Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows Vista: Notebook infiziert mit Antivirus Blocking Rules

Windows Vista: Notebook infiziert mit Antivirus Blocking Rules


Log-Analyse und Auswertung: Windows Vista: Notebook infiziert mit Antivirus Blocking Rules

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 11.11.2013, 22:39   #7
zim
 
Windows Vista: Notebook infiziert mit Antivirus Blocking Rules - Standard

Windows Vista: Notebook infiziert mit Antivirus Blocking Rules


Hallo,

hier erstmal ESET, der Rest kommt gleich
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a820ecf8f39d2c45a92f5b33ecc6f910
# engine=15838
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-11 09:24:56
# local_time=2013-11-11 10:24:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=3591 16777213 100 90 550018 146801681 0 0
# compatibility_mode=5892 16776574 100 100 98895382 221737868 0 0
# scanned=250420
# found=0
# cleaned=0
# scan_time=12626
So hier jetzt der Rest:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.76  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 7 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 JavaFX 2.1.1    
 Java 7 Update 10  
 Java version out of Date! 
 Adobe Flash Player 	11.9.900.117  
 Adobe Reader 8 Adobe Reader out of Date! 
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox 22.0 Firefox out of Date!  
 Google Chrome 30.0.1599.101  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
[CODE]A
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Nadine (administrator) on NADINE-PC on 11-11-2013 22:48:32
Running from C:\Users\Nadine\AppData\Local\Opera\Opera\temporary_downloads
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Logitech Inc.) C:\Program Files\Squeezebox\SqueezeTray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Opera Software) C:\Program Files\Opera\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-06-07] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Nadine\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Nadine\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: [verify-U]-Add-on - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\verify-u_2@cybits.de
FF Extension: Flagfox - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: TV-Fox - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
FF Extension: DownloadHelper - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: jid1-kV5U6puWw0Cdvg - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\jid1-kV5U6puWw0Cdvg@jetpack.xpi
FF Extension: personas - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\personas@christopher.beard.xpi
FF Extension: smarterwiki - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\smarterwiki@wikiatic.com.xpi
FF Extension: dta - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\gz2iqwui.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (LoadTubes Plugin) - C:\Program Files\Mozilla Firefox\plugins\npmieze.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (F2B Dark Electrique - Ibis Tribute on Black) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkhfghgcedfhpkoilcmohbcmkbcdodd\1_0
CHR Extension: (Norton Identity Protection) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0
CHR Extension: (Gmail) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor7.0; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-12-08] (Adobe Systems Incorporated)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\diMaster.dll [567600 2013-10-08] (Symantec Corporation)
S3 PACSPTISVR-MusicUnlimitedTransfer; C:\Program Files\Sony\Music Unlimited Transfer\Sony.Earth\PACSPTISVR.exe [169832 2012-04-17] (Sony Corporation)
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20131101.003\BHDrvx86.sys [1096280 2013-10-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-09-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-09-30] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20131110.003\IDSvix86.sys [393816 2013-10-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20131111.002\NAVENG.SYS [93272 2013-09-30] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20131111.002\NAVEX15.SYS [1612376 2013-09-30] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-29] (Samsung Electronics)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-09-30] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [63576 2013-08-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1501000.012\SYMTDIV.SYS [383576 2013-09-26] (Symantec Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S2 IWPORT; \??\C:\Windows\SYSTEM32\DRIVERS\IWPORT.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [x]
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 3\ProcObsrv.sys [x]
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-11 22:46 - 2013-11-11 22:46 - 00001140 _____ C:\Users\Nadine\Desktop\checkup.txt
2013-11-11 22:37 - 2013-11-11 22:37 - 00891184 _____ C:\Users\Nadine\Desktop\SecurityCheck.exe
2013-11-11 14:32 - 2013-11-11 14:32 - 02347384 _____ (ESET) C:\Users\Nadine\Desktop\esetsmartinstaller_enu.exe
2013-11-10 15:33 - 2013-11-10 15:33 - 00141632 _____ C:\Windows\Minidump\Mini111013-01.dmp
2013-11-10 15:14 - 2013-11-10 15:14 - 00032960 _____ C:\Users\Nadine\Desktop\FRST1.txt
2013-11-10 15:13 - 2013-11-10 15:13 - 00032960 _____ C:\Users\Nadine\Desktop\FRST.txt
