Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge

Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge


Log-Analyse und Auswertung: Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.10.2013, 15:11   #13
tungsten81
 
Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge - Standard

Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by Simon (administrator) on SIMON-PC on 01-10-2013 16:03:02
Running from C:\Users\Simon\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Citrix Systems, Inc.) C:\Program Files\Common Files\Citrix\System32\CdfSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\system32\NLSSRV32.EXE
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\ssonsvr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Crawler.com) C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler.com) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Dropbox, Inc.) C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [494112 2009-08-26] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-07-23] ()
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41] - C:\Users\Simon\AppData\Local\Google\Chrome\Application\chrome.exe [829392 2013-09-17] (Google Inc.)
HKU\Default\...\RunOnce: [ScrSav] - 
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_5738
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B7B9F8D2-5377-41C8-A021-C0664DF3BD36}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\pm1y41w4.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @citrix.com/Citrix Offline Plug-in - C:\Program Files\Citrix\Streaming Client\nprade.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Simon\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Simon\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\pm1y41w4.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Evernote Web Clipper - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\pm1y41w4.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\pm1y41w4.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\pm1y41w4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\pm1y41w4.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Program Files\Mozilla Firefox\plugins\NPPDLicenseHelper.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (McAfeeScanAndRepair) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\plugins\npMcAfeeSRPlgn.dll (McAfee, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Simon\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (WGT Golf Challenge) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0
CHR Extension: (Gmail Offline) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0
CHR Extension: (MondoFoot - Football manager) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\feejjhaipdfjnkeimajnalbkjobohceo\1.2.0.1_0
CHR Extension: (Chrome to Mobile) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\2_0
CHR Extension: (Google Mail Checker) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Evernote Web Clipper) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.0_0
CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (RSS Feed Reader) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\5.2.0_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Simon\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 CdfSvc; C:\Program Files\Common Files\Citrix\System32\CdfSvc.exe [320832 2010-02-01] (Citrix Systems, Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [690720 2009-08-26] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MSSQL$COBRA; c:\Program Files\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
S4 RadeHlprSvc; C:\Program Files\Citrix\Streaming Client\RadeHlprSvc.exe [120232 2010-12-21] (Citrix Systems, Inc.)
S4 RadeSvc; C:\Program Files\Citrix\Streaming Client\RadeSvc.exe [886176 2010-12-21] (Citrix Systems, Inc.)
S4 SQLAgent$COBRA; c:\Program Files\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-03-06] (LG Electronics Inc.)
S3 AndNetGps; C:\Windows\System32\DRIVERS\lgandnetgps.sys [22272 2012-03-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-03-06] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [73728 2012-03-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 cdfdrv; C:\Windows\System32\DRIVERS\cdfdrv.sys [31280 2010-01-19] (Citrix Systems, Inc.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 ctxpidmn; C:\Windows\System32\DRIVERS\ctxpidmn.sys [58488 2010-12-09] (Citrix Systems, Inc.)
