Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Weiser Bildschirm nach neustart Windows 7 (https://www.trojaner-board.de/146811-weiser-bildschirm-neustart-windows-7-a.html)

bardak82 28.12.2013 14:26
Weiser Bildschirm nach neustart Windows 7
 
habe bereits im Forum recherchiert und bin auf das gleiche Thema gekommen:

anbei meine frst.txt file:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2013 01
Ran by SYSTEM on MININT-E4LGVG7 on 28-12-2013 14:18:44
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12448872 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-07] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [576376 2012-02-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-01-20] ()
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-22] (Microsoft)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-22] (Microsoft)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe [1074376 2012-12-12] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884936 2012-12-12] (Iminent)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] ()
HKU\SaturnNSU\...\Run: [Joxi] - "C:\Program Files (x86)\Joxi\Joxi.exe"
HKU\SaturnNSU\...\Winlogon: [Shell] explorer.exe,C:\Users\SaturnNSU\AppData\Roaming\Other.res [122368 2013-08-28] () <==== ATTENTION
HKU\UpdatusUser.SaturnNSU-PC\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] ()
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1317152 2013-12-16] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)

==================== Services (Whitelisted) =================

S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2251552 2013-12-16] (Conduit)
S3 DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [111776 2012-02-09] (Atheros Communication Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-15] (Intel Corporation)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe [143928 2012-12-04] (Symantec Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2012-12-25] ()
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2620016 2013-01-31] (Iminent)
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros)

==================== Drivers (Whitelisted) ====================

S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1402010.016\ccSetx64.sys [168096 2012-08-20] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131115.001\IDSvia64.sys [521816 2013-11-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131118.002\ENG64.SYS [126040 2013-11-18] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131118.002\EX64.SYS [2099288 2013-11-18] (Symantec Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1402010.016\SRTSP64.SYS [776864 2012-10-08] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1402010.016\SRTSPX64.SYS [37496 2012-05-24] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1402010.016\SYMDS64.SYS [493216 2012-10-03] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1402010.016\SYMEFA64.SYS [1133216 2012-10-03] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-11-17] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1402010.016\Ironx64.SYS [224416 2012-09-06] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1402010.016\SYMNETS.SYS [432800 2012-09-06] (Symantec Corporation)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-28 14:05 - 2013-12-28 14:05 - 00000000 ____D C:\FRST
2013-12-27 14:24 - 2013-12-27 14:24 - 00122368 _____ C:\Users\SaturnNSU\Downloads\adobeflashplayerv10.2.152.32.exe
2013-12-26 08:35 - 2013-12-28 04:19 - 00001848 _____ C:\Windows\setupact.log
2013-12-26 08:35 - 2013-12-26 08:35 - 00000000 _____ C:\Windows\setuperr.log
2013-12-26 02:15 - 2013-12-26 02:15 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-26 02:15 - 2013-12-26 02:15 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-26 02:15 - 2013-12-26 02:15 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 02:05 - 2013-12-26 02:05 - 03571656 _____ (Piriform Ltd) C:\Users\SaturnNSU\Downloads\ccsetup409_slim.exe
2013-12-23 01:32 - 2013-12-23 01:32 - 00303000 _____ C:\Users\SaturnNSU\Downloads\petlyura_yuriy_barabash_-_temnaya_voda_zaycev_net.exe
2013-12-20 05:14 - 2013-12-20 05:19 - 00000000 ____D C:\Users\SaturnNSU\Desktop\oliver Kloos
2013-12-17 19:55 - 2013-12-17 19:55 - 00000000 ____D C:\Users\SaturnNSU\AppData\Local\NVIDIA Corporation
2013-12-17 19:53 - 2013-12-09 18:13 - 01100248 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2013-12-17 19:53 - 2013-12-09 18:13 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-12-17 19:52 - 2013-12-05 00:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2013-12-17 19:52 - 2013-12-05 00:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-12 01:41 - 2013-12-12 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 00:31 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-12-12 00:31 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-12-12 00:31 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 00:31 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 00:30 - 2013-11-26 03:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-12-12 00:30 - 2013-11-26 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-12-12 00:30 - 2013-11-26 02:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-12-12 00:30 - 2013-11-26 02:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 00:30 - 2013-11-26 01:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-12-12 00:30 - 2013-11-26 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-12-12 00:30 - 2013-11-26 01:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-12-12 00:30 - 2013-11-26 01:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-12-12 00:30 - 2013-11-26 01:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-12-12 00:30 - 2013-11-26 01:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 00:30 - 2013-11-26 01:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-12-12 00:30 - 2013-11-26 01:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-12-12 00:30 - 2013-11-26 01:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-12-12 00:30 - 2013-11-26 01:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-12-12 00:30 - 2013-11-26 00:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-12-12 00:30 - 2013-11-26 00:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 00:30 - 2013-11-26 00:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 00:30 - 2013-11-26 00:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 00:30 - 2013-11-26 00:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 00:30 - 2013-11-26 00:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-12-12 00:30 - 2013-11-25 23:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-12-12 00:30 - 2013-11-25 23:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 00:30 - 2013-11-25 23:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 00:30 - 2013-11-25 23:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-12-12 00:30 - 2013-11-25 22:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-12-12 00:30 - 2013-11-25 22:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-12-12 00:30 - 2013-11-25 22:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 00:30 - 2013-11-25 22:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 00:30 - 2013-11-25 22:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 00:29 - 2013-11-26 00:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-12-12 00:29 - 2013-11-26 00:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 00:21 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 00:21 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-12-12 00:21 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-12-12 00:21 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 00:21 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2013-12-12 00:21 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 00:21 - 2013-10-29 17:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-12-12 00:21 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-12-12 00:21 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 00:20 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2013-12-12 00:20 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2013-12-12 00:20 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 00:20 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 00:20 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2013-12-12 00:20 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2013-12-12 00:20 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 00:20 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 00:20 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-12-12 00:20 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-12-10 10:03 - 2013-12-10 10:03 - 00000000 ____D C:\Users\SaturnNSU\AppData\Roaming\.mono
2013-12-03 02:48 - 2013-10-14 09:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2013-12-03 02:45 - 2013-12-03 02:45 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 02:45 - 2013-12-03 02:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-12-03 02:45 - 2013-12-03 02:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-12-03 02:45 - 2013-12-03 02:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 02:45 - 2013-12-03 02:45 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-12-03 02:45 - 2013-12-03 02:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 02:45 - 2013-12-03 02:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 01:45 - 2013-12-03 01:45 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect

==================== One Month Modified Files and Folders =======

2013-12-28 14:05 - 2013-12-28 14:05 - 00000000 ____D C:\FRST
2013-12-28 04:23 - 2012-04-20 03:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-28 04:19 - 2013-12-26 08:35 - 00001848 _____ C:\Windows\setupact.log
2013-12-28 04:19 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 04:17 - 2012-10-08 22:39 - 02078330 _____ C:\Windows\WindowsUpdate.log
2013-12-28 04:13 - 2012-11-16 11:44 - 00000000 ____D C:\Users\SaturnNSU\AppData\Local\CrashDumps
2013-12-27 14:24 - 2013-12-27 14:24 - 00122368 _____ C:\Users\SaturnNSU\Downloads\adobeflashplayerv10.2.152.32.exe
2013-12-27 11:58 - 2012-10-09 08:33 - 05911920 _____ C:\Windows\System32\perfh007.dat
2013-12-27 11:58 - 2012-10-09 08:33 - 01823468 _____ C:\Windows\System32\perfc007.dat
2013-12-27 11:58 - 2009-07-13 21:13 - 00006446 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-27 00:00 - 2009-07-13 20:45 - 00016752 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-27 00:00 - 2009-07-13 20:45 - 00016752 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 08:35 - 2013-12-26 08:35 - 00000000 _____ C:\Windows\setuperr.log
2013-12-26 02:16 - 2013-01-04 14:20 - 00000000 ____D C:\Users\SaturnNSU\AppData\Roaming\uTorrent
2013-12-26 02:16 - 2012-11-30 11:11 - 00000000 ____D C:\Windows\Minidump
2013-12-26 02:16 - 2007-07-11 17:49 - 00000000 ____D C:\Windows\Panther
2013-12-26 02:15 - 2013-12-26 02:15 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-26 02:15 - 2013-12-26 02:15 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-26 02:15 - 2013-12-26 02:15 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 02:05 - 2013-12-26 02:05 - 03571656 _____ (Piriform Ltd) C:\Users\SaturnNSU\Downloads\ccsetup409_slim.exe
2013-12-25 08:42 - 2012-12-23 13:32 - 00000000 ____D C:\Users\SaturnNSU\AppData\Roaming\vlc
2013-12-24 05:00 - 2009-07-13 21:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 01:32 - 2013-12-23 01:32 - 00303000 _____ C:\Users\SaturnNSU\Downloads\petlyura_yuriy_barabash_-_temnaya_voda_zaycev_net.exe
2013-12-20 05:19 - 2013-12-20 05:14 - 00000000 ____D C:\Users\SaturnNSU\Desktop\oliver Kloos
2013-12-20 04:59 - 2012-12-10 02:14 - 00000000 ____D C:\Users\SaturnNSU\Desktop\bilder
2013-12-17 19:56 - 2013-10-24 08:41 - 00000000 ____D C:\Users\SaturnNSU\AppData\Local\NVIDIA
2013-12-17 19:55 - 2013-12-17 19:55 - 00000000 ____D C:\Users\SaturnNSU\AppData\Local\NVIDIA Corporation
2013-12-17 19:55 - 2013-09-21 01:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-17 19:55 - 2013-09-21 01:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-17 19:53 - 2013-09-21 01:03 - 00000000 ____D C:\users\UpdatusUser.SaturnNSU-PC
2013-12-17 19:53 - 2012-10-08 22:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-17 19:53 - 2012-10-08 22:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-16 19:50 - 2013-11-22 01:54 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-16 04:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-12-14 11:47 - 2013-08-15 08:47 - 00000000 ____D C:\Windows\System32\MRT