2013-11-10 15:03 - 2013-11-10 15:03 - 00001894 _____ C:\Users\Nadine\Desktop\JRT.txt
2013-11-10 14:55 - 2013-11-10 14:55 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 14:52 - 2013-11-10 14:52 - 01034531 _____ (Thisisu) C:\Users\Nadine\Desktop\JRT.exe
2013-11-10 14:50 - 2013-11-10 14:50 - 00015234 _____ C:\Users\Nadine\Desktop\AdwCleaner[S0].txt
2013-11-10 14:44 - 2013-11-10 14:46 - 00000000 ____D C:\AdwCleaner
2013-11-10 14:43 - 2013-11-10 14:43 - 01073262 _____ C:\Users\Nadine\Desktop\adwcleaner.exe
2013-11-10 13:50 - 2013-11-10 13:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Malwarebytes
2013-11-10 13:49 - 2013-11-10 13:49 - 00000866 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 13:48 - 2013-11-10 13:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-10 13:48 - 2013-11-10 13:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 13:48 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 13:47 - 2013-11-10 13:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Nadine\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-09 14:09 - 2013-11-09 14:09 - 00013538 _____ C:\Users\Nadine\Desktop\combofix.txt
2013-11-09 11:53 - 2013-11-09 11:53 - 00013538 _____ C:\ComboFix.txt
2013-11-09 11:23 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-09 11:23 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-09 11:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-09 11:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-09 11:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-09 11:23 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-09 11:23 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-09 11:23 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-09 11:22 - 2013-11-09 11:53 - 00000000 ____D C:\Qoobox
2013-11-09 11:21 - 2013-11-09 11:50 - 00000000 ____D C:\Windows\erdnt
2013-11-09 11:11 - 2013-11-09 11:11 - 05145633 ____R (Swearware) C:\Users\Nadine\Desktop\ComboFix.exe
2013-11-08 23:29 - 2013-11-08 23:29 - 00003976 _____ C:\Users\Nadine\Desktop\Gmer.txt
2013-11-08 22:51 - 2013-11-08 22:51 - 00027418 _____ C:\Users\Nadine\Desktop\Addition.txt
2013-11-08 22:32 - 2013-11-08 22:32 - 00000000 ____D C:\FRST
2013-11-08 22:28 - 2013-11-08 22:28 - 00000000 _____ C:\Users\Nadine\defogger_reenable
2013-11-08 19:30 - 2013-11-08 19:30 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-08 19:28 - 2013-11-08 20:31 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-08 18:23 - 2013-11-08 18:28 - 00000000 ____D C:\Users\Nadine\Documents\Descent
2013-11-06 15:51 - 2013-11-11 20:50 - 00231936 _____ C:\Users\Nadine\Desktop\Zeichnung2.vsd
2013-11-06 15:43 - 2013-11-11 20:51 - 00232448 _____ C:\Users\Nadine\Desktop\Zeichnung1.vsd
2013-11-03 18:29 - 2013-11-03 18:29 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\David Walters Development
2013-11-02 15:56 - 2013-11-02 15:56 - 00000000 ____D C:\Users\Nadine\AppData\Local\emaze
2013-10-27 19:26 - 2013-10-27 19:26 - 00001624 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-27 19:25 - 2013-10-27 19:25 - 00000000 ____D C:\Program Files\iPod
2013-10-27 19:24 - 2013-10-27 19:26 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-27 19:24 - 2013-10-27 19:26 - 00000000 ____D C:\Program Files\iTunes
2013-10-13 02:49 - 2013-09-24 04:07 - 06119424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 03625984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-13 02:49 - 2013-09-24 04:07 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-13 02:49 - 2013-09-24 04:06 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-10-13 02:49 - 2013-09-23 21:13 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-13 02:49 - 2013-09-23 21:01 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 03:00 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-12 03:00 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-12 02:47 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-12 02:47 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-12 02:47 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-12 02:47 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-12 02:47 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-12 02:47 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-12 02:47 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-12 02:47 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-12 02:47 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-12 02:47 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-12 02:47 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-12 02:47 - 2013-07-12 10:04 - 00073344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-12 02:46 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-12 02:46 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-12 02:46 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 02:43 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 02:43 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 02:43 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 02:43 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-12 02:43 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-12 02:43 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 02:43 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 02:41 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-12 02:41 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