R2 CtxSbx; C:\Windows\System32\DRIVERS\CtxSbx.sys [200312 2010-12-09] (Citrix Systems, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [21504 2012-03-02] (hxxp://libusb-win32.sourceforge.net)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
S3 s217bus; C:\Windows\System32\DRIVERS\s217bus.sys [83496 2007-11-02] (MCCI Corporation)
S3 s217mdfl; C:\Windows\System32\DRIVERS\s217mdfl.sys [15016 2007-11-02] (MCCI Corporation)
S3 s217mdm; C:\Windows\System32\DRIVERS\s217mdm.sys [109992 2007-11-02] (MCCI Corporation)
S3 s217mgmt; C:\Windows\System32\DRIVERS\s217mgmt.sys [103976 2007-11-02] (MCCI Corporation)
S3 s217nd5; C:\Windows\System32\DRIVERS\s217nd5.sys [24872 2007-11-02] (MCCI Corporation)
S3 s217obex; C:\Windows\System32\DRIVERS\s217obex.sys [100008 2007-11-02] (MCCI Corporation)
S3 s217unic; C:\Windows\System32\DRIVERS\s217unic.sys [105896 2007-11-02] (MCCI)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-23] (Avira GmbH)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-08-13] (Samsung Electronics)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Simon\AppData\Local\Temp\catchme.sys [x]
S2 DgiVecp; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [x]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-01 07:29 - 2013-10-01 07:29 - 00144104 _____ C:\Windows\Minidump\100113-19453-01.dmp
2013-09-29 21:57 - 2013-09-29 21:57 - 01086873 _____ (Farbar) C:\Users\Simon\Desktop\FRST.exe
2013-09-29 21:54 - 2013-09-29 21:54 - 00001266 _____ C:\Users\Simon\Desktop\checkup.txt
2013-09-29 21:49 - 2013-09-29 21:49 - 00891144 _____ C:\Users\Simon\Desktop\SecurityCheck.exe
2013-09-29 17:51 - 2013-09-29 17:51 - 02347384 _____ (ESET) C:\Users\Simon\Downloads\esetsmartinstaller_enu.exe
2013-09-29 17:46 - 2013-09-29 17:46 - 00035295 _____ C:\Windows\system32\hs_err_pid1436.log
2013-09-29 17:41 - 2013-09-29 17:41 - 98466785 _____ C:\Windows\system32\◯ὄd
2013-09-28 18:15 - 2013-09-28 18:15 - 00000000 ____D C:\Users\Simon\AppData\Roaming\DivX
2013-09-27 00:01 - 2013-09-27 00:01 - 00040901 _____ C:\Users\Simon\Desktop\FRST2.txt
2013-09-26 23:56 - 2013-09-26 23:56 - 00001090 _____ C:\Users\Simon\Desktop\JRT.txt
2013-09-26 23:53 - 2013-09-26 23:53 - 00000000 ____D C:\Windows\ERUNT
2013-09-26 23:44 - 2013-09-26 23:47 - 00000000 ____D C:\AdwCleaner
2013-09-26 23:43 - 2013-09-26 23:43 - 01042066 _____ C:\Users\Simon\Desktop\adwcleaner (1).exe
2013-09-26 23:19 - 2013-09-26 23:19 - 00001031 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-26 23:19 - 2013-09-26 23:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-26 23:19 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-26 23:17 - 2013-09-26 23:17 - 01030038 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe
2013-09-26 23:15 - 2013-09-26 23:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Simon\Desktop\mbam-setup-1.75.0.1300 (1).exe
2013-09-26 12:00 - 2013-09-26 12:00 - 00026905 _____ C:\ComboFix.txt
2013-09-26 11:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-26 11:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-26 11:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-26 11:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-26 11:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-26 11:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-26 11:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-26 11:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-26 11:10 - 2013-09-26 12:00 - 00000000 ____D C:\Qoobox
2013-09-26 11:10 - 2013-09-26 11:57 - 00000000 ____D C:\Windows\erdnt
2013-09-26 11:09 - 2013-09-26 11:08 - 05129554 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe
2013-09-26 06:53 - 2013-10-01 07:29 - 330346448 _____ C:\Windows\MEMORY.DMP
2013-09-26 06:53 - 2013-09-26 06:53 - 00144104 _____ C:\Windows\Minidump\092613-21886-01.dmp
2013-09-26 06:40 - 2013-09-26 06:40 - 00000000 ____D C:\FRST
2013-09-26 06:37 - 2013-09-26 06:37 - 00000000 _____ C:\Users\Simon\defogger_reenable
2013-09-26 06:34 - 2013-09-26 06:34 - 00377856 _____ C:\Users\Simon\Desktop\gmer_2.1.19163.exe
2013-09-26 06:32 - 2013-09-26 06:32 - 00050477 _____ C:\Users\Simon\Desktop\Defogger.exe
2013-09-26 05:59 - 2013-09-26 05:59 - 97892804 _____ C:\Windows\system32\ᴴ꒿ὄc
2013-09-25 06:27 - 2013-09-25 06:27 - 00000884 _____ C:\Users\Public\Desktop\f4_2012.lnk
2013-09-25 06:26 - 2013-09-25 06:27 - 02324134 _____ C:\Users\Simon\Downloads\f4_2012_installer.exe
2013-09-23 20:45 - 2013-09-23 20:45 - 98685961 _____ C:\Windows\system32\ꟷ四ὄ_
2013-09-23 06:58 - 2013-09-23 06:58 - 00038832 _____ C:\Windows\system32\hs_err_pid4896.log