2013-12-14 11:45 - 2012-11-22 23:01 - 90708896 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-12-12 09:26 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 09:25 - 2012-11-16 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 02:49 - 2013-07-31 06:19 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-12 01:41 - 2013-12-12 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 01:23 - 2012-04-20 03:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 01:23 - 2012-04-20 03:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 01:23 - 2012-04-20 03:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-12 01:04 - 2009-07-13 20:45 - 00290696 _____ C:\Windows\System32\FNTCACHE.DAT
2013-12-12 00:11 - 2012-11-17 11:27 - 00000000 ____D C:\ProgramData\Norton
2013-12-12 00:11 - 2012-11-16 04:28 - 00000000 ____D C:\users\SaturnNSU
2013-12-12 00:11 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-12-10 10:03 - 2013-12-10 10:03 - 00000000 ____D C:\Users\SaturnNSU\AppData\Roaming\.mono
2013-12-09 18:13 - 2013-12-17 19:53 - 01100248 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2013-12-09 18:13 - 2013-12-17 19:53 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-12-08 13:11 - 2013-11-20 02:04 - 00000000 ____D C:\Users\SaturnNSU\Desktop\basteln
2013-12-05 00:42 - 2013-12-17 19:52 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2013-12-05 00:42 - 2013-12-17 19:52 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-05 00:42 - 2013-09-21 00:50 - 00035104 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2013-12-04 10:10 - 2012-04-20 02:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-04 10:08 - 2012-11-18 10:11 - 00000000 ____D C:\Users\SaturnNSU\Documents\My Games
2013-12-03 03:25 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 02:45 - 2013-12-03 02:45 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 02:45 - 2013-12-03 02:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-12-03 02:45 - 2013-12-03 02:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-12-03 02:45 - 2013-12-03 02:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 02:45 - 2013-12-03 02:45 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-12-03 02:45 - 2013-12-03 02:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 02:45 - 2013-12-03 02:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 02:45 - 2013-12-03 02:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-12-03 02:45 - 2013-12-03 02:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 01:45 - 2013-12-03 01:45 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8030.36 MB
Available physical RAM: 7161.52 MB
Total Pagefile: 8028.55 MB
Available Pagefile: 7158.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:915.91 GB) (Free:739.7 GB) NTFS
Drive e: (PQSERVICE) (Fixed) (Total:15.5 GB) (Free:0.74 GB) NTFS
Drive g: (STORE N GO) (Removable) (Total:7.45 GB) (Free:1.15 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 045008C9)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=916 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)


LastRegBack: 2013-12-20 09:04

==================== End Of Log ============================

Über eine schnelle Hilfe würde ich mich freuen.

Vielen Dank

aharonov 28.12.2013 15:54
Hallo,

startet der Rechner nach diesem Fix wieder normal?


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\SaturnNSU\...\Winlogon: [Shell] explorer.exe,C:\Users\SaturnNSU\AppData\Roaming\Other.res [122368 2013-08-28] () <==== ATTENTION
C:\Users\SaturnNSU\AppData\Roaming\Other.res
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

aharonov 07.01.2014 15:28
Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19