00000000 ____D C:\Users\ich\.thumbnails
2013-10-03 17:50 - 2013-10-07 13:57 - 00000000 ____D C:\Users\ich\Documents\skatesthumbnailtool
2013-10-03 17:48 - 2013-10-03 17:48 - 00001164 _____ C:\Users\Public\Desktop\skate's Thumbnail Tool.lnk
2013-10-03 17:48 - 2013-10-03 17:48 - 00000000 ____D C:\Users\ich\AppData\Roaming\skate's Thumbnail Tool
2013-10-03 17:48 - 2013-10-03 17:48 - 00000000 ____D C:\Program Files (x86)\skate's Thumbnail Tool
2013-10-03 17:41 - 2013-10-03 17:41 - 00000000 ____D C:\ProgramData\Caphyon
2013-10-03 17:40 - 2013-10-08 18:35 - 00000924 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2013-10-03 17:40 - 2013-10-03 17:40 - 00000000 ____D C:\Users\ich\Documents\VisioForge
2013-10-03 17:37 - 2013-10-03 17:39 - 00000000 ____D C:\Users\ich\AppData\Roaming\Minecraft Skin Viewer
2013-10-03 17:37 - 2013-10-03 17:37 - 00000000 ____D C:\Users\ich\AppData\Roaming\VisioForge
2013-10-03 17:36 - 2012-06-11 22:38 - 00302592 _____ C:\Users\ich\Desktop\Minecraft Skin Viewer.exe
2013-10-03 17:35 - 2013-10-03 17:35 - 00140332 _____ C:\Users\ich\Desktop\Minecraft Skin Viewer.zip
2013-10-03 16:34 - 2013-10-03 16:34 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-03 16:33 - 2013-10-31 12:32 - 00006272 _____ C:\Windows\setupact.log
2013-10-03 16:33 - 2013-10-03 16:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-03 16:33 - 2013-10-03 16:33 - 00000000 _____ C:\Windows\setuperr.log
2013-10-03 16:32 - 2013-10-04 16:58 - 00002716 _____ C:\Windows\PFRO.log
2013-10-03 10:07 - 2013-10-03 10:07 - 00000000 ____D C:\Users\ich\AppData\Local\Avg2014
2013-10-03 10:07 - 2013-09-09 14:29 - 00043320 _____ (TuneUp Software) C:\Windows\System32\uxtuneup.dll
2013-10-03 10:07 - 2013-09-09 14:29 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-10-03 10:03 - 2013-09-09 14:29 - 00040760 _____ (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-10-03 10:03 - 2013-09-09 14:29 - 00029496 _____ (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-10-03 10:02 - 2013-09-09 14:29 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-10-03 10:01 - 2013-10-03 10:07 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-10-03 10:00 - 2013-10-03 10:00 - 00001243 _____ C:\Users\Public\Desktop\Free Studio.lnk
2013-10-03 09:58 - 2013-10-03 09:58 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-03 09:56 - 2013-10-03 09:56 - 00000000 ____D C:\ProgramData\DSearchLink
2013-10-03 09:56 - 2013-10-03 09:56 - 00000000 ____D C:\Program Files (x86)\Delta
2013-10-03 09:51 - 2013-10-03 09:51 - 01091560 _____ (DVDVideoSoft Ltd. ) C:\Users\ich\Downloads\FreeStudio.exe
 
