Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware

Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware


Log-Analyse und Auswertung: Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.09.2014, 16:35   #1
Veit_80
 
Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware - Icon22

Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware


Hi,

ich kann meinen PC nicht mehr benutzen, da er offensichtlich durch den Interpol-Trojaner befallen ist. Sobald ich mich anmelde, erscheint nach ca. 20 Sekunden der Trojaner-Sperrbildschirm (siehe Bild im Anhang). Ich fürchte ich habe ihn mir durch ein Microsoft Silverlight Update eingefangen, bei der ich ein Fenster mit Eingabeaufforderung einfach im dritten popup genervt gewähren ließ. Mein Sophos Antivirus hat keinen Alarm geschlagen.



Das habe ich bisher probiert:
  1. Startleiste aufrufen, Taskmanager, Anmeldung unter anderen Benutzernamen, lande aber immer wieder im Sperrbildschirm des Trojaners.
  2. Wenn ich den PC im abgesicherten Modus (normal, mit Netzwerk, mit Eingabeaufforderung) starte, fährt er sich direkt nach der Anmeldung sofort wieder herunter ohne dass ich etwas machen kann.
  3. Habe über die Windows-CD die automatische Reparatur der Startoptionen ohne Erfolg ausgeführt. Wiederherstellungspunkte waren ebenfalls alle gelöscht und somit nicht auswählbar. Habe einen weiteren Tipp verfolgt und per Eingabeaufforderung und regedit einen key für die Shell bei winlogon überprüft ("cmd /k start cmd" oder ähnlich stand darin) und durch iexplorer.exe ersetzt.

