alle Antiviren Syteme aus und alles ist extrem langsam

schrauber · 24.11.2013, 08:30

Versuch das mal im normalen Modus oder im abgesicherten:

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

adan407 · 24.11.2013, 11:11

Code:

ATTFilter

ComboFix 13-11-23.02 - Curdt Marcus 24.11.2013  10:59:53.1.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8137.7246 [GMT 1:00]
ausgeführt von:: c:\users\Curdt Marcus\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Curdt Marcus\31c8fcc567a21c9494306c7d13dbddb4.jpg
c:\users\Curdt Marcus\AppData\Local\Minibar
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome.json
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome.pem
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\background.html
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\cached_http_request.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\extension_info.json
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\icons\icon128.png
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\icons\icon19.png
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\icons\icon32.png
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\icons\icon48.png
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_kango.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_menu.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_messaging.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_pageutils.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_popup.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_toolbar.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_toolbar_customfixes.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\includes\content_userscript.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\initial_config.json
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango-ui\button.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango-ui\toolbar.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango-ui\ui.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\browser.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\console.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\event_listener.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\initialize.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\io.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\jsonstorage.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\kango.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\lang.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\messaging.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\userscript_engine.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\kango\xhr.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\main.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\manifest.json
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\minibar\actions.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\minibar\cachedxhr.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\minibar\config.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\minibar\macros.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\minibar\minibar.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\MinibarPlugin.dll
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\popup.html
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\popup.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\tab.html
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome\tab.js
c:\users\Curdt Marcus\AppData\Local\Minibar\chrome_installer.js
c:\users\Curdt Marcus\AppData\Local\Minibar\common.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome.manifest
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\content.xul
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\extension_info.json
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\icons\icon128.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\icons\icon19.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\icons\icon32.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\icons\icon48.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\initial_config.json
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\button.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.xul
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-left.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-middle.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-right.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-left.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-right.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\style.css
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-bottom.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-left.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-right.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-top.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-left.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-middle.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-right.png
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar_stub.html
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango-ui\ui.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\browser.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\console.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\event_listener.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\initialize.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\io.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\jsonstorage.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\kango.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\lang.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\messaging.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\storage.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\uninstall_observer.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\userscript_engine.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\kango\xhr.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\main.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\actions.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\cachedxhr.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\config.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\homepage_helper.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\macros.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\minibar.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\search_helper.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\search_hook.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\chrome\content\minibar\tabpage_helper.js
