| |
| |||||||
Log-Analyse und Auswertung: Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames InternetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.01.2014, 20:02
| #1 |
 |  Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Guten Abend zusammen, ich habe seit ca. 1 Woche Probleme mit meiner Internetverbindung. Unabhängig von Tages- oder Nachtzeit, sowie kabelgebunden oder -ungebunden habe ich zum Teil Downloadraten von 0,1 MBit und weniger bei DSL6000. Das Kuriose: Mache ich den gleichen Check eine Weile später kommt es vor, dass die volle Bandbreite vorhanden ist. Die Kundebetreuung hat die Leitungen gecheckt und mir mitgeteilt, dass alles in Ordnung ist. Der Router zeigt in den Konfigurationen auch keine Auffälligkeiten. Ich habe zur Prüfung auch mal meinen Laptop an den Router gehängt, da hatte ich anfangs eine sehr gute Bandbreite, dann hat sie nach und nach abgebaut. Auch wenn ich es mir nicht wirklich vorstellen kann, könnte es vielleicht sein, dass sich da ein unerwünschter Begleiter in mein System gezeckt hat? Ein Virenscan mit avast! war negativ. Gerne kann ich diesen aber nochmal durchführen. Die Tests und dazugehörigen Logfiles habe ich wie in der Anleitung beschrieben durchgeführt und mit angehängt. Es wäre super, wenn einer von Euch einen Blick drauf werfen und mir vielleicht helfen kann. Beste Grüße und herzlichen Dank im Voraus, Cleeer |
|
28.01.2014, 22:10
| #2 |
| /// the machine /// TB-Ausbilder    | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
29.01.2014, 09:04
| #3 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Sorry dafür - ich probiers
__________________defrogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:22 on 28/01/2014 (Marco)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02
Ran by xxx at 2014-01-28 19:24:52
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Box Sync (Version: 4.0.4212.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.3956.0 - Box Inc.) Hidden
Brother HL-2035 (x32 Version: 1.00 - Brother)
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Call of Duty: Black Ops II - Zombies (x32 Version: - )
Call of Duty: Black Ops II (x32 Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version: - Infinity Ward)
Cisco AnyConnect Diagnostics and Reporting Tool (x32 Version: 3.1.04063 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (x32 Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.0.13 - Cisco Systems, Inc.)
Citavi 4 (x32 Version: 4.2.0.11 - Swiss Academic Software)
CPUID CPU-Z 1.66.1 (Version: - )
CyberLink Power2Go 8 (x32 Version: 8.0.0.3215 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3215 - CyberLink Corp.) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hauppauge German Help Files and Resources (x32 Version: - )
Hauppauge WinTV (x32 Version: - )
Hauppauge WinTV Diversity Tool (x32 Version: - )
Hauppauge WinTV DVB-T EPG Service (x32 Version: - )
Hauppauge WinTV Infrared Remote (x32 Version: - )
Hauppauge WinTV Scheduler (x32 Version: - )
Hauppauge WinTV TV Services (x32 Version: - )
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
InterVideo FilterSDK for Hauppauge (x32 Version: - InterVideo Inc.)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 6.61 (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
NVIDIA 3D Vision Controller Driver (x32 Version: 267.67 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 267.85 (Version: 267.85 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.23 (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Samsung Magician (x32 Version: 4.2.1 - Samsung Electronics)
StarCraft II (x32 Version: - Blizzard Entertainment)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TL-WN321G-Drahtlos-Tool (x32 Version: 1.0.3.0 - TP-LINK)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
==================== Restore Points =========================
14-01-2014 07:35:18 Windows Update
15-01-2014 08:51:28 Windows Update
21-01-2014 16:57:34 Windows Update
28-01-2014 15:48:07 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0F47EEA0-E50C-4CC6-9BF2-6ED342579939} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-21] (Adobe Systems Incorporated)
Task: {3EB46AE6-81ED-426F-AA60-F672B79B954D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {562D8E5D-F1A7-46A3-8B37-36EE43EC9CD8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {63A9AC50-4CC7-45BE-91EC-C4A747B05D38} - System32\Tasks\ASUS\i-Setup203445 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {73DCE74B-A3E7-49AB-8524-B4B73961D820} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {B1ADFE29-7ACC-4AD7-AD7A-45614AF15A72} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {B2BBC6D5-9079-466A-8B67-A840FB297E72} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-04] (AVAST Software)
