Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
"Windows 7: Sperrschirm...... Was tun?

"Windows 7: Sperrschirm...... Was tun?


Plagegeister aller Art und deren Bekämpfung: "Windows 7: Sperrschirm...... Was tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.11.2013, 19:14   #1
safri01
 
"Windows 7: Sperrschirm...... Was tun? - Standard

"Windows 7: Sperrschirm...... Was tun?


Was muß ich tun um den Speer Bildschirm wieder los zu werden???

Hier mein Logfile:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2013
Ran by SYSTEM on MININT-V2N0UV4 on 23-11-2013 19:05:16
Running from G:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CitrixReceiver] - "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] - C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKU\Kfz Sv Büro\...\Winlogon: [Shell] explorer.exe,C:\Users\Kfz Sv Büro\AppData\Roaming\Other.res [94720 2013-08-29] () <==== ATTENTION 

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S2 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)

==================== Drivers (Whitelisted) ====================

S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1038440 2011-05-09] (Realtek Semiconductor Corporation                           )
S3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-23 19:05 - 2013-11-23 19:05 - 00000000 ____D C:\FRST
2013-11-23 09:58 - 2013-11-23 09:58 - 00094720 _____ C:\Users\Kfz Sv Büro\Downloads\video_720p.exe
2013-11-19 19:05 - 2013-11-19 19:05 - 00000230 _____ C:\Users\Kfz Sv Büro\Desktop\Citrix XenApp - Anmeldung.url
2013-11-19 15:25 - 2013-11-19 15:25 - 00001022 _____ C:\Users\Public\Desktop\FotoCopy Eingangsverzeichnis.lnk
2013-11-19 15:25 - 2013-11-19 15:25 - 00000000 ____D C:\Program Files (x86)\Audatex
2013-11-19 15:23 - 2011-07-06 08:41 - 03866112 _____ C:\Users\Kfz Sv Büro\Desktop\FotoCopy.msi
2013-11-19 07:49 - 2013-11-19 07:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 12:51 - 2013-11-18 12:51 - 00001409 _____ C:\Users\Kfz Sv Büro\Desktop\Internet Explorer.lnk
2013-11-18 12:37 - 2013-11-18 14:25 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Roaming\ICAClient
2013-11-18 12:36 - 2013-11-18 12:36 - 00000000 ____D C:\ProgramData\Citrix
2013-11-18 12:35 - 2013-11-18 12:35 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\Citrix
2013-11-18 12:35 - 2013-11-18 12:35 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-11-18 12:28 - 2013-11-18 12:31 - 53664128 _____ (Citrix Systems, Inc.) C:\Users\Kfz Sv Büro\Downloads\CitrixReceiver.exe
2013-11-14 20:11 - 2013-11-14 20:11 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Roaming\AVG2014
2013-11-14 20:09 - 2013-11-14 20:09 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-14 20:08 - 2013-11-14 20:10 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-13 12:37 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-13 12:37 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-13 12:37 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-11-13 12:37 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-13 12:37 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-11-13 12:37 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 12:37 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 12:37 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 12:37 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-13 12:37 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 12:37 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-13 12:37 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 10:12 - 2013-11-13 10:12 - 00000000 ____D C:\ProgramData\ABBYY
2013-11-13 10:11 - 2013-11-13 10:11 - 00000000 ____D C:\Users\Kfz Sv Büro\Documents\AnyMP4 Studio
2013-11-13 10:11 - 2013-11-13 10:11 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\AnyMP4 Studio
2013-11-13 08:47 - 2013-11-13 09:17 - 346670920 _____ (AnyMP4 Studio                                               ) C:\Users\Kfz Sv Büro\Downloads\pdf-converter-ultimate.exe
2013-11-13 08:30 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-11-13 08:29 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-11-13 08:29 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-11-13 08:29 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-11-13 08:29 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 08:29 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 08:29 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 08:29 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-13 08:29 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll
2013-11-13 08:29 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-11-13 08:29 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 08:29 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 08:29 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 08:29 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-11-13 08:29 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 08:29 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-11-13 08:29 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-11-13 08:29 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-11-13 08:29 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-11-13 08:29 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-11-13 08:29 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-11-13 08:29 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-11-13 08:29 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-11-13 08:29 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-11-13 08:29 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 08:29 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 08:29 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 08:29 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 08:29 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-11-13 08:29 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-11-08 08:20 - 2013-11-08 08:20 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\PDF24
2013-11-08 08:18 - 2013-11-08 08:18 - 16198832 _____ (Geek Software GmbH                                          ) C:\Users\Kfz Sv Büro\Downloads\pdf24-creator-6.0.1.exe
2013-11-04 13:08 - 2013-11-04 13:08 - 00001991 _____ C:\Users\Kfz Sv Büro\Desktop\HP Photosmart C3100 series - Verknüpfung.lnk
2013-11-04 13:06 - 2013-11-04 13:06 - 00000375 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2013-10-31 23:56 - 2013-11-19 16:19 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\Avg2014

