Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten

Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten


Log-Analyse und Auswertung: Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.05.2014, 00:23   #1
ChrZiegler
 
Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten - Standard

Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten


Hallo,

ich habe seit gestern teilweise massive Verzögerungen beim Aufruf von Internetseiten mit meinem Notebook. Am PC scheint alles normal zu sein, also vermute ich ein Problem mit dem Notebook...
FRST hat nur eine FRST.txt erstellt, aber keine Additions.txt?

defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:42 on 30/05/2014 (Ziegler)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Ziegler (administrator) on ZIEGLER-NB on 30-05-2014 01:10:47
Running from C:\Users\Ziegler\Desktop
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Simon Tatham) C:\Users\Ziegler\Downloads\putty_mm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1702400 2009-10-26] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1216808 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CtrlVol] => C:\Program Files (x86)\Launch Manager\CtrlVol.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-26] (Sophos Limited)
HKLM\...\RunOnce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [360448 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1104256 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\Run: [] => [X]
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {269fc7d0-2212-11e0-a0e9-001641dc6180} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {476aa2eb-8dc6-11e2-8b96-000ae4bec618} - F:\AutoRun.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {585ff9b3-aa4a-11e1-be01-001641dc6180} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {608ace43-29ed-11e0-a8ef-001641dc6180} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {65b8aa00-fdcf-11e1-ad45-001641dc6180} - F:\AutoRun.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {65b8aa15-fdcf-11e1-ad45-001641dc6180} - F:\AutoRun.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {923a6991-4edc-11e0-929a-001641dc6180} - G:\setup.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {a50ce5de-ff4d-11de-b4df-001641dc6180} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {c0965365-0c35-11e3-9fee-001641dc6180} - F:\AutoRun.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {c096537b-0c35-11e3-9fee-001641dc6180} - F:\AutoRun.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {f3a4230c-f155-11e1-a5c5-001641dc6180} - F:\AutoRun.exe
HKU\S-1-5-21-2749053789-82582780-3563963576-1000\...\MountPoints2: {f3a42326-f155-11e1-a5c5-001641dc6180} - F:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-26] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-26] (Sophos Limited)
Startup: C:\Users\Ziegler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD74D2A793B1DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1276775785000
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 21 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 21 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Hosts: 192.129.23.93 autodiscover.fhws.de
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ziegler\AppData\Roaming\Mozilla\Firefox\Profiles\z1l24uaa.default-1373195990384
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @FortinetCacheClean - C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl - C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll (Fortinet Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @vmware.com/vmrc,version=2.5.0.00000 - C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Ziegler\AppData\Roaming\Mozilla\Firefox\Profiles\z1l24uaa.default-1373195990384\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-02-18]
FF Extension: DownloadHelper - C:\Users\Ziegler\AppData\Roaming\Mozilla\Firefox\Profiles\z1l24uaa.default-1373195990384\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-04-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-01-24]

==================== Services (Whitelisted) =================

R2 FortiSslvpnDaemon; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [945448 2012-11-14] (Fortinet Inc.)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-26] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-26] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-26] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-26] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-26] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-26] (Sophos Limited)