==================== One Month Modified Files and Folders =======
 
2013-11-02 14:00 - 2013-11-02 14:00 - 00000000 ____D C:\FRST
2013-10-31 12:34 - 2013-10-29 20:38 - 00000004 _____ C:\Users\ich\AppData\Roaming\cache.ini
2013-10-31 12:34 - 2013-03-10 19:20 - 00000000 ____D C:\Users\ich\AppData\Roaming\Skype
2013-10-31 12:33 - 2013-09-07 20:51 - 00001286 _____ C:\Windows\Tasks\Pricora 6.1-updater.job
2013-10-31 12:33 - 2013-09-07 20:51 - 00001090 _____ C:\Windows\Tasks\Pricora 6.1-enabler.job
2013-10-31 12:33 - 2013-09-07 20:50 - 00001898 _____ C:\Windows\Tasks\Pricora 6.1-chromeinstaller.job
2013-10-31 12:33 - 2013-09-07 20:50 - 00001824 _____ C:\Windows\Tasks\Pricora 6.1-firefoxinstaller.job
2013-10-31 12:33 - 2013-09-07 20:50 - 00001192 _____ C:\Windows\Tasks\Pricora 6.1-codedownloader.job
2013-10-31 12:33 - 2013-03-11 15:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-31 12:32 - 2013-10-03 16:33 - 00006272 _____ C:\Windows\setupact.log
2013-10-31 12:32 - 2013-03-10 18:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-31 12:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-30 09:22 - 2013-06-24 16:50 - 00000000 ____D C:\Users\ich\AppData\Local\LogMeIn Hamachi
2013-10-29 21:21 - 2013-03-10 18:34 - 01253242 _____ C:\Windows\WindowsUpdate.log
2013-10-29 21:19 - 2009-07-14 05:45 - 00026544 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 21:19 - 2009-07-14 05:45 - 00026544 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 21:15 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\System32\perfh007.dat
2013-10-29 21:15 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\System32\perfc007.dat
2013-10-29 21:15 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-29 21:08 - 2013-05-19 20:13 - 00000000 ____D C:\Users\ich\AppData\Roaming\Spotify
2013-10-29 19:20 - 2013-04-04 21:30 - 00000000 ____D C:\Users\ich\AppData\Local\CrashDumps
2013-10-29 18:15 - 2013-03-10 20:44 - 00000000 ____D C:\Users\ich\AppData\Roaming\.minecraft
2013-10-29 07:13 - 2013-08-05 11:47 - 00000000 ____D C:\Users\ich\AppData\Local\Adobe
2013-10-28 23:28 - 2013-03-10 19:16 - 00000000 ____D C:\Users\ich\AppData\Roaming\Mozilla
2013-10-28 23:27 - 2013-10-28 23:27 - 00000000 ____D C:\Users\ich\.swt
2013-10-28 23:27 - 2013-03-10 18:34 - 00000000 ____D C:\users\ich
2013-10-28 23:20 - 2013-10-28 23:20 - 15746728 _____ (Ankama Games) C:\Users\ich\Downloads\wakfu-setup.exe
2013-10-28 23:20 - 2013-10-28 23:20 - 00000967 _____ C:\Users\ich\Desktop\Wakfu.lnk
2013-10-28 23:20 - 2013-10-28 23:20 - 00000000 ____D C:\Users\ich\AppData\Local\Ankama
2013-10-28 23:20 - 2013-10-28 23:20 - 00000000 ____D C:\Program Files (x86)\Wakfu
2013-10-28 20:42 - 2013-08-10 10:17 - 00000000 ____D C:\Users\ich\AppData\Roaming\.technic
2013-10-28 20:39 - 2013-08-10 10:16 - 02142590 _____ () C:\Users\ich\Desktop\Technik launcher.exe
2013-10-21 12:17 - 2013-03-21 17:36 - 00000000 ____D C:\Users\ich\AppData\Roaming\vlc
2013-10-21 11:01 - 2013-10-06 10:16 - 00217600 _____ C:\Users\ich\Desktop\jacob-1.17-M2-x64.dll
2013-10-21 11:01 - 2013-10-06 10:16 - 00176128 _____ C:\Users\ich\Desktop\jacob-1.17-M2-x86.dll
2013-10-20 21:23 - 2013-10-20 16:51 - 00000000 ____D C:\Users\ich\AppData\Roaming\.aether
2013-10-20 16:51 - 2013-10-20 16:51 - 00014817 _____ C:\Users\ich\Desktop\launcher-start.jar
2013-10-19 16:00 - 2013-10-19 16:00 - 12177169 _____ C:\Users\ich\Downloads\Sky Den 1.1.rar
2013-10-19 15:27 - 2013-10-12 12:52 - 00022844 _____ C:\Users\ich\Desktop\server.log
2013-10-19 13:53 - 2013-10-14 18:28 - 00001276 _____ C:\Users\ich\Desktop\server.log.1
2013-10-19 13:21 - 2013-10-14 18:28 - 00000000 _____ C:\Users\ich\Desktop\server.log.1.lck
2013-10-19 13:10 - 2013-09-08 13:37 - 00000000 ____D C:\Users\ich\Desktop\Neuer Ordner