Dem Typen der den Trojaner programmiert habe könnte ich echt

Habe das Programm frst64.exe herunter geladen und hoffe durch die Ergebnisse des Scans auf Hilfe. Hier ist die Ausgabe des Programms:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014
Ran by SYSTEM on MININT-I7FSRHK on 31-08-2014 21:12:22
Running from G:\
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [TurboV EVO] => C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [9919104 2010-04-07] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-03-19] (APN)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1691136 2012-05-31] (AimerSoft)
HKLM-x32\...\Run: [AsioReg] => REGSVR32 /S CTASIO.DLL
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AllShare Control] => C:\Program Files (x86)\Samsung\Smart Home Control\AllShare Control
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-06-01] (Sophos Limited)
HKU\vhi\...\Policies\Explorer: [NoSaveSettings] 0
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-06-01] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-06-01] (Sophos Limited)
Startup: C:\Users\Party\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\program.lnk
ShortcutTarget: program.lnk -> C:\ProgramData\B83554.cpp ()
Startup: C:\Users\vhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\program.lnk
ShortcutTarget: program.lnk -> C:\ProgramData\B83554.cpp ()
Startup: C:\Users\vhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-03-19] (APN LLC.)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
S2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-06-01] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-06-01] (Sophos Limited)
S2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-06-01] (Sophos Limited)
S2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-06-01] (Sophos Limited)
S2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-06-01] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-06-01] (Sophos Limited)
S2 Winmgmt; C:\ProgramData\45538B.dot [332532 2014-08-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-04-14] (Paragon Software Group)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 MagicianSataModeReader; C:\Program Files (x86)\Samsung Magician\magdrvamd64.sys [13216 2014-05-19] ()
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-06-01] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-06-01] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-06-01] (Sophos Limited)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2010-03-30] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 cpuz130; \??\C:\Users\vhi\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 21:12 - 2014-08-31 21:12 - 00000000 ____D () C:\FRST
2014-08-31 08:25 - 2014-08-31 08:25 - 00332532 ____T (Microsoft Corporation) C:\ProgramData\45538B.dot
2014-08-31 08:24 - 2014-08-31 08:24 - 00175535 _____ () C:\ProgramData\B83554.cpp
2014-08-30 12:48 - 2014-08-30 12:48 - 00000000 ____D () C:\Users\vhi\AppData\Local\Adobe
2014-08-28 16:49 - 2014-08-28 16:49 - 00000000 ____D () C:\Windows\pss
2014-08-27 20:56 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-27 20:56 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:56 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-26 23:26 - 2014-08-26 23:26 - 00000000 ____D () C:\Program Files (x86)\Geeks3D
2014-08-26 22:18 - 2014-08-26 22:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-26 22:16 - 2014-08-11 21:31 - 01515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2014-08-26 22:16 - 2014-08-11 21:31 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-08-26 22:16 - 2014-08-11 21:31 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-08-26 22:16 - 2014-07-02 21:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6434052.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6434052.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2014-08-26 22:16 - 2014-07-02 21:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-26 22:11 - 2014-08-26 22:13 - 274075712 _____ (NVIDIA Corporation) C:\Users\vhi\Downloads\340.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-08-25 21:17 - 2014-08-30 10:10 - 00000000 ____D () C:\Users\vhi\AppData\Local\Battle.net
2014-08-25 21:17 - 2014-08-25 21:19 - 00000000 ____D () C:\Users\vhi\AppData\Roaming\Battle.net
2014-08-25 21:17 - 2014-08-25 21:17 - 00001131 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-25 21:17 - 2014-08-25 21:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-24 22:00 - 2014-08-24 22:02 - 00000000 ____D () C:\Users\vhi\Desktop\WOA Micha2014
2014-08-22 17:34 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-08-22 17:34 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-08-22 17:34 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-22 17:34 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-08-22 17:34 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-08-22 17:34 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-08-22 17:34 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-22 17:34 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-08-22 17:34 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-08-22 17:34 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-22 17:34 - 2014-05-14 08:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-08-22 17:34 - 2014-05-14 08:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-22 17:34 - 2014-05-14 08:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-08-22 17:34 - 2014-05-14 08:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 22:16 - 2014-08-20 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-19 06:56 - 2014-08-19 07:31 - 883456801 _____ () C:\Users\vhi\Desktop\WOA Micha2014.zip
2014-08-14 02:00 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
2014-08-14 02:00 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 02:00 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 02:00 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2014-08-14 02:00 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2014-08-14 02:00 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2014-08-14 02:00 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 02:00 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 07:21 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-08-13 07:21 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 07:21 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-08-13 07:21 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-08-13 07:21 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-08-13 07:21 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 07:21 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-08-13 07:21 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-08-13 07:21 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-08-13 07:21 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-08-13 07:21 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-08-13 07:21 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-08-13 07:21 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-08-13 07:21 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 07:21 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-08-13 07:21 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-08-13 07:21 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-08-13 07:21 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-08-13 07:21 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-13 07:21 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-08-13 07:21 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 07:21 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 07:21 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 07:21 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 07:21 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-08-13 07:21 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-13 07:21 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 07:21 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-08-13 07:21 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 07:21 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-08-13 07:21 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 07:21 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 07:21 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-08-13 07:21 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 07:21 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 07:21 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 07:21 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 07:21 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-08-13 07:21 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:21 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-08-13 07:21 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-08-13 07:21 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-08-13 07:21 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 07:21 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 07:21 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 07:21 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-08-13 07:21 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 07:21 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 07:21 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 07:21 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 07:21 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-08-13 07:21 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-08-13 07:21 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-08-13 07:21 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 07:21 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 07:21 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 07:21 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-08-13 07:21 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 07:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDYAK.DLL
2014-08-13 07:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDTAT.DLL
2014-08-13 07:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU1.DLL
2014-08-13 07:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2014-08-13 07:21 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU.DLL
2014-08-13 07:21 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 07:21 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 07:21 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 07:21 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 07:21 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 07:21 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\System32\locale.nls
2014-08-13 07:21 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 07:21 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-08-13 07:21 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 07:21 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-08-13 07:21 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-08-13 07:21 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-08-13 07:21 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2014-08-13 07:21 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-08-13 07:21 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 07:21 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 07:21 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 07:16 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-08-13 07:16 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-05 06:02 - 2014-08-07 00:44 - 745662983 _____ () C:\Users\vhi\Desktop\Wacken 2014 Jule.zip
2014-08-05 06:02 - 2014-08-05 06:18 - 480533860 _____ () C:\Users\vhi\Desktop\Domi´s Wacken Bilder.zip
2014-08-03 19:42 - 2014-08-03 19:47 - 00000000 ____D () C:\Users\vhi\Desktop\2014-08 Wacken