2013-09-21 17:16 - 2013-09-21 17:16 - 02002416 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HousecallLauncher (2).exe
2013-09-17 09:38 - 2013-09-17 09:42 - 00000040 _____ C:\Autoconfig.ini
2013-09-17 09:37 - 2013-02-20 17:04 - 01571160 ____N C:\Windows\TotalUninstaller.exe
2013-09-17 09:36 - 2013-02-20 16:57 - 00158040 _____ C:\Windows\system32\spe__ci.exe
2013-09-17 09:36 - 2012-11-17 10:29 - 00000363 _____ C:\Windows\system32\spe__l.smt
2013-09-17 09:36 - 2011-04-11 07:26 - 00024064 _____ () C:\Windows\system32\spe__l.dll
2013-09-17 09:36 - 2010-10-20 10:49 - 00065536 _____ (SS) C:\Windows\system32\spe__ci.dll
2013-09-17 09:35 - 2013-09-17 09:36 - 19897904 _____ C:\Users\Simon\Downloads\SamsungUniversalPrintDriver2.exe
2013-09-13 08:31 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 08:31 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 08:31 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 08:31 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 08:31 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 08:31 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 08:31 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 08:09 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 08:09 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 08:09 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 08:09 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 08:09 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 08:09 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:09 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:09 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 08:09 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 22:10 - 2013-09-10 22:10 - 00030277 _____ C:\Windows\system32\hs_err_pid1148.log
2013-09-07 12:08 - 2013-09-07 12:19 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-01 16:03 - 2012-12-04 23:53 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Dropbox
2013-10-01 16:02 - 2012-12-12 06:43 - 00000000 ___RD C:\Users\Simon\Dropbox
2013-10-01 16:00 - 2011-01-30 10:14 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-01 15:59 - 2013-08-18 13:06 - 00546968 _____ C:\Windows\setupact.log
2013-10-01 15:59 - 2011-07-25 19:48 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-01 15:59 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-01 15:58 - 2013-05-07 18:30 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-01 15:58 - 2013-02-23 08:58 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-01 15:58 - 2013-02-23 08:58 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-01 15:58 - 2013-02-23 08:58 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-01 15:57 - 2013-06-23 20:05 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-10-01 07:40 - 2013-02-23 08:20 - 01059166 _____ C:\Windows\WindowsUpdate.log
2013-10-01 07:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2013-10-01 07:37 - 2009-11-18 13:47 - 00011104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-01 07:37 - 2009-11-18 13:47 - 00011104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-01 07:35 - 2012-11-28 21:57 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-521715293-1384342083-569615497-1000UA.job
2013-10-01 07:35 - 2011-01-30 10:14 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-01 07:29 - 2013-10-01 07:29 - 00144104 _____ C:\Windows\Minidump\100113-19453-01.dmp
2013-10-01 07:29 - 2013-09-26 06:53 - 330346448 _____ C:\Windows\MEMORY.DMP
2013-10-01 07:29 - 2010-06-06 20:06 - 00000000 ____D C:\Windows\Minidump
2013-10-01 07:26 - 2012-05-30 22:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-29 22:08 - 2013-08-18 13:06 - 00016082 _____ C:\Windows\PFRO.log
2013-09-29 21:57 - 2013-09-29 21:57 - 01086873 _____ (Farbar) C:\Users\Simon\Desktop\FRST.exe
2013-09-29 21:54 - 2013-09-29 21:54 - 00001266 _____ C:\Users\Simon\Desktop\checkup.txt
2013-09-29 21:49 - 2013-09-29 21:49 - 00891144 _____ C:\Users\Simon\Desktop\SecurityCheck.exe
2013-09-29 20:35 - 2012-11-28 21:57 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-521715293-1384342083-569615497-1000Core.job
2013-09-29 17:51 - 2013-09-29 17:51 - 02347384 _____ (ESET) C:\Users\Simon\Downloads\esetsmartinstaller_enu.exe
2013-09-29 17:51 - 2009-11-18 14:18 - 01807148 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 17:46 - 2013-09-29 17:46 - 00035295 _____ C:\Windows\system32\hs_err_pid1436.log
2013-09-29 17:41 - 2013-09-29 17:41 - 98466785 _____ C:\Windows\system32\◯ὄd
2013-09-28 18:15 - 2013-09-28 18:15 - 00000000 ____D C:\Users\Simon\AppData\Roaming\DivX