==================== One Month Modified Files and Folders =======

2013-11-11 22:46 - 2013-11-11 22:46 - 00001140 _____ C:\Users\Nadine\Desktop\checkup.txt
2013-11-11 22:43 - 2012-04-05 20:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-11 22:37 - 2013-11-11 22:37 - 00891184 _____ C:\Users\Nadine\Desktop\SecurityCheck.exe
2013-11-11 22:18 - 2006-11-02 13:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 22:18 - 2006-11-02 13:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 22:05 - 2012-10-21 13:19 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-11 21:32 - 2008-09-10 01:00 - 01198790 _____ C:\Windows\WindowsUpdate.log
2013-11-11 20:51 - 2013-11-06 15:43 - 00232448 _____ C:\Users\Nadine\Desktop\Zeichnung1.vsd
2013-11-11 20:50 - 2013-11-06 15:51 - 00231936 _____ C:\Users\Nadine\Desktop\Zeichnung2.vsd
2013-11-11 19:05 - 2012-10-21 13:19 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-11 14:33 - 2006-11-02 11:33 - 01445546 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 14:32 - 2013-11-11 14:32 - 02347384 _____ (ESET) C:\Users\Nadine\Desktop\esetsmartinstaller_enu.exe
2013-11-11 14:32 - 2008-10-12 19:36 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-11-11 14:31 - 2012-03-22 20:29 - 00002577 _____ C:\Users\Nadine\Desktop\Microsoft Word 2010.lnk
2013-11-10 15:33 - 2013-11-10 15:33 - 00141632 _____ C:\Windows\Minidump\Mini111013-01.dmp
2013-11-10 15:33 - 2013-07-14 17:24 - 298506738 _____ C:\Windows\MEMORY.DMP
2013-11-10 15:33 - 2009-12-11 21:17 - 00000000 ____D C:\Windows\Minidump
2013-11-10 15:33 - 2006-11-02 13:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 15:14 - 2013-11-10 15:14 - 00032960 _____ C:\Users\Nadine\Desktop\FRST1.txt
2013-11-10 15:13 - 2013-11-10 15:13 - 00032960 _____ C:\Users\Nadine\Desktop\FRST.txt
2013-11-10 15:04 - 2006-11-02 13:58 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-10 15:03 - 2013-11-10 15:03 - 00001894 _____ C:\Users\Nadine\Desktop\JRT.txt
2013-11-10 14:55 - 2013-11-10 14:55 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 14:52 - 2013-11-10 14:52 - 01034531 _____ (Thisisu) C:\Users\Nadine\Desktop\JRT.exe
2013-11-10 14:50 - 2013-11-10 14:50 - 00015234 _____ C:\Users\Nadine\Desktop\AdwCleaner[S0].txt
2013-11-10 14:46 - 2013-11-10 14:44 - 00000000 ____D C:\AdwCleaner
2013-11-10 14:43 - 2013-11-10 14:43 - 01073262 _____ C:\Users\Nadine\Desktop\adwcleaner.exe
2013-11-10 14:38 - 2012-12-22 21:55 - 00031284 _____ C:\Windows\PFRO.log
2013-11-10 14:36 - 2008-08-01 11:00 - 00000000 ____D C:\Windows\Downloaded Installations
2013-11-10 13:50 - 2013-11-10 13:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Malwarebytes
2013-11-10 13:49 - 2013-11-10 13:49 - 00000866 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 13:49 - 2013-11-10 13:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-10 13:48 - 2013-11-10 13:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 13:47 - 2013-11-10 13:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Nadine\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-09 14:09 - 2013-11-09 14:09 - 00013538 _____ C:\Users\Nadine\Desktop\combofix.txt
2013-11-09 11:53 - 2013-11-09 11:53 - 00013538 _____ C:\ComboFix.txt
2013-11-09 11:53 - 2013-11-09 11:22 - 00000000 ____D C:\Qoobox