2013-10-18 16:41 - 2013-07-10 19:56 - 00000000 ____D C:\Users\ich\Desktop\Render-Programm
2013-10-18 16:14 - 2013-10-18 16:14 - 00000000 ___HD C:\Users\ich\Desktop\.updtmp
2013-10-17 21:07 - 2013-08-12 12:49 - 00000000 ____D C:\Users\ich\Desktop\Unnütz
2013-10-17 20:42 - 2013-08-10 13:07 - 00000000 ____D C:\Users\ich\Desktop\Fotos
2013-10-16 13:06 - 2013-09-07 20:51 - 00004316 _____ C:\Windows\System32\Tasks\Pricora 6.1-updater
2013-10-15 19:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-13 11:37 - 2013-03-12 14:28 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-12 13:14 - 2013-07-09 14:04 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-10-12 13:14 - 2013-07-09 13:59 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-12 13:13 - 2013-07-09 13:59 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-10-12 13:09 - 2013-07-03 17:37 - 00000000 _____ C:\Windows\System32\Drivers\lvuvc.hs
2013-10-12 08:03 - 2013-03-10 19:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-12 08:03 - 2013-03-10 19:19 - 00000000 ____D C:\ProgramData\Skype
2013-10-11 16:24 - 2013-10-11 16:23 - 00000000 __SHD C:\AI_RecycleBin
2013-10-11 16:24 - 2013-09-01 19:55 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-10-09 19:27 - 2013-01-17 07:27 - 00000000 ____D C:\Windows\Panther
2013-10-09 19:26 - 2009-07-14 05:45 - 04950856 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-09 16:19 - 2013-01-17 07:42 - 01592056 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 16:15 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\System32\MRT
2013-10-09 16:13 - 2013-01-17 08:28 - 80541720 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-10-08 18:35 - 2013-10-03 17:40 - 00000924 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2013-10-07 15:16 - 2013-10-07 15:14 - 126388964 _____ C:\Users\ich\Downloads\Folge 244.rar.part
2013-10-07 15:14 - 2013-10-07 15:14 - 00000000 _____ C:\Users\ich\Downloads\Folge 244.rar
2013-10-07 14:02 - 2013-08-03 21:41 - 00000000 ____D C:\Users\ich\.gimp-2.8
2013-10-07 14:01 - 2013-10-07 14:01 - 00005217 _____ C:\Users\ich\AppData\Local\recently-used.xbel
2013-10-07 14:00 - 2013-10-03 18:40 - 00000000 ____D C:\Users\ich\Desktop\tekkit bilder
2013-10-07 14:00 - 2013-08-03 21:57 - 00000000 ____D C:\Users\ich\AppData\Local\gtk-2.0
2013-10-07 13:57 - 2013-10-03 17:50 - 00000000 ____D C:\Users\ich\Documents\skatesthumbnailtool
2013-10-06 10:09 - 2013-09-12 15:54 - 00000000 ____D C:\Users\ich\AppData\Roaming\ftblauncher
2013-10-06 10:09 - 2013-05-15 13:06 - 00517754 _____ () C:\Users\ich\Desktop\Fedd The Beast.exe
2013-10-05 14:48 - 2013-10-05 14:46 - 00001378 _____ C:\Users\ich\Desktop\Terraria.lnk
2013-10-05 14:48 - 2013-09-27 14:40 - 00000000 ____D C:\Users\ich\Documents\My Games
2013-10-05 14:46 - 2013-10-05 14:43 - 00000000 ____D C:\Program Files (x86)\4325
2013-10-05 14:45 - 2013-10-05 14:45 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-10-05 14:29 - 2013-10-05 14:26 - 15504681 _____ C:\Users\ich\Desktop\Terraria v.1.1.2.rar
2013-10-04 19:07 - 2013-10-04 19:07 - 05703908 _____ C:\Users\ich\Desktop\MAtmos Mod 1.4.7.zip
2013-10-04 18:00 - 2013-10-04 18:00 - 138176863 _____ C:\Users\ich\Downloads\multiMAN ver 04.46.01 BASE (20130707).zip
2013-10-04 17:26 - 2013-10-04 17:26 - 00096557 _____ C:\Users\ich\Downloads\toggle_qa.rar
2013-10-04 17:19 - 2013-10-04 17:18 - 178890463 _____ C:\Users\ich\Downloads\PS3_3.55.rar
2013-10-04 17:16 - 2013-10-04 17:15 - 203643442 _____ C:\Users\ich\Downloads\RB446DKIPF.PUP
2013-10-04 16:58 - 2013-10-03 16:32 - 00002716 _____ C:\Windows\PFRO.log
2013-10-04 13:31 - 2013-10-04 13:31 - 00894600 _____ (CNET Download.com) C:\Users\ich\Downloads\cbsidlm-cbsi134-Slender_Space-ORG-75915961.exe