2013-09-27 00:01 - 2013-09-27 00:01 - 00040901 _____ C:\Users\Simon\Desktop\FRST2.txt
2013-09-26 23:56 - 2013-09-26 23:56 - 00001090 _____ C:\Users\Simon\Desktop\JRT.txt
2013-09-26 23:53 - 2013-09-26 23:53 - 00000000 ____D C:\Windows\ERUNT
2013-09-26 23:47 - 2013-09-26 23:44 - 00000000 ____D C:\AdwCleaner
2013-09-26 23:46 - 2013-06-18 07:54 - 00000000 ____D C:\ProgramData\Uniblue
2013-09-26 23:43 - 2013-09-26 23:43 - 01042066 _____ C:\Users\Simon\Desktop\adwcleaner (1).exe
2013-09-26 23:19 - 2013-09-26 23:19 - 00001031 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-26 23:19 - 2013-09-26 23:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-26 23:17 - 2013-09-26 23:17 - 01030038 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe
2013-09-26 23:15 - 2013-09-26 23:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Simon\Desktop\mbam-setup-1.75.0.1300 (1).exe
2013-09-26 12:49 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-26 12:00 - 2013-09-26 12:00 - 00026905 _____ C:\ComboFix.txt
2013-09-26 12:00 - 2013-09-26 11:10 - 00000000 ____D C:\Qoobox
2013-09-26 12:00 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-26 11:57 - 2013-09-26 11:10 - 00000000 ____D C:\Windows\erdnt
2013-09-26 11:53 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-09-26 11:08 - 2013-09-26 11:09 - 05129554 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe
2013-09-26 06:53 - 2013-09-26 06:53 - 00144104 _____ C:\Windows\Minidump\092613-21886-01.dmp
2013-09-26 06:40 - 2013-09-26 06:40 - 00000000 ____D C:\FRST
2013-09-26 06:37 - 2013-09-26 06:37 - 00000000 _____ C:\Users\Simon\defogger_reenable
2013-09-26 06:37 - 2009-11-18 13:48 - 00000000 ____D C:\Users\Simon
2013-09-26 06:34 - 2013-09-26 06:34 - 00377856 _____ C:\Users\Simon\Desktop\gmer_2.1.19163.exe
2013-09-26 06:32 - 2013-09-26 06:32 - 00050477 _____ C:\Users\Simon\Desktop\Defogger.exe
2013-09-26 05:59 - 2013-09-26 05:59 - 97892804 _____ C:\Windows\system32\ᴴ꒿ὄc
2013-09-25 06:28 - 2012-05-19 15:42 - 00000000 ____D C:\Users\Simon\AppData\Roaming\F4
2013-09-25 06:27 - 2013-09-25 06:27 - 00000884 _____ C:\Users\Public\Desktop\f4_2012.lnk
2013-09-25 06:27 - 2013-09-25 06:26 - 02324134 _____ C:\Users\Simon\Downloads\f4_2012_installer.exe
2013-09-25 06:27 - 2012-05-19 15:42 - 00000000 ____D C:\Program Files\f4_2012
2013-09-23 20:45 - 2013-09-23 20:45 - 98685961 _____ C:\Windows\system32\ꟷ四ὄ_
2013-09-23 06:58 - 2013-09-23 06:58 - 00038832 _____ C:\Windows\system32\hs_err_pid4896.log
2013-09-21 17:32 - 2007-07-01 12:21 - 00000000 ____D C:\Program Files\CCleaner
2013-09-21 17:16 - 2013-09-21 17:16 - 02002416 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HousecallLauncher (2).exe
2013-09-21 16:56 - 2013-01-26 10:25 - 00017920 _____ C:\Users\Simon\Desktop\Liste.xls
2013-09-20 07:58 - 2010-08-20 11:51 - 00000000 ____D C:\Users\Simon\AppData\Local\Paint.NET
2013-09-20 07:23 - 2012-05-30 22:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-20 07:23 - 2011-05-21 12:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 15:52 - 2009-12-17 17:56 - 00000000 ____D C:\Program Files\Samsung
2013-09-19 15:41 - 2013-04-02 09:59 - 00002368 _____ C:\Users\Simon\Desktop\Google Chrome.lnk
2013-09-19 08:05 - 2013-04-28 16:01 - 00000000 ____D C:\Users\Simon\AppData\Local\Windows Live
2013-09-17 09:42 - 2013-09-17 09:38 - 00000040 _____ C:\Autoconfig.ini
2013-09-17 09:41 - 2010-06-27 20:30 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Samsung
2013-09-17 09:37 - 2010-06-27 20:31 - 00000000 ____D C:\ProgramData\Samsung
2013-09-17 09:36 - 2013-09-17 09:35 - 19897904 _____ C:\Users\Simon\Downloads\SamsungUniversalPrintDriver2.exe
2013-09-16 20:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-14 08:35 - 2009-03-12 05:11 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 11:31 - 2009-11-18 13:44 - 00000000 ____D C:\Windows\Panther
2013-09-13 11:30 - 2009-07-14 06:33 - 00440344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 11:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-13 08:29 - 2013-07-16 20:26 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 08:26 - 2009-12-15 21:30 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 22:10 - 2013-09-10 22:10 - 00030277 _____ C:\Windows\system32\hs_err_pid1148.log
2013-09-09 06:01 - 2012-05-03 17:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-07 12:19 - 2013-09-07 12:08 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-07 12:19 - 2013-07-23 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox.bak

Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\temp\avgnt.exe
C:\Users\Simon\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-26 12:39

==================== End Of Log ============================
--- --- ---

--- --- ---


Ich hab dieses mal den Scan als Admin gestartet - oder hab ich dich da dann falsch verstanden? Oder ist das bei FRST überhaupt nicht gewünscht?

Gruß,

T81

 

Themen zu Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge
4d36e972-e325-11ce-bfc1-08002be10318, adobe, adware/installcore.gen, adware/installcore.gen7, antivirus, appl/domaiq.gen, avira searchfree toolbar, branding, defender, device driver, farbar, farbar recovery scan tool, html/dspark.b, plug-in, pup.optional.babylon.a, pup.optional.bundledtoolbar.a, pup.optional.bundleinstaller.a, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.opencandy, pup.optional.softonic, pup.optional.somoto, pup.optional.sweetim, services.exe, software, spyware, svchost.exe, taskhost.exe, virtualbox, windows


« Windows 7 Trojaner hat "Advanced Systen Protector" installiert und versucht nun auf Webseiten umzuleiten und bietet Scanner zu kaufen | Java/CVE Problem »


Ähnliche Themen: Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge


  1. Win7 - WLAN Verbindungsabbrüche, Router flutet PC mit Anfragen über ARP Protokoll, Unbekannte Geräte im WLAN Repeater
    Plagegeister aller Art und deren Bekämpfung - 23.08.2015 (5)
  2. Win7 Avira findet: PUA/softpulse.aona und PC läuft langsam
    Log-Analyse und Auswertung - 16.08.2015 (11)
  3. PC mit Win7 64: Booten dauert lang / Programme starten auffällig langsam Teil 1
    Log-Analyse und Auswertung - 21.06.2015 (22)
  4. Windows7 Professional startet sehr langsam, Start aller Programme dauert danach ewig
    Log-Analyse und Auswertung - 09.12.2014 (5)
  5. Win7: FF startet nicht, mbam findet einiges
    Log-Analyse und Auswertung - 23.08.2014 (11)
  6. Win7 langsam,Antivir dauert Stunden, neuer Befall?
    Plagegeister aller Art und deren Bekämpfung - 29.06.2014 (11)
  7. WLAN-Verbindung plötzlich unverschlüsselt - Zugriff auf eine Default-Verbindung
    Netzwerk und Hardware - 15.12.2013 (1)
  8. system startet nicht nach Hitman-USB-Boot!!! WIN7
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (2)
  9. Keine Verbindung Zum WLAN-Router obwohl verbindung lt Meldung hergestellt
    Plagegeister aller Art und deren Bekämpfung - 31.12.2012 (0)
  10. Wlan aufeinmal sehr langsam - keine Veränderung am System o.ä. vorgenommen :(
    Log-Analyse und Auswertung - 11.05.2012 (1)
  11. Internet nur Zuhause sehr langsam - Arcor Starterbox - WLAN / Betriebssysteme - iOS, Vista, Win7
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (3)
  12. Firefox und Internet Explorer sehr langsam trotz guter wLan Verbindung
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (17)
  13. AntiVir findet mehrere JavaExploits/Viren
    Log-Analyse und Auswertung - 07.10.2011 (5)
  14. Firefox total langsam / Chrome läuft gut /Antivir mehrere Funde
    Log-Analyse und Auswertung - 22.08.2010 (3)
  15. System langsam, hochfahren dauert zu lange, sowie Programmausführungen!
    Plagegeister aller Art und deren Bekämpfung - 25.11.2009 (1)
  16. AntiVir findet mehrere Trojaner ua TR/Agent.tzh
    Plagegeister aller Art und deren Bekämpfung - 01.01.2009 (3)
  17. laut Virustotal mehrere Viren nur Antivir findet nichts ?!
    Log-Analyse und Auswertung - 13.05.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge - FRST Logfile: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01 Ran by Simon (administrator) on SIMON-PC on 01-10-2013 16:03:02 - Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge...
Archiv
Du betrachtest: Win7: System startet langsam, dauert bis es WLAN-Verbindung findet, Antivir hat mehrere Quarantäneeinträge auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131