2013-11-09 11:53 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-11-09 11:53 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-11-09 11:50 - 2013-11-09 11:21 - 00000000 ____D C:\Windows\erdnt
2013-11-09 11:46 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-11-09 11:22 - 2008-09-26 13:10 - 00000000 ____D C:\Users\Nadine
2013-11-09 11:11 - 2013-11-09 11:11 - 05145633 ____R (Swearware) C:\Users\Nadine\Desktop\ComboFix.exe
2013-11-08 23:29 - 2013-11-08 23:29 - 00003976 _____ C:\Users\Nadine\Desktop\Gmer.txt
2013-11-08 22:51 - 2013-11-08 22:51 - 00027418 _____ C:\Users\Nadine\Desktop\Addition.txt
2013-11-08 22:32 - 2013-11-08 22:32 - 00000000 ____D C:\FRST
2013-11-08 22:28 - 2013-11-08 22:28 - 00000000 _____ C:\Users\Nadine\defogger_reenable
2013-11-08 22:28 - 2013-05-30 18:23 - 00000000 ____D C:\Program Files\Opera
2013-11-08 20:43 - 2008-09-26 13:17 - 00109296 _____ C:\Users\Nadine\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-08 20:43 - 2006-11-02 13:44 - 00402216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-08 20:31 - 2013-11-08 19:28 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-08 20:06 - 2008-09-10 01:10 - 00000000 ____D C:\Program Files\CONEXANT
2013-11-08 19:30 - 2013-11-08 19:30 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-08 19:27 - 2012-11-06 08:19 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-08 19:16 - 2008-09-29 19:49 - 00000000 ____D C:\Users\Nadine\AppData\Local\Deployment
2013-11-08 19:15 - 2012-03-22 20:29 - 00002619 _____ C:\Users\Nadine\Desktop\Microsoft PowerPoint 2010.lnk
2013-11-08 18:28 - 2013-11-08 18:23 - 00000000 ____D C:\Users\Nadine\Documents\Descent
2013-11-03 18:29 - 2013-11-03 18:29 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\David Walters Development
2013-11-02 16:14 - 2010-09-26 11:45 - 00002173 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-11-02 16:14 - 2010-09-26 11:45 - 00000000 ____D C:\Windows\system32\Drivers\NIS
2013-11-02 15:56 - 2013-11-02 15:56 - 00000000 ____D C:\Users\Nadine\AppData\Local\emaze
2013-10-27 19:26 - 2013-10-27 19:26 - 00001624 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-27 19:26 - 2013-10-27 19:24 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-27 19:26 - 2013-10-27 19:24 - 00000000 ____D C:\Program Files\iTunes
2013-10-27 19:25 - 2013-10-27 19:25 - 00000000 ____D C:\Program Files\iPod
2013-10-27 19:25 - 2009-04-05 18:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-10-25 20:00 - 2008-10-01 17:06 - 00059904 _____ C:\Users\Nadine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-19 16:04 - 2013-05-29 20:31 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-13 03:37 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-13 03:26 - 2011-12-27 17:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-13 03:02 - 2008-08-01 10:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 02:59 - 2013-08-14 17:52 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 02:46 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Nadine\CarryItEasy.exe


Some content of TEMP:
====================
C:\Users\Nadine\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 15:39

==================== End Of Log ============================
--- --- ---

--- --- ---


Und sieht es noch sehr schlimm aus?

