| |
| |||||||
Log-Analyse und Auswertung: Laptop zu langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
09.04.2014, 15:05
| #1 |
| /// the machine /// TB-Ausbilder    |  Laptop zu langsam Frisches FRST log sowie die Antwort auf meine Frage fehlt noch 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.04.2014, 18:12
| #2 |
 | Laptop zu langsam ja hab geantwortet aber wurde irgendwie net abgeschickt.
__________________ Ja also alles ist ok ich danke dir für deine Hilfe FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by M (administrator) on M-PC on 09-04-2014 19:09:57
Running from C:\Users\M\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\system32\StikyNot.exe
(Google Inc.) C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\S-1-5-21-1782817329-4015993965-2496780310-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1782817329-4015993965-2496780310-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\system32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDE676AFFA051CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {39ED5386-A900-4D6C-B564-20BFDE5402CF} hxxp://www.medion.com/de/service/download/MEDION_Treibersuche.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\M\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\M\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\M\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (ChromeUtilPlugin) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp\21.51087_0\background/ChromeUtilPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\M\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR HKLM\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\M\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2013-08-25]
CHR HKCU\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\M\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2013-08-25]
CHR StartMenuInternet: Google Chrome - C:\Users\M\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-28] (Avira GmbH)
S3 catchme; \??\C:\Users\M\AppData\Local\Temp\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-08 18:48 - 2014-04-08 18:48 - 00987448 _____ () C:\Users\M\Downloads\SecurityCheck.exe
2014-04-08 15:23 - 2014-04-08 15:23 - 02347384 _____ (ESET) C:\Users\M\Downloads\esetsmartinstaller_enu.exe
2014-04-07 19:31 - 2014-04-07 19:31 - 00001377 _____ () C:\Users\M\Desktop\JRT.txt
2014-04-07 19:27 - 2014-04-07 19:27 - 01016261 _____ (Thisisu) C:\Users\M\Downloads\JRT.exe
2014-04-07 19:20 - 2014-04-07 19:20 - 01426178 _____ () C:\Users\M\Downloads\adwcleaner.exe
2014-04-07 19:19 - 2014-04-07 19:19 - 00002002 _____ () C:\mbam.txt
2014-04-07 18:43 - 2014-04-07 18:45 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 18:42 - 2014-04-07 18:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-04-07 18:42 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-07 18:42 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-07 18:41 - 2014-04-07 18:42 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\M\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-06 14:40 - 2014-04-06 14:40 - 00009476 _____ () C:\ComboFix.txt
2014-04-06 14:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-06 14:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-06 14:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-06 14:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-06 14:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-06 14:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-06 14:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-06 14:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-06 14:25 - 2014-04-06 14:40 - 00000000 ____D () C:\Qoobox
2014-04-06 14:23 - 2014-04-06 14:24 - 05193579 ____R (Swearware) C:\Users\M\Downloads\ComboFix.exe
2014-04-05 14:17 - 2014-04-05 14:19 - 00023323 _____ () C:\Users\M\Downloads\Addition.txt
2014-04-05 14:15 - 2014-04-09 19:09 - 00008319 _____ () C:\Users\M\Downloads\FRST.txt
2014-04-05 14:15 - 2014-04-09 19:09 - 00000000 ____D () C:\FRST
2014-04-05 14:14 - 2014-04-05 14:14 - 01145856 _____ (Farbar) C:\Users\M\Downloads\FRST.exe
2014-04-04 15:35 - 2014-04-04 15:36 - 04787368 _____ (Piriform Ltd) C:\Users\M\Downloads\ccsetup412.exe
2014-03-15 18:35 - 2014-03-15 18:35 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-15 18:35 - 2014-03-15 18:35 - 00000000 ___RD () C:\Program Files\Skype
2014-03-15 18:35 - 2014-03-15 18:35 - 00000000 ____D () C:\Users\M\AppData\Local\Skype
2014-03-15 18:35 - 2014-03-15 18:35 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-13 14:38 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 14:38 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 14:38 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 14:38 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 14:38 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 14:38 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 14:38 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 14:38 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 14:38 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 14:38 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 14:38 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 14:38 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 14:38 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 14:38 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 14:38 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 14:38 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 14:38 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 14:38 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 14:38 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 14:38 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 14:38 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 14:38 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 14:38 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 14:37 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 14:37 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