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\install.rdf
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox\plugins\npMinibarPlugin.dll
c:\users\Curdt Marcus\AppData\Local\Minibar\firefox_installer.js
c:\users\Curdt Marcus\AppData\Local\Minibar\ie_installer.js
c:\users\Curdt Marcus\AppData\Local\Minibar\minibar.crx
c:\users\Curdt Marcus\AppData\Local\Minibar\minibar.xpi
c:\users\Curdt Marcus\AppData\Local\Minibar\SettingsHelper.exe
c:\users\Curdt Marcus\AppData\Local\Minibar\Uninstall.exe
c:\users\Curdt Marcus\fraps.exe
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-24 bis 2013-11-24  ))))))))))))))))))))))))))))))
.
.
2013-11-24 10:07 . 2013-11-24 10:07	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-24 10:07 . 2013-11-24 10:07	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-11-23 11:50 . 2013-11-23 11:50	--------	d-----w-	C:\FRST
2013-11-10 13:03 . 2013-11-10 13:03	--------	d-----w-	c:\users\Curdt Marcus\AppData\Local\Blizzard Entertainment
2013-11-10 12:16 . 2013-11-16 11:02	--------	d-----w-	c:\program files (x86)\World of Warcraft
2013-11-10 12:16 . 2013-11-10 12:16	--------	d-----w-	c:\program files (x86)\Common Files\Blizzard Entertainment
2013-11-10 10:43 . 2013-11-10 10:43	--------	d-----w-	c:\users\Curdt Marcus\AppData\Local\AppsHat Mobile Apps
2013-11-10 10:43 . 2013-11-10 10:43	--------	d-----w-	c:\program files (x86)\Minibar
2013-11-10 10:39 . 2013-11-10 10:39	--------	d-----w-	c:\users\Curdt Marcus\AppData\Local\FilesFrog Update Checker
2013-11-10 10:23 . 2013-09-04 12:12	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-11-10 10:23 . 2013-09-04 12:11	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-11-10 10:23 . 2013-09-04 12:11	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-11-10 10:23 . 2013-09-04 12:11	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-11-10 10:23 . 2013-09-04 12:11	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-11-10 10:23 . 2013-09-04 12:11	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-11-10 10:23 . 2013-09-04 12:11	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-11-09 15:14 . 2013-11-10 12:24	--------	d-----w-	c:\users\Curdt Marcus\AppData\Roaming\.technic
2013-10-31 11:20 . 2013-10-31 11:20	--------	d-----w-	c:\program files (x86)\EA Games
2013-10-28 17:00 . 2013-10-29 21:02	--------	d-----w-	c:\program files (x86)\The Mighty Quest For Epic Loot
2013-10-27 20:33 . 2013-10-27 20:48	--------	d-----w-	c:\users\Curdt Marcus\AppData\Roaming\RIFT
2013-10-27 13:29 . 2013-10-27 13:29	--------	d-----w-	c:\users\Curdt Marcus\AppData\Roaming\Guild Wars 2
2013-10-27 10:24 . 2013-10-27 10:24	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2013-10-27 10:00 . 2013-10-27 10:00	--------	d-----w-	c:\users\Curdt Marcus\AppData\Local\ArmA 2
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 18:22 . 2013-01-20 09:02	82896128	----a-w-	c:\windows\system32\MRT.exe
2013-10-31 12:14 . 2013-09-01 12:50	282296	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-10-31 12:14 . 2012-12-25 09:44	282296	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-10-31 12:08 . 2013-09-01 12:49	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-10-31 12:07 . 2012-12-24 22:00	282296	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-10-09 14:38 . 2012-12-24 19:39	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-22 23:28 . 2013-10-11 12:36	1767936	----a-w-	c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-11 12:36	2876928	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-11 12:36	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-11 12:36	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-11 12:36	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-11 12:36	2241024	----a-w-	c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-11 12:36	1365504	----a-w-	c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-11 12:36	603136	----a-w-	c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-11 12:36	19252224	----a-w-	c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-11 12:36	855552	----a-w-	c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-11 12:36	3959296	----a-w-	c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-11 12:36	53248	----a-w-	c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-11 12:36	526336	----a-w-	c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-11 12:36	67072	----a-w-	c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-11 12:36	39936	----a-w-	c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-11 12:36	136704	----a-w-	c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-11 12:36	2647552	----a-w-	c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-11 12:36	15404544	----a-w-	c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-11 12:36	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-11 12:36	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-11 12:36	89600	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-11 12:36	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10 . 2013-10-10 17:05	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2013-09-08 02:30 . 2013-10-10 17:05	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 17:05	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 17:05	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-08-31 14:57 . 2013-08-31 14:57	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-08-31 14:57 . 2013-08-31 14:57	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-08-31 14:57 . 2013-08-31 14:57	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-08-29 02:17 . 2013-10-10 17:05	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 17:05	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 17:05	243712	----a-w-	c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 17:05	859648	----a-w-	c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 17:05	878080	----a-w-	c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 17:05	3969472	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 17:05	3914176	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 17:05	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 17:05	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 17:05	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 17:05	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 17:05	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-10 17:05	33280	----a-w-	c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-10 17:05	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 17:05	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 17:05	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 17:05	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 17:05	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 17:05	461312	----a-w-	c:\windows\system32\scavengeui.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