Task: {FEC6206C-E990-4EED-A32C-BB8348D62DA3} - System32\Tasks\ASUS\i-Setup203519 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-28 18:13 - 2014-01-28 18:13 - 00471552 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_hashlib.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00128512 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32api.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00137728 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\pywintypes27.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00503808 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\pythoncom27.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00111616 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_ctypes.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00689664 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\unicodedata.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00046080 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_socket.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 01167360 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_ssl.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00003584 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\clr.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00103424 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Python.Runtime.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00041984 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_psutil_mswindows.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00010752 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\select.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00166912 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_elementtree.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00164352 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\pyexpat.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00027136 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\ujson.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00136192 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32security.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00438784 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32com.shell.shell.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00023040 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32event.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00149504 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32file.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00058368 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_sqlite3.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00535040 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\sqlite3.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00030720 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32cred.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00030208 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Cipher._AES.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00008192 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Util.strxor.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00010752 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Random.OSRNG.winrandom.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00011264 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Util._counter.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00031744 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_multiprocessing.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00044032 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32process.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00020992 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_yappi.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00009728 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\SyncContextMenuService.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00021504 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32clipboard.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00068096 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\SystemWrapper.dll
2013-07-19 22:29 - 2013-07-19 22:29 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-01-28 16:44 - 2014-01-28 10:06 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012800\algo.dll
2014-01-28 18:13 - 2014-01-28 17:44 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012801\algo.dll
2013-10-05 19:39 - 2014-01-28 18:13 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2013-10-05 19:39 - 2013-05-07 08:45 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-01-08 08:04 - 2013-12-12 23:19 - 00142848 _____ () E:\Spiele\Steam\libavresample-1.dll
2014-01-08 08:04 - 2013-11-05 02:12 - 00890592 _____ () E:\Spiele\Steam\libavutil-52.dll
2013-08-21 13:18 - 2013-12-12 23:04 - 00716800 _____ () E:\Spiele\Steam\SDL2.dll
2013-09-21 09:35 - 2014-01-07 22:00 - 01138088 _____ () E:\Spiele\Steam\bin\chromehtml.DLL