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 21:12 - 2014-08-31 21:12 - 00000000 ____D () C:\FRST
2014-08-31 20:09 - 2010-07-09 19:07 - 00637620 _____ () C:\Windows\PFRO.log
2014-08-31 20:00 - 2009-07-14 05:51 - 00502005 _____ () C:\Windows\setupact.log
2014-08-31 19:51 - 2013-05-27 21:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-31 19:44 - 2009-07-14 05:45 - 00014784 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-31 19:44 - 2009-07-14 05:45 - 00014784 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-31 19:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-31 19:25 - 2010-07-09 18:31 - 01756594 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 08:25 - 2014-08-31 08:25 - 00332532 ____T (Microsoft Corporation) C:\ProgramData\45538B.dot
2014-08-31 08:24 - 2014-08-31 08:24 - 00175535 _____ () C:\ProgramData\B83554.cpp
2014-08-30 12:48 - 2014-08-30 12:48 - 00000000 ____D () C:\Users\vhi\AppData\Local\Adobe
2014-08-30 10:10 - 2014-08-25 21:17 - 00000000 ____D () C:\Users\vhi\AppData\Local\Battle.net
2014-08-30 09:39 - 2010-07-09 19:05 - 00000000 ____D () C:\Users\vhi\AppData\Roaming\Skype
2014-08-28 17:00 - 2009-07-14 18:58 - 00702942 _____ () C:\Windows\System32\perfh007.dat
2014-08-28 17:00 - 2009-07-14 18:58 - 00150582 _____ () C:\Windows\System32\perfc007.dat
2014-08-28 17:00 - 2009-07-14 06:13 - 01629284 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-08-28 16:49 - 2014-08-28 16:49 - 00000000 ____D () C:\Windows\pss
2014-08-28 16:47 - 2014-03-22 13:41 - 00000344 _____ () C:\Windows\lgfwup.ini
2014-08-28 16:46 - 2014-03-22 13:40 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-08-28 02:16 - 2009-07-14 05:45 - 00420840 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-26 23:26 - 2014-08-26 23:26 - 00000000 ____D () C:\Program Files (x86)\Geeks3D
2014-08-26 22:20 - 2011-12-01 01:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-26 22:18 - 2014-08-26 22:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-26 22:18 - 2010-07-09 19:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-26 22:17 - 2010-07-09 19:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-26 22:13 - 2014-08-26 22:11 - 274075712 _____ (NVIDIA Corporation) C:\Users\vhi\Downloads\340.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-08-25 23:18 - 2014-03-13 14:50 - 00000000 ____D () C:\Users\vhi\Documents\Fritz!Box
2014-08-25 22:44 - 2010-07-10 17:09 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-08-25 22:39 - 2010-08-12 12:06 - 00000000 ____D () C:\Users\vhi\AppData\Roaming\vlc
2014-08-25 21:19 - 2014-08-25 21:17 - 00000000 ____D () C:\Users\vhi\AppData\Roaming\Battle.net
2014-08-25 21:17 - 2014-08-25 21:17 - 00001131 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-25 21:17 - 2014-08-25 21:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-25 20:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-25 17:33 - 2013-05-27 21:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 17:33 - 2012-04-12 07:13 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 17:33 - 2011-06-14 15:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-25 17:27 - 2012-05-12 09:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-25 06:45 - 2011-06-19 14:43 - 00000000 ____D () C:\Users\vhi\AppData\Roaming\foobar2000
2014-08-24 22:02 - 2014-08-24 22:00 - 00000000 ____D () C:\Users\vhi\Desktop\WOA Micha2014
2014-08-23 03:07 - 2014-08-27 20:56 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-23 02:45 - 2014-08-27 20:56 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 01:59 - 2014-08-27 20:56 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-22 18:58 - 2012-01-20 07:29 - 00030055 _____ () C:\Users\vhi\Documents\Sparplan Veit.xlsx
2014-08-20 22:16 - 2014-08-20 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-19 07:31 - 2014-08-19 06:56 - 883456801 _____ () C:\Users\vhi\Desktop\WOA Micha2014.zip
2014-08-14 02:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 02:04 - 2013-08-14 23:09 - 00000000 ____D () C:\Windows\System32\MRT
2014-08-14 02:02 - 2010-07-10 06:58 - 99218768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-08-11 21:31 - 2014-08-26 22:16 - 01515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2014-08-11 21:31 - 2014-08-26 22:16 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-08-11 21:31 - 2014-08-26 22:16 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2014-08-07 00:44 - 2014-08-05 06:02 - 745662983 _____ () C:\Users\vhi\Desktop\Wacken 2014 Jule.zip
2014-08-05 08:20 - 2010-07-09 19:02 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-08-05 06:18 - 2014-08-05 06:02 - 480533860 _____ () C:\Users\vhi\Desktop\Domi´s Wacken Bilder.zip
2014-08-03 19:47 - 2014-08-03 19:42 - 00000000 ____D () C:\Users\vhi\Desktop\2014-08 Wacken
2014-08-01 00:41 - 2014-08-13 07:21 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-08-01 00:16 - 2014-08-13 07:21 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\vhi\AppData\Local\Temp\2408.dll
C:\Users\vhi\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\vhi\AppData\Local\Temp\nvStInst.exe
C:\Users\vhi\AppData\Local\Temp\Samsung_Magician_Setup_v44.exe
C:\Users\vhi\AppData\Local\Temp\SkypeSetup.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8190.16 MB
Available physical RAM: 7311.13 MB
Total Pagefile: 8188.31 MB
Available Pagefile: 7327.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (Rammstein_ssd) (Fixed) (Total:238.47 GB) (Free:22.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Datengarten) (Fixed) (Total:226.5 GB) (Free:73.95 GB) NTFS
Drive f: (GRMCPRXFRER_DE_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
Drive g: (VOLUME) (Removable) (Total:1.87 GB) (Free:0.83 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Datengarten2) (Fixed) (Total:239.26 GB) (Free:158.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0732CB61)
Partition 1: (Active) - (Size=239.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=226.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 3A7BDD3E)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-08-27 02:24