Gruß
Nadine

Und nochmals danke für die permanente Hilfe.

 

Themen zu Windows Vista: Notebook infiziert mit Antivirus Blocking Rules
antivirus, browser, converter, desktop, device driver, farbar, farbar recovery scan tool, flash player, helper, homepage, installation, internet, launch, malware, newtab, plug-in, pup.loadtubes, pup.optional.dealply.a, pup.optional.opencandy, pup.optional.smartbar.a, pup.optional.snapdo, security, server, software, svchost.exe, symantec, system, vcredist, windows


« XP Prof. Sperrschirm "Interpol-Virus" | pup.optional. infektion »


Ähnliche Themen: Windows Vista: Notebook infiziert mit Antivirus Blocking Rules


  1. Notebook mit Windows Vista wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (36)
  2. wie kann Antivirus Blocking Rules entfernen?
    Plagegeister aller Art und deren Bekämpfung - 17.12.2014 (3)
  3. Standrechner (Windows 7) und Laptop (Windows Vista SP2) infiziert - PUP Optional Frostwire TB
    Log-Analyse und Auswertung - 18.10.2014 (14)
  4. USB Stick infiziert - PC auch? - Windows Vista
    Log-Analyse und Auswertung - 16.02.2014 (9)
  5. Windows Vista-PC: Avira free Antivirus findet APPL/Downloader.Gen
    Log-Analyse und Auswertung - 10.02.2014 (5)
  6. Windows XP: Habe mich mit Antivirus Security Pro infiziert
    Log-Analyse und Auswertung - 06.11.2013 (3)
  7. Windows 7 infiziert: Spyhunter 4 + antivirus security pro +?
    Log-Analyse und Auswertung - 14.09.2013 (7)
  8. Antivirus Blocking Rules
    Log-Analyse und Auswertung - 23.08.2013 (57)
  9. Laptop / Windows Vista Home 32bit/ System Care Antivirus Befall
    Log-Analyse und Auswertung - 20.08.2013 (13)
  10. Trojaner: GVU - Boot Cd, Windows Vista, Notebook -startet neu,
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (5)
  11. System Care Antivirus - Windows Vista infiziert - Wie entfernen?
    Log-Analyse und Auswertung - 09.06.2013 (11)
  12. Laptop mit Windows Vista (32bit) infiziert mit JS/Agent.480412 (BKA-Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 23.05.2013 (12)
  13. SpyHunter4.12.13.4202 meldet 131 Bedrohungen u.a. RK Antivirus Blocking Rules
    Plagegeister aller Art und deren Bekämpfung - 23.05.2013 (11)
  14. NOTEBOOK INFIZIERT MIT Verschlüsselungs-Trojaner - Windows Update/Ukash
    Plagegeister aller Art und deren Bekämpfung - 30.05.2012 (1)
  15. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  16. Windows Vista 32bit von Bundespolizei uKash infiziert.
    Plagegeister aller Art und deren Bekämpfung - 12.10.2011 (10)
  17. MS Windows Vista Ultimate 32Bit mit TR/Agent.245760.7 infiziert !!!
    Plagegeister aller Art und deren Bekämpfung - 16.05.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows Vista: Notebook infiziert mit Antivirus Blocking Rules - Hallo, hier erstmal ESET, der Rest kommt gleich Code: Alles auswählen Aufklappen ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=a820ecf8f39d2c45a92f5b33ecc6f910 # - Windows Vista: Notebook infiziert mit Antivirus Blocking Rules...
Archiv
Du betrachtest: Windows Vista: Notebook infiziert mit Antivirus Blocking Rules auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19