2013-09-10 13:20 - 2013-12-12 23:04 - 20625832 _____ () E:\Spiele\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () E:\Spiele\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () E:\Spiele\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () E:\Spiele\Steam\bin\avformat-53.dll
2013-12-06 21:31 - 2013-12-06 21:31 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Marco\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-05 19:37 - 2013-03-12 12:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-12-12 09:18 - 2013-12-12 09:18 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-04 14:47 - 2013-07-17 23:56 - 00430080 _____ () C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\FirefoxPickerCommunication.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2014 01:08:49 PM) (Source: Application Hang) (User: )
Description: Programm WinTV.exe, Version 6.0.26080.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2830
Startzeit: 01cf18fc0f045be0
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\WinTV\WinTV.exe
Berichts-ID: 1d2cb20b-84f0-11e3-a842-74d02b93250e
Error: (01/15/2014 04:01:52 PM) (Source: Application Hang) (User: )
Description: Programm WinTV.exe, Version 6.0.26080.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: dd8
Startzeit: 01cf1202741f38fd
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\WinTV\WinTV.exe
Berichts-ID: cc41e538-7df5-11e3-ac08-74d02b93250e
Error: (01/15/2014 03:36:18 PM) (Source: MsiInstaller) (User: Marco-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011006}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (01/08/2014 08:34:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iw4mp.exe, Version: 0.0.0.0, Zeitstempel: 0x4c119a5c
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 9.18.13.2723, Zeitstempel: 0x52314d4c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0060bb67
ID des fehlerhaften Prozesses: 0x1e94
Startzeit der fehlerhaften Anwendung: 0xiw4mp.exe0
Pfad der fehlerhaften Anwendung: iw4mp.exe1
Pfad des fehlerhaften Moduls: iw4mp.exe2
Berichtskennung: iw4mp.exe3
Error: (01/07/2014 09:36:16 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="*",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="*",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/21/2013 11:37:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WinTV.exe, Version: 6.0.26080.0, Zeitstempel: 0x47e29719
Name des fehlerhaften Moduls: WindowsCodecs.dll, Version: 6.2.9200.16492, Zeitstempel: 0x50f30e59
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006746c
ID des fehlerhaften Prozesses: 0xb90
Startzeit der fehlerhaften Anwendung: 0xWinTV.exe0
Pfad der fehlerhaften Anwendung: WinTV.exe1
Pfad des fehlerhaften Moduls: WinTV.exe2
Berichtskennung: WinTV.exe3
Error: (11/06/2013 01:22:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BoxSync.exe, Version: 3.4.25.0, Zeitstempel: 0x51b2b112
Name des fehlerhaften Moduls: python27.DLL, Version: 2.7.3150.1013, Zeitstempel: 0x4f84a51f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c48fc
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xBoxSync.exe0
Pfad der fehlerhaften Anwendung: BoxSync.exe1
Pfad des fehlerhaften Moduls: BoxSync.exe2
Berichtskennung: BoxSync.exe3
Error: (11/04/2013 04:20:22 PM) (Source: Application Hang) (User: )
Description: Programm t6sp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1654
Startzeit: 01ced968ff1f658e
Endzeit: 300
Anwendungspfad: E:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
Berichts-ID:
Error: (11/04/2013 04:19:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: t6sp.exe, Version: 1.0.0.1, Zeitstempel: 0x50c7e945
Name des fehlerhaften Moduls: t6sp.exe, Version: 1.0.0.1, Zeitstempel: 0x50c7e945
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002dcf77
ID des fehlerhaften Prozesses: 0x1654
Startzeit der fehlerhaften Anwendung: 0xt6sp.exe0
Pfad der fehlerhaften Anwendung: t6sp.exe1
Pfad des fehlerhaften Moduls: t6sp.exe2
Berichtskennung: t6sp.exe3
Error: (11/03/2013 05:25:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.0.0, Zeitstempel: 0x52432b75
Name des fehlerhaften Moduls: vlc.exe, Version: 2.1.0.0, Zeitstempel: 0x52432b75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000019b4
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
System errors:
=============
Error: (01/28/2014 06:13:35 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/28/2014 04:44:42 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/28/2014 07:16:11 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/27/2014 05:12:56 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/27/2014 07:16:15 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/26/2014 10:52:50 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/25/2014 11:28:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/24/2014 02:50:33 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (01/24/2014 02:50:31 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 24.01.2014 um 14:44:30 unerwartet heruntergefahren.