==================== One Month Modified Files and Folders =======

2013-11-23 19:05 - 2013-11-23 19:05 - 00000000 ____D C:\FRST
2013-11-23 10:01 - 2013-10-20 11:13 - 00000276 _____ C:\Windows\Tasks\AutoKMS.job
2013-11-23 10:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-23 10:01 - 2009-07-14 05:51 - 00029158 _____ C:\Windows\setupact.log
2013-11-23 10:00 - 2013-10-18 08:47 - 00000000 ____D C:\Users\Kfz Sv Büro\Downloads\Neuer Ordner
2013-11-23 10:00 - 2013-08-22 18:29 - 01657242 _____ C:\Windows\WindowsUpdate.log
2013-11-23 09:58 - 2013-11-23 09:58 - 00094720 _____ C:\Users\Kfz Sv Büro\Downloads\video_720p.exe
2013-11-23 08:06 - 2013-08-22 21:05 - 00000000 ____D C:\ProgramData\MFAData
2013-11-23 07:52 - 2013-10-13 07:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-23 07:19 - 2011-04-12 08:43 - 00711162 _____ C:\Windows\System32\perfh007.dat
2013-11-23 07:19 - 2011-04-12 08:43 - 00152434 _____ C:\Windows\System32\perfc007.dat
2013-11-23 07:19 - 2009-07-14 06:13 - 01640528 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-23 07:01 - 2009-07-14 05:45 - 00022528 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-23 07:01 - 2009-07-14 05:45 - 00022528 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-22 17:34 - 2010-11-21 04:47 - 00048558 _____ C:\Windows\PFRO.log
2013-11-19 19:05 - 2013-11-19 19:05 - 00000230 _____ C:\Users\Kfz Sv Büro\Desktop\Citrix XenApp - Anmeldung.url
2013-11-19 16:37 - 2013-10-20 11:13 - 00000000 ____D C:\Windows\AutoKMS
2013-11-19 16:19 - 2013-10-31 23:56 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\Avg2014
2013-11-19 15:25 - 2013-11-19 15:25 - 00001022 _____ C:\Users\Public\Desktop\FotoCopy Eingangsverzeichnis.lnk
2013-11-19 15:25 - 2013-11-19 15:25 - 00000000 ____D C:\Program Files (x86)\Audatex
2013-11-19 14:01 - 2013-08-22 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-19 07:49 - 2013-11-19 07:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 14:25 - 2013-11-18 12:37 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Roaming\ICAClient
2013-11-18 12:51 - 2013-11-18 12:51 - 00001409 _____ C:\Users\Kfz Sv Büro\Desktop\Internet Explorer.lnk
2013-11-18 12:36 - 2013-11-18 12:36 - 00000000 ____D C:\ProgramData\Citrix
2013-11-18 12:35 - 2013-11-18 12:35 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\Citrix
2013-11-18 12:35 - 2013-11-18 12:35 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-11-18 12:31 - 2013-11-18 12:28 - 53664128 _____ (Citrix Systems, Inc.) C:\Users\Kfz Sv Büro\Downloads\CitrixReceiver.exe
2013-11-14 20:11 - 2013-11-14 20:11 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Roaming\AVG2014
2013-11-14 20:10 - 2013-11-14 20:08 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-14 20:10 - 2013-08-22 21:07 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-14 20:09 - 2013-11-14 20:09 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-14 18:32 - 2013-10-15 18:54 - 00000000 ____D C:\Users\Kfz Sv Büro\Desktop\SV Büro Oldenburg
2013-11-14 15:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 12:38 - 2013-08-22 22:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 12:36 - 2013-08-22 20:01 - 00000000 ____D C:\Windows\System32\MRT
2013-11-13 12:35 - 2013-08-22 20:01 - 82896128 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-11-13 10:12 - 2013-11-13 10:12 - 00000000 ____D C:\ProgramData\ABBYY
2013-11-13 10:11 - 2013-11-13 10:11 - 00000000 ____D C:\Users\Kfz Sv Büro\Documents\AnyMP4 Studio
2013-11-13 10:11 - 2013-11-13 10:11 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\AnyMP4 Studio
2013-11-13 09:17 - 2013-11-13 08:47 - 346670920 _____ (AnyMP4 Studio                                               ) C:\Users\Kfz Sv Büro\Downloads\pdf-converter-ultimate.exe
2013-11-08 08:20 - 2013-11-08 08:20 - 00000000 ____D C:\Users\Kfz Sv Büro\AppData\Local\PDF24
2013-11-08 08:18 - 2013-11-08 08:18 - 16198832 _____ (Geek Software GmbH                                          ) C:\Users\Kfz Sv Büro\Downloads\pdf24-creator-6.0.1.exe
2013-11-04 13:08 - 2013-11-04 13:08 - 00001991 _____ C:\Users\Kfz Sv Büro\Desktop\HP Photosmart C3100 series - Verknüpfung.lnk
2013-11-04 13:06 - 2013-11-04 13:06 - 00000375 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2013-10-26 08:07 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-10-25 06:52 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries

Some content of TEMP:
====================
C:\Users\Kfz Sv Büro\AppData\Local\Temp\oi_{205830D3-4994-4BC4-976F-56120F1F0049}.exe
C:\Users\Kfz Sv Büro\AppData\Local\Temp\UNINSTALL.EXE


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

8
Restore point made on: 2013-10-20 09:50:13
Restore point made on: 2013-10-30 17:58:43
Restore point made on: 2013-11-01 07:41:25
Restore point made on: 2013-11-10 08:37:21
Restore point made on: 2013-11-13 12:34:16
Restore point made on: 2013-11-14 20:07:50
Restore point made on: 2013-11-14 20:08:22
Restore point made on: 2013-11-19 15:25:36

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3838.18 MB
Available physical RAM: 3224.33 MB
Total Pagefile: 3836.38 MB
Available Pagefile: 3209.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:414.52 GB) NTFS
Drive g: () (Removable) (Total:14.63 GB) (Free:14.63 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 588968CC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 758D54DD)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)


LastRegBack: 2013-11-20 07:07

==================== End Of Log ============================

 

Themen zu "Windows 7: Sperrschirm...... Was tun?
adobe, adobe flash player, association, avg, bildschirm, crypt, desktop, explorer, explorer.exe, flash player, logfile, microsoft, mozilla, realtek, registry, scan, secur, services.exe, software, svchost.exe, system, temp, usb, windows, winlogon, winlogon.exe


« Whilokii entfernen | rvzr-a.akamaihd.net virus auf dem rechner »


Ähnliche Themen: "Windows 7: Sperrschirm...... Was tun?


  1. Windows 7: BKA-Trojaner ohne Sperrschirm
    Log-Analyse und Auswertung - 08.07.2015 (9)
  2. Windows 8.1 64-Bit: BKA-Trojaner ohne Sperrschirm
    Log-Analyse und Auswertung - 26.06.2015 (7)
  3. Windows 7 : Trojaner mit Sperrschirm "GVU"
    Plagegeister aller Art und deren Bekämpfung - 13.06.2015 (1)
  4. Windows 7: BKA-Trojaner ohne Sperrschirm
    Log-Analyse und Auswertung - 17.03.2015 (17)
  5. Windows XP-Trojaner mit Sperrschirm
    Plagegeister aller Art und deren Bekämpfung - 08.02.2015 (16)
  6. Windows 8.1 64-Bit: BKA-Trojaner ohne Sperrschirm
    Log-Analyse und Auswertung - 06.02.2015 (17)
  7. Windows 7 BKA Trojaner mit Sperrschirm
    Log-Analyse und Auswertung - 11.08.2014 (11)
  8. Windows XP: Sperrschirm nach Polizeitrojaner
    Log-Analyse und Auswertung - 16.02.2014 (8)
  9. Windows XP: Sperrschirm nach Bundespolizei-Virus
    Log-Analyse und Auswertung - 02.02.2014 (9)
  10. "BKA-Trojaner" Sperrschirm,Abgesicherter Modus funktioniert nicht!
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (20)
  11. XP Prof. Sperrschirm "Interpol-Virus"
    Log-Analyse und Auswertung - 13.11.2013 (4)
  12. Windows 7: Bka-Interpol-Trojaner mit Sperrschirm
    Plagegeister aller Art und deren Bekämpfung - 09.11.2013 (5)
  13. Trojaner mit Sperrschirm im Windows XP
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (13)
  14. Windows 7: BKA/Interpol Sperrschirm
    Log-Analyse und Auswertung - 19.10.2013 (9)
  15. Windows XP : GVU Trojaner mit Sperrschirm
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (23)
  16. Windows XP: GVU-Trojaner mit Sperrschirm
    Plagegeister aller Art und deren Bekämpfung - 06.09.2013 (24)
  17. Windows Vista: GVU-Trojaner mit Sperrschirm
    Plagegeister aller Art und deren Bekämpfung - 09.08.2013 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "Windows 7: Sperrschirm...... Was tun? - Was muß ich tun um den Speer Bildschirm wieder los zu werden??? Hier mein Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: - "Windows 7: Sperrschirm...... Was tun?...
Archiv
Du betrachtest: "Windows 7: Sperrschirm...... Was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131