Trojaner-Board
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Internet viel zu langsam, vlt. ein Virus? (https://www.trojaner-board.de/137230-internet-viel-langsam-vlt-virus.html)

ShadowBeastz 30.06.2013 22:15
Der Stick funktioniert nicht richtig, ich hab ihn früher immer benutzt. Am Handy oder am Laptop funktioniert es immer, aber wie schon gesagt haben wir das LAN Kabel auch schon gewechselt.

schrauber 01.07.2013 08:15
Komisch.

Poste mal bitte ein frisches FRST Logfile.

ShadowBeastz 01.07.2013 12:25

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-06-2013 02
Ran by admin (administrator) on 01-07-2013 13:24:24
Running from C:\Users\admin\Desktop\neben Programme
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\Windows\system32\PnkBstrA.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\RocketDock\RocketDock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-07] (Samsung)
HKCU\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKCU\...\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-11-16] (Spotify Ltd)
HKCU\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-06-15] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-07] (Samsung)
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [ 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Reboot.exe (Elitegroup Computer Systems Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Battlefield Heroes Updater - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Personas - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\personas@christopher.beard
FF Extension: FireShot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: info - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: survey-remover - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\survey-remover@gmx.com.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Uplay PC) - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (ProxTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [136912 2013-03-07] (AVAST Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-06-27] (Freemake)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-15] (Hi-Rez Studios)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [598312 2011-03-29] (Nero AG)
S3 npggsvc; C:\Windows\system32\GameMon.des [4023760 2010-12-01] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-08-18] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [101656 2013-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-03-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [199384 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-05-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2013-05-13] (DT Soft Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-05-28] ()
R3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [466048 2007-10-19] (LITEON)
R3 Ltn_stkrc; C:\Windows\System32\DRIVERS\Ltn_stkrc.sys [13440 2007-10-19] (LITEON)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
R3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
S3 athr; system32\DRIVERS\athr.sys [x]
S3 catchme; \??\C:\Users\admin\AppData\Local\Temp\catchme.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-28 16:54 - 2013-06-28 16:54 - 00000000 ____D C:\Users\admin\Downloads\8.LebFreud
2013-06-28 12:50 - 2013-06-28 12:50 - 00729010 ____A C:\Users\admin\Downloads\NRaas_MasterController_V116.zip
2013-06-28 12:49 - 2013-06-28 12:49 - 02587486 ____A C:\Users\admin\Downloads\NRaas_StoryProgression_V258.zip
2013-06-27 17:33 - 2013-06-27 17:35 - 00031937 ____A C:\Users\admin\Downloads\FRST.txt
2013-06-27 14:47 - 2013-06-27 14:47 - 00890988 ____A C:\Users\admin\Desktop\SecurityCheck.exe
2013-06-27 12:17 - 2013-06-27 12:17 - 00045704 ____A C:\ComboFix.txt
2013-06-27 12:03 - 2013-06-27 12:17 - 00000000 ____D C:\ComboFix
2013-06-27 11:08 - 2013-06-27 11:08 - 00005082 ____A C:\Users\admin\Documents\JRT.txt
2013-06-27 11:06 - 2013-06-27 11:06 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 11:05 - 2013-06-27 11:05 - 00000000 ____D C:\JRT
2013-06-27 10:59 - 2013-06-27 11:00 - 00012826 ____A C:\AdwCleaner[S1].txt
2013-06-26 19:49 - 2013-06-28 10:58 - 00001546 ____A C:\Windows\PFRO.log
2013-06-26 19:11 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-26 19:11 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-26 19:11 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-26 19:10 - 2013-06-26 19:10 - 05083236 ____R (Swearware) C:\Users\admin\Downloads\ComboFix.exe
2013-06-26 19:09 - 2013-06-27 12:17 - 00000000 ____D C:\Qoobox
2013-06-26 19:09 - 2013-06-26 19:29 - 00000000 ____D C:\Windows\erdnt
2013-06-26 17:24 - 2013-06-26 17:24 - 00036050 ____A C:\Users\admin\Documents\FRST.txt
2013-06-26 17:24 - 2013-06-26 17:24 - 00027009 ____A C:\Users\admin\Documents\Addition.txt
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-15 21:42 - 2013-06-15 21:43 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:41 - 2013-06-15 21:42 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:37 - 2013-06-15 21:38 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:32 - 2013-06-15 21:33 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump

==================== One Month Modified Files and Folders ========

2013-07-01 13:24 - 2013-05-02 17:19 - 00001096 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 13:08 - 2012-03-30 12:04 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-01 13:07 - 2013-05-31 15:44 - 41280138 ____A C:\Windows\setupact.log
2013-07-01 13:07 - 2013-05-05 15:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2013-07-01 13:07 - 2013-01-26 14:29 - 00000000 ___RD C:\Users\admin\Dropbox
2013-07-01 13:06 - 2013-05-02 17:18 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 12:14 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-01 12:14 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-01 12:12 - 2013-04-26 19:28 - 01729817 ____A C:\Windows\WindowsUpdate.log
2013-07-01 12:07 - 2013-05-31 16:29 - 00013408 ____A C:\Windows\AutoKMS.log
2013-07-01 12:07 - 2012-11-06 21:54 - 00078848 ____A C:\Windows\KMSEmulator.exe
2013-07-01 12:07 - 2012-11-06 21:54 - 00000202 ____A C:\Windows\Tasks\AutoKMSDaily.job
2013-07-01 12:07 - 2012-11-06 21:54 - 00000200 ____A C:\Windows\Tasks\AutoKMS.job
2013-07-01 12:06 - 2011-04-06 14:03 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2013-07-01 12:06 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 12:05 - 2013-04-26 19:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-30 22:56 - 2011-06-02 17:47 - 00000000 ____D C:\Users\admin\AppData\Local\PMB Files
2013-06-30 22:56 - 2011-06-02 17:47 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-30 22:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2013-06-30 13:44 - 2011-03-17 19:41 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
2013-06-29 17:40 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Steam
2013-06-29 12:37 - 2011-03-11 13:17 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2013-06-29 12:29 - 2011-03-04 15:39 - 00000000 ____D C:\Users\admin\Desktop\Rocket Dock, Spiele
2013-06-28 17:40 - 2011-03-05 00:00 - 00000000 ____D C:\Users\admin\Desktop\neben Programme
2013-06-28 17:36 - 2011-02-26 10:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-28 17:36 - 2011-02-26 10:54 - 00000000 ____D C:\Program Files\Electronic Arts
2013-06-28 17:26 - 2013-04-26 13:20 - 00000000 ____D C:\Program Files\JDownloader 2
2013-06-28 16:54 - 2013-06-28 16:54 - 00000000 ____D C:\Users\admin\Downloads\8.LebFreud
2013-06-28 13:50 - 2013-04-28 20:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2013-06-28 12:50 - 2013-06-28 12:50 - 00729010 ____A C:\Users\admin\Downloads\NRaas_MasterController_V116.zip
2013-06-28 12:49 - 2013-06-28 12:49 - 02587486 ____A C:\Users\admin\Downloads\NRaas_StoryProgression_V258.zip
2013-06-28 10:58 - 2013-06-26 19:49 - 00001546 ____A C:\Windows\PFRO.log
2013-06-27 19:43 - 2012-12-06 21:35 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2013-06-27 17:35 - 2013-06-27 17:33 - 00031937 ____A C:\Users\admin\Downloads\FRST.txt
2013-06-27 14:47 - 2013-06-27 14:47 - 00890988 ____A C:\Users\admin\Desktop\SecurityCheck.exe
2013-06-27 12:35 - 2010-11-20 23:01 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-27 12:17 - 2013-06-27 12:17 - 00045704 ____A C:\ComboFix.txt
2013-06-27 12:17 - 2013-06-27 12:03 - 00000000 ____D C:\ComboFix
2013-06-27 12:17 - 2013-06-26 19:09 - 00000000 ____D C:\Qoobox
2013-06-27 12:13 - 2009-07-14 04:04 - 00000215 ____A C:\Windows\system.ini