==================== One Month Modified Files and Folders =======
2014-04-09 19:11 - 2012-06-12 21:04 - 00000000 ____D () C:\Users\M\AppData\Roaming\Skype
2014-04-09 19:10 - 2014-04-05 14:15 - 00008319 _____ () C:\Users\M\Downloads\FRST.txt
2014-04-09 19:09 - 2014-04-05 14:15 - 00000000 ____D () C:\FRST
2014-04-09 19:09 - 2012-08-19 12:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 19:07 - 2014-01-12 01:33 - 00022826 _____ () C:\Windows\setupact.log
2014-04-09 19:07 - 2013-04-02 01:29 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 19:07 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 12:24 - 2013-03-12 21:36 - 01680409 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 11:47 - 2012-11-29 21:25 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1782817329-4015993965-2496780310-1000UA.job
2014-04-09 11:30 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 11:30 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 11:27 - 2013-04-02 01:29 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 20:14 - 2014-02-21 19:33 - 00052396 _____ () C:\Windows\PFRO.log
2014-04-08 18:48 - 2014-04-08 18:48 - 00987448 _____ () C:\Users\M\Downloads\SecurityCheck.exe
2014-04-08 15:23 - 2014-04-08 15:23 - 02347384 _____ (ESET) C:\Users\M\Downloads\esetsmartinstaller_enu.exe
2014-04-07 19:31 - 2014-04-07 19:31 - 00001377 _____ () C:\Users\M\Desktop\JRT.txt
2014-04-07 19:27 - 2014-04-07 19:27 - 01016261 _____ (Thisisu) C:\Users\M\Downloads\JRT.exe
2014-04-07 19:27 - 2013-09-17 15:01 - 00000000 ____D () C:\Windows\ERUNT
2014-04-07 19:23 - 2013-08-25 20:54 - 00000000 ____D () C:\AdwCleaner
2014-04-07 19:20 - 2014-04-07 19:20 - 01426178 _____ () C:\Users\M\Downloads\adwcleaner.exe
2014-04-07 19:19 - 2014-04-07 19:19 - 00002002 _____ () C:\mbam.txt
2014-04-07 18:45 - 2014-04-07 18:43 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 18:43 - 2014-04-07 18:42 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-04-07 18:43 - 2013-09-17 01:11 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-07 18:43 - 2013-09-17 01:11 - 00000000 ____D () C:\Users\M\AppData\Roaming\Malwarebytes
2014-04-07 18:43 - 2013-09-17 01:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 18:42 - 2014-04-07 18:41 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\M\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-07 18:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-07 14:47 - 2012-11-29 21:25 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1782817329-4015993965-2496780310-1000Core.job
2014-04-06 14:40 - 2014-04-06 14:40 - 00009476 _____ () C:\ComboFix.txt
2014-04-06 14:40 - 2014-04-06 14:25 - 00000000 ____D () C:\Qoobox
2014-04-06 14:38 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-04-06 14:28 - 2012-06-12 17:25 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 14:25 - 2013-09-17 00:23 - 00000000 ____D () C:\Windows\erdnt
2014-04-06 14:24 - 2014-04-06 14:23 - 05193579 ____R (Swearware) C:\Users\M\Downloads\ComboFix.exe
2014-04-05 14:19 - 2014-04-05 14:17 - 00023323 _____ () C:\Users\M\Downloads\Addition.txt
2014-04-05 14:14 - 2014-04-05 14:14 - 01145856 _____ (Farbar) C:\Users\M\Downloads\FRST.exe
2014-04-04 19:47 - 2012-06-12 18:24 - 00000000 ____D () C:\Users\M\AppData\Local\PMB Files
2014-04-04 19:47 - 2012-06-12 18:24 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-04 15:37 - 2012-06-12 21:27 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-04 15:37 - 2012-06-12 21:27 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-04 15:36 - 2014-04-04 15:35 - 04787368 _____ (Piriform Ltd) C:\Users\M\Downloads\ccsetup412.exe
2014-04-04 15:30 - 2012-06-12 17:16 - 00000000 ____D () C:\Users\M
2014-04-04 15:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-04-04 15:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-04-03 09:51 - 2014-04-07 18:42 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-07 18:42 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2013-09-17 01:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-16 12:29 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-15 21:13 - 2012-06-12 18:32 - 00002336 _____ () C:\Users\M\Desktop\Google Chrome.lnk
2014-03-15 18:35 - 2014-03-15 18:35 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-15 18:35 - 2014-03-15 18:35 - 00000000 ___RD () C:\Program Files\Skype
2014-03-15 18:35 - 2014-03-15 18:35 - 00000000 ____D () C:\Users\M\AppData\Local\Skype
2014-03-15 18:35 - 2014-03-15 18:35 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-15 18:35 - 2012-06-12 21:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-15 12:55 - 2013-07-11 21:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 12:53 - 2012-06-14 23:37 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-13 21:47 - 2009-07-14 06:33 - 00310320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 18:09 - 2012-06-12 18:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-12 18:09 - 2012-06-12 18:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\M\AppData\Local\temp\avgnt.exe
C:\Users\M\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-06 15:16
==================== End Of Log ============================
--- --- --- |
|
| Themen zu Laptop zu langsam |
| browser, dankbar, direkt, hilfe, langsam, laptop, lädt, nicht mehr, pup.optional.homepageprotector.a, pup.optional.incredibar, pup.optional.spigot.a, sehr langsam, zu langsam, öffnen |
Hybrid-Darstellung