==================== Drivers (Whitelisted) ====================

R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [86016 2009-08-17] (ENE Technology Inc.)
S3 ESDCR; C:\Windows\System32\DRIVERS\ESD7SK.sys [52736 2009-08-17] (ENE Technology Inc.)
R3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R3 NSCIRDA; C:\Windows\System32\DRIVERS\nscirda.sys [36352 2008-01-19] (National Semiconductor Corporation)
R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-26] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-26] (Sophos Limited)
R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-26] (Sophos Limited)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
U3 pwdirpod; \??\C:\Users\Ziegler\AppData\Local\Temp\pwdirpod.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-30 00:54 - 2014-05-30 01:06 - 00005470 _____ () C:\Users\Ziegler\Desktop\Gmer.TXT
2014-05-30 00:47 - 2014-05-30 00:47 - 00380416 _____ () C:\Users\Ziegler\Desktop\Gmer.exe
2014-05-30 00:44 - 2014-05-30 01:10 - 00022025 _____ () C:\Users\Ziegler\Desktop\FRST.txt
2014-05-30 00:43 - 2014-05-30 00:43 - 02066944 _____ (Farbar) C:\Users\Ziegler\Desktop\FRST64.exe
2014-05-30 00:42 - 2014-05-30 00:42 - 00000476 _____ () C:\Users\Ziegler\Desktop\defogger_disable.log
2014-05-30 00:42 - 2014-05-30 00:42 - 00000000 _____ () C:\Users\Ziegler\defogger_reenable
2014-05-30 00:41 - 2014-05-30 00:41 - 00050477 _____ () C:\Users\Ziegler\Desktop\Defogger.exe
2014-05-30 00:28 - 2014-05-30 00:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-30 00:25 - 2014-05-30 00:28 - 02347384 _____ (ESET) C:\Users\Ziegler\Downloads\esetsmartinstaller_deu.exe
2014-05-30 00:23 - 2014-05-30 00:23 - 00007656 _____ () C:\Users\Ziegler\AppData\Local\Resmon.ResmonCfg
2014-05-26 23:25 - 2014-05-26 23:25 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-26 22:42 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-26 22:42 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-26 22:42 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-26 22:42 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-26 22:42 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-26 22:42 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-26 21:02 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-26 21:01 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-26 21:01 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-26 21:01 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-26 21:01 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-26 21:01 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-26 21:01 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-26 21:01 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-26 21:01 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-26 21:01 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-26 21:01 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-26 21:01 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-26 21:01 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-26 21:01 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-26 21:01 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-26 21:01 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-26 21:01 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-26 21:01 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-26 21:01 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-26 21:01 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-26 21:01 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-26 21:01 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-26 21:01 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-26 21:01 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-26 21:01 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-26 21:01 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-26 21:01 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-26 21:01 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-26 20:51 - 2014-05-26 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-26 20:51 - 2014-05-26 20:46 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe
2014-05-26 20:48 - 2014-05-26 20:48 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys
2014-05-26 20:47 - 2014-05-26 20:47 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll
2014-05-26 20:47 - 2014-05-26 20:47 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys
2014-05-26 20:46 - 2014-05-26 20:46 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
2014-05-04 07:27 - 2014-05-30 01:10 - 00000000 ____D () C:\FRST
2014-05-02 21:37 - 2014-05-26 23:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-02 20:42 - 2014-05-02 20:42 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