2013-06-27 11:08 - 2013-06-27 11:08 - 00005082 ____A C:\Users\admin\Documents\JRT.txt
2013-06-27 11:06 - 2013-06-27 11:06 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 11:05 - 2013-06-27 11:05 - 00000000 ____D C:\JRT
2013-06-27 11:00 - 2013-06-27 10:59 - 00012826 ____A C:\AdwCleaner[S1].txt
2013-06-26 19:37 - 2009-07-14 04:37 - 00000000 __RHD C:\users\Default
2013-06-26 19:37 - 2009-07-14 04:37 - 00000000 ___RD C:\users\Public
2013-06-26 19:29 - 2013-06-26 19:09 - 00000000 ____D C:\Windows\erdnt
2013-06-26 19:10 - 2013-06-26 19:10 - 05083236 ____R (Swearware) C:\Users\admin\Downloads\ComboFix.exe
2013-06-26 17:24 - 2013-06-26 17:24 - 00036050 ____A C:\Users\admin\Documents\FRST.txt
2013-06-26 17:24 - 2013-06-26 17:24 - 00027009 ____A C:\Users\admin\Documents\Addition.txt
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-22 18:41 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-06-19 21:26 - 2013-05-02 17:20 - 00002129 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-15 23:11 - 2012-01-01 22:22 - 00000000 ____D C:\Program Files\Image-Line
2013-06-15 21:43 - 2013-06-15 21:42 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:42 - 2013-06-15 21:41 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:37 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:33 - 2013-06-15 21:32 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-15 18:33 - 2012-01-01 22:24 - 00000000 ____D C:\Program Files\VstPlugins
2013-06-15 15:08 - 2012-03-30 12:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-15 15:08 - 2011-05-15 12:56 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-15 01:39 - 2013-03-13 01:23 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 14:36 - 2013-05-02 17:25 - 00000000 ___RD C:\Program Files\Skype
2013-06-08 14:36 - 2011-02-26 14:25 - 00000000 ____D C:\ProgramData\Skype
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-06-06 16:03 - 2013-05-02 17:18 - 00000000 ____D C:\Program Files\Google
2013-06-06 16:03 - 2011-04-28 17:34 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-06-02 13:30 - 2012-08-18 18:49 - 00138184 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2013-06-02 13:29 - 2012-08-18 18:18 - 00183112 ____A C:\Windows\System32\PnkBstrB.exe
2013-06-01 18:54 - 2013-05-05 15:59 - 00001017 ____A C:\Users\admin\Desktop\Dropbox.lnk
2013-06-01 12:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\LogFiles

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 13:28

==================== End Of Log ============================
--- --- ---

schrauber 01.07.2013 13:05
Clean boot haben wir schon versucht? Sonst fällt mir nix mehr ein....

ShadowBeastz 01.07.2013 13:10
Mein System neu aufzusetzen ist mir zu blöd :/

schrauber 01.07.2013 13:33
und was soll ich mit der Info anfangen?

ShadowBeastz 01.07.2013 15:34
Wann hab ich gesagt dass du was damit anfangen sollst?

schrauber 01.07.2013 16:15
Achso, das war ein Monolog, na dann :)

clean Boot ist übrigens kein Neuaufsetzen ;)

ShadowBeastz 01.07.2013 17:00
Achso :D wie geht das?

EDIT: Ich habd grad gegooglet und gemacht aber geändert hat sich trozdem nichts :/

schrauber 01.07.2013 19:03
Ok, dann musste doch mal neuaufsetzen :D


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:22 Uhr.
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131