Error: (01/24/2014 01:10:07 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (01/24/2014 01:08:49 PM) (Source: Application Hang)(User: )
Description: WinTV.exe6.0.26080.0283001cf18fc0f045be060000C:\Program Files (x86)\WinTV\WinTV.exe1d2cb20b-84f0-11e3-a842-74d02b93250e
Error: (01/15/2014 04:01:52 PM) (Source: Application Hang)(User: )
Description: WinTV.exe6.0.26080.0dd801cf1202741f38fd60000C:\Program Files (x86)\WinTV\WinTV.execc41e538-7df5-11e3-ac08-74d02b93250e
Error: (01/15/2014 03:36:18 PM) (Source: MsiInstaller)(User: Marco-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011006}1625(NULL)(NULL)(NULL)
Error: (01/08/2014 08:34:29 PM) (Source: Application Error)(User: )
Description: iw4mp.exe0.0.0.04c119a5cnvd3dum.dll9.18.13.272352314d4cc00000050060bb671e9401cf0ca889f044e2E:\Spiele\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exeC:\Windows\system32\nvd3dum.dlle3c4c626-789b-11e3-bade-74d02b93250e
Error: (01/07/2014 09:36:16 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="*",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Box Sync\BoxSync.exe
Error: (12/21/2013 11:37:54 AM) (Source: Application Error)(User: )
Description: WinTV.exe6.0.26080.047e29719WindowsCodecs.dll6.2.9200.1649250f30e59c00000050006746cb9001cefe358530a3eeC:\Program Files (x86)\WinTV\WinTV.exeC:\Windows\system32\WindowsCodecs.dllf2a5fbca-6a2b-11e3-adda-74d02b93250e
Error: (11/06/2013 01:22:40 PM) (Source: Application Error)(User: )
Description: BoxSync.exe3.4.25.051b2b112python27.DLL2.7.3150.10134f84a51fc000000500000000000c48fc
Error: (11/04/2013 04:20:22 PM) (Source: Application Hang)(User: )
Description: t6sp.exe1.0.0.1165401ced968ff1f658e300E:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
Error: (11/04/2013 04:19:32 PM) (Source: Application Error)(User: )
Description: t6sp.exe1.0.0.150c7e945t6sp.exe1.0.0.150c7e945c0000005002dcf77165401ced968ff1f658eE:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exeE:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe8132578a-4564-11e3-9185-74d02b93250e
Error: (11/03/2013 05:25:55 PM) (Source: Application Error)(User: )
Description: vlc.exe2.1.0.052432b75vlc.exe2.1.0.052432b75c000000500000000000019b416e801ced8b15625276eC:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\vlc.exe9c71ad9b-44a4-11e3-bd2f-74d02b93250e
CodeIntegrity Errors:
===================================
Date: 2014-01-28 18:43:40.365
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 18:13:39.231
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 18:11:00.562
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 16:50:49.051
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 16:44:44.886
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 07:33:36.350
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 07:16:14.307
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 17:18:34.993
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 17:12:57.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 07:39:44.042
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 28%
Total physical RAM: 8131.84 MB
Available physical RAM: 5784.24 MB
Total Pagefile: 16261.87 MB
Available Pagefile: 13725.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:69.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (x) (Fixed) (Total:195.31 GB) (Free:42.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (x) (Fixed) (Total:931.51 GB) (Free:394.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (x) (Fixed) (Total:270.45 GB) (Free:1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: C9389B84)
Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 806091D7)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: AE4FE21F)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Marco (administrator) on MARCO-PC on 28-01-2014 19:24:43
Running from C:\Users\Marco\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [BoxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [12920496 2014-01-14] (Box, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [EPGServiceTool] - C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Steam] - E:\Spiele\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DD8983906C2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-11-04]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [919552 2008-04-17] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [47232 2008-04-17] (Hauppauge Computer Works, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 19:24 - 2014-01-28 19:24 - 00013719 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Downloads\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-01-28 19:19 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 17:34 - 2014-01-28 17:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 18:09 - 2014-01-22 18:11 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:59 - 2014-01-23 22:57 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 17:59 - 2014-01-22 18:15 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 17:59 - 2014-01-22 18:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 17:48 - 2014-01-22 17:57 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-15 08:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 13:50 - 2014-01-07 13:51 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-28 18:56 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
==================== One Month Modified Files and Folders =======
2014-01-28 19:24 - 2014-01-28 19:24 - 00013719 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:24 - 2013-10-05 23:05 - 00000000 ____D C:\Program Files (x86)\WinTV
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Downloads\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:22 - 2013-10-05 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 19:22 - 2013-10-05 19:21 - 00000000 ____D C:\Users\Marco
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:19 - 2014-01-28 19:18 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 19:18 - 2013-10-05 21:05 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26B70CC-B586-48AA-82B2-A9DBCCF0E556}
2014-01-28 18:56 - 2014-01-07 09:55 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-28 18:40 - 2013-10-05 21:19 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 18:20 - 2009-07-14 18:58 - 00698688 _____ C:\Windows\system32\perfh007.dat
2014-01-28 18:20 - 2009-07-14 18:58 - 00148828 _____ C:\Windows\system32\perfc007.dat