==================== One Month Modified Files and Folders =======

2014-05-30 01:10 - 2014-05-30 00:44 - 00022025 _____ () C:\Users\Ziegler\Desktop\FRST.txt
2014-05-30 01:10 - 2014-05-04 07:27 - 00000000 ____D () C:\FRST
2014-05-30 01:10 - 2009-08-14 17:12 - 00000000 ____D () C:\Users\Ziegler\AppData\Local\Temp
2014-05-30 01:06 - 2014-05-30 00:54 - 00005470 _____ () C:\Users\Ziegler\Desktop\Gmer.TXT
2014-05-30 00:52 - 2009-08-20 08:24 - 00000600 _____ () C:\Users\Ziegler\AppData\Local\PUTTY.RND
2014-05-30 00:47 - 2014-05-30 00:47 - 00380416 _____ () C:\Users\Ziegler\Desktop\Gmer.exe
2014-05-30 00:43 - 2014-05-30 00:43 - 02066944 _____ (Farbar) C:\Users\Ziegler\Desktop\FRST64.exe
2014-05-30 00:42 - 2014-05-30 00:42 - 00000476 _____ () C:\Users\Ziegler\Desktop\defogger_disable.log
2014-05-30 00:42 - 2014-05-30 00:42 - 00000000 _____ () C:\Users\Ziegler\defogger_reenable
2014-05-30 00:42 - 2009-08-14 17:12 - 00000000 ____D () C:\Users\Ziegler
2014-05-30 00:41 - 2014-05-30 00:41 - 00050477 _____ () C:\Users\Ziegler\Desktop\Defogger.exe
2014-05-30 00:28 - 2014-05-30 00:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-30 00:28 - 2014-05-30 00:25 - 02347384 _____ (ESET) C:\Users\Ziegler\Downloads\esetsmartinstaller_deu.exe
2014-05-30 00:25 - 2012-04-04 09:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-30 00:23 - 2014-05-30 00:23 - 00007656 _____ () C:\Users\Ziegler\AppData\Local\Resmon.ResmonCfg
2014-05-30 00:17 - 2012-12-18 10:46 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-30 00:05 - 2009-07-14 06:45 - 00018496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-30 00:05 - 2009-07-14 06:45 - 00018496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 23:57 - 2009-08-14 17:11 - 01494349 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 23:53 - 2014-03-27 00:36 - 00010721 _____ () C:\Windows\setupact.log
2014-05-29 23:53 - 2012-12-18 10:46 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-29 23:53 - 2011-02-09 16:41 - 00000439 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-29 23:53 - 2009-11-20 10:15 - 00000000 ____D () C:\Users\Ziegler\AppData\Local\TSVNCache
2014-05-29 23:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 01:23 - 2009-08-14 17:21 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68B9BF3D-D9C1-4BD0-9D3D-AF6A478EF9A7}
2014-05-29 00:59 - 2014-03-15 21:42 - 00000000 ____D () C:\Users\Ziegler\AppData\Local\Battle.net
2014-05-29 00:45 - 2009-08-17 09:00 - 00287008 _____ () C:\Windows\PFRO.log
2014-05-28 23:34 - 2012-06-12 14:49 - 00000000 ____D () C:\Users\Ziegler\Downloads\PS3
2014-05-28 23:04 - 2014-03-15 21:44 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-28 23:03 - 2014-03-15 21:42 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-28 22:51 - 2009-08-17 08:29 - 00002346 ____H () C:\Users\Ziegler\Documents\Default.rdp
2014-05-28 22:50 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-28 22:20 - 2011-01-25 15:43 - 00000000 ____D () C:\Users\Ziegler\AppData\Roaming\FileZilla
2014-05-26 23:52 - 2009-08-17 08:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-26 23:25 - 2014-05-26 23:25 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-26 23:25 - 2012-04-04 09:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-26 23:25 - 2012-04-04 09:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-26 23:25 - 2011-05-19 09:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-26 23:15 - 2009-08-14 17:13 - 00000000 ___RD () C:\Users\Ziegler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 23:15 - 2009-08-14 17:13 - 00000000 ___RD () C:\Users\Ziegler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 23:12 - 2014-05-02 21:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-26 23:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-26 22:47 - 2013-01-09 12:27 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-05-26 22:47 - 2011-01-24 12:40 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-05-26 22:47 - 2011-01-24 12:40 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-05-26 22:47 - 2011-01-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-05-26 22:40 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-26 22:31 - 2009-09-09 09:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-26 20:53 - 2009-08-17 09:25 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-26 20:52 - 2009-08-17 09:25 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-26 20:51 - 2014-05-26 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-26 20:48 - 2014-05-26 20:48 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys
2014-05-26 20:47 - 2014-05-26 20:47 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll
2014-05-26 20:47 - 2014-05-26 20:47 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys
2014-05-26 20:46 - 2014-05-26 20:51 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe
2014-05-26 20:46 - 2014-05-26 20:46 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
2014-05-26 20:43 - 2011-06-27 10:23 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-10 12:24 - 2012-05-02 15:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-09 21:05 - 2014-04-29 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-26 21:01 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-26 21:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-09 01:51 - 2013-06-30 12:55 - 00000000 ____D () C:\Users\Ziegler\AppData\Roaming\vlc
2014-05-08 22:19 - 2013-06-29 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-08 22:12 - 2012-12-18 10:46 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 22:12 - 2012-12-18 10:46 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-26 22:42 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-26 22:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-26 22:42 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-26 22:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-26 22:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-26 22:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:27 - 2013-07-27 02:34 - 00001056 _____ () C:\Users\Ziegler\Desktop\Links.TXT
2014-05-02 20:42 - 2014-05-02 20:42 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

Files to move or delete:
====================
C:\Users\Ziegler\icprint.bat


Some content of TEMP:
====================
C:\Users\Ziegler\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Ziegler\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Ziegler\AppData\Local\Temp\ose00000.exe
C:\Users\Ziegler\AppData\Local\Temp\Quarantine.exe
C:\Users\Ziegler\AppData\Local\Temp\ResetDevice.exe
C:\Users\Ziegler\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 16:25

==================== End Of Log ============================
--- --- ---


GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-30 01:06:31
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 WDC_WD3200BJKT-75F4T0 rev.11.01A11 298,09GB
Running: Gmer.exe; Driver: C:\Users\Ziegler\AppData\Local\Temp\pwdirpod.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\Explorer.EXE[2044] C:\Windows\system32\kernel32.dll!CopyFileExW                                                                                           0000000077111890 5 bytes JMP 000000016fff00d8
.text   C:\Windows\Explorer.EXE[2044] C:\Windows\system32\kernel32.dll!MoveFileWithProgressW                                                                                 000000007718f490 8 bytes JMP 000000016fff0110
.text   C:\Windows\Explorer.EXE[2044] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                         000007fefe2a7490 11 bytes JMP 000007fffe2700d8
.text   C:\Users\Ziegler\Desktop\Gmer.exe[6124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                      0000000075051465 2 bytes [05, 75]
.text   C:\Users\Ziegler\Desktop\Gmer.exe[6124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                     00000000750514bb 2 bytes [05, 75]
.text   ...                                                                                                                                                                  * 2