==================== End Of Log ============================
Hoffe jemand kann mir helfen!
Miniaturansicht angehängter Grafiken
Klicken Sie auf die Grafik für eine größere Ansicht Name: IMG_9640.jpg Hits: 616 Größe: 494,5 KB ID: 69156  

 

Themen zu Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware
abgesicherter modus fährt automatisch herunter, file, flash player, iexplorer.exe, interpol trojaner, java/exploit.agent.qzu, lnk/agent.az, mozilla, pc gesperrt, pup.optional.oneclickdownloader.a, registry, services.exe, software, svchost.exe, taskmanager, temp, trojan.fakems, trojan.ransom.vegen, win32/adware.1clickdownload.at, win32/adware.adon, win32/adware.whenu.savenow, win32/reveton.aj, windows, winlogon.exe


« Widows Vista 32bit. "Softwareupdater.UI.exe" möchte sich bei jedem Start öffnen | Mehrere Trojaner entdeckt (Dpx.js.i.simpli.fi) »


Ähnliche Themen: Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware


  1. Plötzliche Sperrung des Laptops durch die NSA Interpol und Aufforderung zur Zahlung von 100 EUR
    Plagegeister aller Art und deren Bekämpfung - 30.06.2015 (3)
  2. Meldung Sperrung des Browsers durch "Interpol" mit Paysafe Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (14)
  3. hp computer durch interpol Trojaner gesperrt
    Log-Analyse und Auswertung - 20.09.2014 (1)
  4. Windows 7 Trojaner führt zur Sperrung von Online Banking
    Log-Analyse und Auswertung - 29.06.2014 (16)
  5. PC durch interpol Trojaner gesperrt
    Log-Analyse und Auswertung - 01.06.2014 (10)
  6. Computer gesperrt durch Interpol Trojaner
    Log-Analyse und Auswertung - 01.04.2014 (1)
  7. Trojaner-Problem durch Sperrung meiner E-Mailadresse aufgefallen
    Plagegeister aller Art und deren Bekämpfung - 03.11.2013 (1)
  8. Computer gesperrt durch Trojaner - Interpol
    Log-Analyse und Auswertung - 07.10.2013 (15)
  9. Interpol Sperrung meines Computers
    Plagegeister aller Art und deren Bekämpfung - 29.08.2013 (13)
  10. Sperrung des PCs durch Bundesamt für Internetsicherheit ?
    Log-Analyse und Auswertung - 04.06.2013 (95)
  11. Sperrung des Rechnerst durch AVU-Meldung
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (5)
  12. Rechner Sperrung durch Trojaner Bundespolizei
    Plagegeister aller Art und deren Bekämpfung - 06.01.2013 (11)
  13. Kleiner Tipp: Sperrung durch Ukash Trojaner verhindern!
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (4)
  14. Sperrung durch Bundespolizei (Cyber Crimes Unit)
    Log-Analyse und Auswertung - 10.04.2012 (13)
  15. PC Sperrung durch Windows Security Center
    Log-Analyse und Auswertung - 15.03.2012 (15)
  16. Pc Sperrung durch Windows Sicherheitscenter
    Plagegeister aller Art und deren Bekämpfung - 09.02.2012 (1)
  17. Internetbanking Sperrung durch Gozi
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware - Hi, ich kann meinen PC nicht mehr benutzen, da er offensichtlich durch den Interpol-Trojaner befallen ist. Sobald ich mich anmelde, erscheint nach ca. 20 Sekunden der Trojaner-Sperrbildschirm (siehe Bild im - Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware...
Archiv
Du betrachtest: Windows 7 x64: Sperrung durch Interpol-Trojaner / scramware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131