2013-09-19 05:23	331264	----a-w-	c:\program files (x86)\Minibar\Minibar.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-30 1820584]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-10-18 3561816]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE" [2012-02-29 283232]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-07-12 2236816]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\users\Curdt Marcus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 aswRvrt;aswRvrt; [x]
R0 aswVmm;aswVmm; [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [x]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTL8187B;Belkin Wireless G USB Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187B.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd; [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-16 15:02	1210320	----a-w-	c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-24 14:38]
.
2013-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 19:41]
.
2013-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 19:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-06-19 22:45	3317616	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-06-19 22:45	3317616	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-06-19 22:45	3317616	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=0046001F3F008E83&affID=125836&tsp=5037
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=a935efef-f719-d181-4d47-32c2ea4f6b33&searchtype=ds&q={searchTerms}&installDate=28/09/2013
IE: Free YouTube to MP3 Converter - c:\users\Curdt Marcus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Curdt Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\7k6dwla6.default-1358074474981\
FF - ExtSQL: 2013-10-31 12:19; battlefieldheroespatcher@ea.com; c:\users\Curdt Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\7k6dwla6.default-1358074474981\extensions\battlefieldheroespatcher@ea.com
FF - ExtSQL: 2013-11-10 11:42; {130a876e-28f8-41f2-911d-084e557b057a}; c:\users\Curdt Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\7k6dwla6.default-1358074474981\extensions\{130a876e-28f8-41f2-911d-084e557b057a}
FF - user.js: extensions.dokotoolbar.tlbrSrchUrl - hxxp://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=0046001F3F008E83&affID=125836&tsp=5037
FF - user.js: extensions.dokotoolbar.tb_url - hxxp://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=0046001F3F008E83&affID=125836&tsp=5037
FF - user.js: extensions.dokotoolbar.id - 004624c2000000000000001f3f008e83
FF - user.js: extensions.dokotoolbar.appId - {43083724-E0DA-43B9-B7D5-4C5EB0781850}
FF - user.js: extensions.dokotoolbar.instlDay - 15994
FF - user.js: extensions.dokotoolbar.vrsn - 1.8.26.9
FF - user.js: extensions.dokotoolbar.vrsni - 1.8.26.9
FF - user.js: extensions.dokotoolbar.vrsnTs - 1.8.26.921:27
FF - user.js: extensions.dokotoolbar.prtnrId - dokotoolbar
FF - user.js: extensions.dokotoolbar.prdct - dokotoolbar
FF - user.js: extensions.dokotoolbar.aflt - babsst
FF - user.js: extensions.dokotoolbar.smplGrp - none
FF - user.js: extensions.dokotoolbar.tlbrId - base
FF - user.js: extensions.dokotoolbar.instlRef - sst
FF - user.js: extensions.dokotoolbar.dfltLng - de
FF - user.js: extensions.dokotoolbar.excTlbr - false
FF - user.js: extensions.dokotoolbar.ffxUnstlRst - true
FF - user.js: extensions.dokotoolbar.admin - false
FF - user.js: extensions.dokotoolbar.autoRvrt - false
FF - user.js: extensions.dokotoolbar.rvrt - false
FF - user.js: extensions.dokotoolbar.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Pokki - %LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll
Wow6432Node-HKCU-Run-iDevice Manager Launcher - c:\program files (x86)\Software4u\iDevice Manager\Software4u.IDMLauncher.exe
Wow6432Node-HKCU-Run-AppsHat - c:\users\Curdt Marcus\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
Wow6432Node-HKLM-Run-Super-Charger - c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - h:\steamlibrary\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DIB\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ICO\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.ico.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JFIF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPE\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPEG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PNG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.png.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIFF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WDP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.wdp.15.4"
.
[HKEY_USERS\S-1-5-21-714820300-3119143247-1997101176-1000\Software\SecuROM\License information*]
"datasecu"=hex:b7,f6,7c,e7,59,aa,f5,c8,1d,ec,ed,f9,3a,b1,f5,3b,fa,2c,3c,ae,f1,
   e4,9e,de,c3,d9,1f,7d,5a,f0,ab,36,45,17,fd,fe,53,ce,f8,2e,d0,f1,44,2f,18,a5,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-24  11:08:41
ComboFix-quarantined-files.txt  2013-11-24 10:08
.
Vor Suchlauf: 16 Verzeichnis(se), 52.238.323.712 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 67.412.414.464 Bytes frei
.
- - End Of File - - 42F5BC8E640FC0C0A3F7FFA842C8D47C
A36C5E4F47E84449FF07ED3517B43A31

alle Antiviren Syteme aus und alles ist extrem langsam

Plagegeister aller Art und deren Bekämpfung: alle Antiviren Syteme aus und alles ist extrem langsam

alle Antiviren Syteme aus und alles ist extrem langsam

alle Antiviren Syteme aus und alles ist extrem langsam

Ähnliche Themen: alle Antiviren Syteme aus und alles ist extrem langsam