---- Threads - GMER 2.1 ----

Thread  C:\Program Files\Microsoft Device Center\itype.exe [3812:3532]                                                                                                       0000000070951dbc
Thread  C:\Program Files\Microsoft Device Center\itype.exe [3812:1068]                                                                                                       0000000070951dbc
Thread  C:\Program Files\Microsoft Device Center\itype.exe [3812:3348]                                                                                                       000007fef40dd880
Thread  C:\Program Files\Microsoft Device Center\ipoint.exe [3824:4236]                                                                                                      000007fef4239cf4
Thread  C:\Program Files\Microsoft Device Center\ipoint.exe [3824:4200]                                                                                                      000007fef40dd880
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5064:4624]                                                                                                       000007fefb432a7c
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3460:704]                                                                                                00000000755c7587
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3460:1940]                                                                                               0000000073d87712
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3460:3364]                                                                                               0000000077452e65
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3460:4576]                                                                                               0000000077453e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3460:4920]                                                                                               0000000077453e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3460:5600]                                                                                               0000000077453e85

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001641dc6180                                                                                          
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001641dc6180@78ca04c78fb8                                                                             0x1B 0x66 0xCA 0x24 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001641dc6180@002237035682                                                                             0x35 0x08 0xC8 0x30 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001641dc6180 (not active ControlSet)                                                                      
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001641dc6180@78ca04c78fb8                                                                                 0x1B 0x66 0xCA 0x24 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001641dc6180@002237035682                                                                                 0x35 0x08 0xC8 0x30 ...
Reg     HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Ziegler\Downloads\\xa7implePS3Updates_Installer.exe      1
Reg     HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Ziegler\Downloads\PS3\\xa7imple PS3Updates\Uninstal.exe  1

---- EOF - GMER 2.1 ----

 

Themen zu Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten
.dll, administrator, adobe, bonjour, browser, dll, explorer, firefox, flash player, launch, monitor, mozilla, national, pdf, problem, registry, rundll, scan, secur, seiten, services.exe, software, svchost.exe, system, temp, usb, windows


« proxyserver reagiert nicht nach trojaner-befall | Windows 7: Beim Surfen öffnet sich ständig Werbung etc. »


Ähnliche Themen: Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten


  1. Sony VAIO weißer Bildschirm + Verzögerungen
    Plagegeister aller Art und deren Bekämpfung - 15.09.2015 (3)
  2. Beim Eintragen auf Internetseiten löscht sich die Schrift selbstständig
    Plagegeister aller Art und deren Bekämpfung - 06.06.2015 (1)
  3. Verzögerungen nach Malwarebeseitigung
    Log-Analyse und Auswertung - 27.04.2015 (9)
  4. Öffnen nichtgewollter Internetseiten beim Öffnen neuen Tabs
    Plagegeister aller Art und deren Bekämpfung - 21.01.2015 (13)
  5. Keine Rückmeldung beim Öffnen von Internetseiten
    Log-Analyse und Auswertung - 05.12.2014 (11)
  6. Probleme beim öffnen einiger Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 25.09.2014 (4)
  7. Probleme beim öffnen von div. Internetseiten
    Alles rund um Windows - 28.07.2014 (11)
  8. Langsames Öffnen von Internetseiten / Bluescreen beim Versuch infizierte Dateien zu entfernen
    Log-Analyse und Auswertung - 02.06.2014 (9)
  9. Windows 7 - Internetseiten werden zu Werbungen
    Log-Analyse und Auswertung - 24.05.2014 (1)
  10. Windows 8: Avast blockiert beim Aufrufen von Internetseiten in Firefox ständig scheinbar schädliche Webseite
    Log-Analyse und Auswertung - 13.05.2014 (11)
  11. WIN XP zunehmend langsamer, Verzögerungen bei Firefox
    Log-Analyse und Auswertung - 06.02.2014 (11)
  12. Probleme beim Öffnen verschiendener Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 19.09.2012 (19)
  13. laptop arbeitet plötzlich mit extremen Verzögerungen
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (18)
  14. Verzögerungen im Firefox
    Log-Analyse und Auswertung - 24.09.2008 (6)
  15. Problem beim Aufrufen einiger Internetseiten
    Log-Analyse und Auswertung - 21.05.2007 (6)
  16. Keine Updates, riesige Verzögerungen...
    Plagegeister aller Art und deren Bekämpfung - 15.02.2005 (8)
  17. Probleme beim Zugriff auf diverse Internetseiten
    Alles rund um Windows - 18.01.2003 (20)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten - Hallo, ich habe seit gestern teilweise massive Verzögerungen beim Aufruf von Internetseiten mit meinem Notebook. Am PC scheint alles normal zu sein, also vermute ich ein Problem mit dem Notebook... - Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten...
Archiv
Du betrachtest: Windows 7: Sporatische Verzögerungen beim Aufrauf von Internetseiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132