2013-10-04 10:50 - 2013-10-04 10:50 - 00000000 ____D C:\Users\ich\AppData\Local\LogMeIn
2013-10-04 10:50 - 2013-10-04 10:50 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-03 18:27 - 2013-08-27 23:42 - 00000000 ____D C:\Users\ich\Desktop\Youtube Bilder
2013-10-03 17:59 - 2013-10-03 17:59 - 00000000 ____D C:\Users\ich\.thumbnails
2013-10-03 17:48 - 2013-10-03 17:48 - 00001164 _____ C:\Users\Public\Desktop\skate's Thumbnail Tool.lnk
2013-10-03 17:48 - 2013-10-03 17:48 - 00000000 ____D C:\Users\ich\AppData\Roaming\skate's Thumbnail Tool
2013-10-03 17:48 - 2013-10-03 17:48 - 00000000 ____D C:\Program Files (x86)\skate's Thumbnail Tool
2013-10-03 17:41 - 2013-10-03 17:41 - 00000000 ____D C:\ProgramData\Caphyon
2013-10-03 17:40 - 2013-10-03 17:40 - 00000000 ____D C:\Users\ich\Documents\VisioForge
2013-10-03 17:39 - 2013-10-03 17:37 - 00000000 ____D C:\Users\ich\AppData\Roaming\Minecraft Skin Viewer
2013-10-03 17:37 - 2013-10-03 17:37 - 00000000 ____D C:\Users\ich\AppData\Roaming\VisioForge
2013-10-03 17:35 - 2013-10-03 17:35 - 00140332 _____ C:\Users\ich\Desktop\Minecraft Skin Viewer.zip
2013-10-03 16:34 - 2013-10-03 16:34 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-03 16:33 - 2013-10-03 16:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-03 16:33 - 2013-10-03 16:33 - 00000000 _____ C:\Windows\setuperr.log
2013-10-03 11:20 - 2013-09-29 18:52 - 00000000 ____D C:\Users\ich\AppData\Local\fabi.me
2013-10-03 10:44 - 2013-09-08 13:55 - 00000000 ____D C:\Fraps
2013-10-03 10:11 - 2013-05-10 09:39 - 00000000 ____D C:\Users\ich\AppData\Roaming\TS3Client
2013-10-03 10:07 - 2013-10-03 10:07 - 00000000 ____D C:\Users\ich\AppData\Local\Avg2014
2013-10-03 10:07 - 2013-10-03 10:01 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-10-03 10:03 - 2013-04-01 11:15 - 00000000 ____D C:\Users\ich\AppData\Roaming\DVDVideoSoft
2013-10-03 10:02 - 2013-04-01 11:17 - 00000000 ____D C:\Users\ich\AppData\Roaming\TuneUp Software
2013-10-03 10:01 - 2013-04-01 11:15 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-03 10:00 - 2013-10-03 10:00 - 00001243 _____ C:\Users\Public\Desktop\Free Studio.lnk
2013-10-03 09:58 - 2013-10-03 09:58 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-03 09:58 - 2013-04-01 11:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-03 09:56 - 2013-10-03 09:56 - 00000000 ____D C:\ProgramData\DSearchLink
2013-10-03 09:56 - 2013-10-03 09:56 - 00000000 ____D C:\Program Files (x86)\Delta
2013-10-03 09:56 - 2013-06-28 14:43 - 00003376 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-03 09:55 - 2013-04-01 11:15 - 00000000 ____D C:\Users\ich\AppData\Roaming\OpenCandy
2013-10-03 09:51 - 2013-10-03 09:51 - 01091560 _____ (DVDVideoSoft Ltd. ) C:\Users\ich\Downloads\FreeStudio.exe
 
Files to move or delete:
====================
C:\Users\ich\AppData\Roaming\cache.dat
C:\Users\ich\AppData\Roaming\cache.ini
 
 
Some content of TEMP:
====================
C:\Users\ich\AppData\Local\Temp\TUUUninstallHelper.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 17%
Total physical RAM: 3069.61 MB
Available physical RAM: 2529.41 MB
Total Pagefile: 3067.81 MB
Available Pagefile: 2528.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.41 GB) (Free:11.85 GB) NTFS
Drive e: (CB1513CD) (CDROM) (Total:0.61 GB) (Free:0 GB) UDF
Drive f: () (Removable) (Total:14.9 GB) (Free:13.06 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 3F95C4F8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 5C65401C)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
 
 
LastRegBack: 2013-10-29 07:32
 
==================== End Of Log ============================

--- --- ---

Interpol BKA virus Win 7

Log-Analyse und Auswertung: Interpol BKA virus Win 7

Interpol BKA virus Win 7

Ähnliche Themen: Interpol BKA virus Win 7