2014-01-28 18:20 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 18:20 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 18:20 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 18:16 - 2013-10-05 19:21 - 01580976 _____ C:\Windows\WindowsUpdate.log
2014-01-28 18:13 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Dropbox
2014-01-28 18:13 - 2013-10-05 22:29 - 00112426 _____ C:\Windows\PFRO.log
2014-01-28 18:13 - 2013-10-05 21:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 18:13 - 2013-10-05 21:19 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-28 18:13 - 2013-10-05 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-28 18:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-28 18:13 - 2009-07-14 05:51 - 00042547 _____ C:\Windows\setupact.log
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:35 - 2014-01-28 17:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-23 22:57 - 2014-01-22 17:59 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-22 18:15 - 2014-01-22 17:59 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 18:15 - 2014-01-22 17:59 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 18:11 - 2014-01-22 18:09 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:57 - 2014-01-22 17:48 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-21 07:54 - 2013-10-05 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-21 07:54 - 2013-10-05 21:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-21 07:54 - 2013-10-05 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-21 07:53 - 2013-10-05 23:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2014-01-17 08:17 - 2013-10-25 10:39 - 00000979 _____ C:\Users\Marco\Desktop\Dropbox.lnk
2014-01-17 08:17 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 08:17 - 2013-10-05 19:21 - 00000000 ___RD C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 15:34 - 2009-07-14 05:45 - 00446264 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:52 - 2013-10-05 21:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 09:51 - 2013-10-05 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:56 - 2013-11-04 14:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-11 17:21 - 2013-10-10 13:26 - 00000000 ____D C:\Users\Marco\AppData\Roaming\vlc
2014-01-07 16:13 - 2013-11-03 17:35 - 00000000 ____D C:\Users\Marco\Documents\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-07 13:51 - 2014-01-07 13:50 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 13:50 - 2013-10-06 15:19 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-07 09:10 - 2013-10-10 13:26 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 17:31 - 2013-10-06 11:30 - 00000000 ____D C:\Windows\System32\Tasks\Games
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-04 14:19 - 2013-10-05 21:19 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-04 14:19 - 2013-10-05 21:19 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\COMAP.EXE
C:\Users\Marco\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Marco\AppData\Local\Temp\log4net.dll
C:\Users\Marco\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Marco\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\Marco\AppData\Local\Temp\SyncRestarter.exe
C:\Users\Marco\AppData\Local\Temp\sync_upgrader.exe
C:\Users\Marco\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Marco\AppData\Local\Temp\_is141C.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 21:05
==================== End Of Log ============================
--- --- --- --- --- --- Gmer ist zu groß - ich müsste den Text in 4 Codes aufteilen und da ist die Gefahr groß, dass was fehlt... Ist das trotzdem gewünscht? |
|
29.01.2014, 17:17
| #4 | ||
| /// the machine /// TB-Ausbilder | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames InternetZitat:
 aber da fehlt Ghosts  Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2014, 11:34
| #5 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Jaaa  das wars mir dann doch nicht wert, als ich die miesen Rezensionen gelesen hatte...ComboFix habe ich laufen lassen. Hier die Logfile: Code:
ATTFilter ComboFix 14-01-29.01 - Marco 30.01.2014 11:18:31.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8132.6326 [GMT 1:00]
ausgeführt von:: c:\users\Marco\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marco\AppData\Local\Temp\_MEI39442\_ctypes.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_elementtree.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_hashlib.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_multiprocessing.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_psutil_mswindows.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_socket.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_sqlite3.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_ssl.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_yappi.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\BoxSyncWindowsUI.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\clr.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Cipher._AES.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Random.OSRNG.winrandom.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Util._counter.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Util.strxor.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\IconLogic.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\pyexpat.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Python.Runtime.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\python27.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\pythoncom27.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\pywintypes27.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\select.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\SQLite.Interop.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\sqlite3.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SyncContextMenuService.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SyncIconOverlayService.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\System.Data.SQLite.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SystemInterface.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SystemWrapper.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\ujson.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\unicodedata.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32api.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32clipboard.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32com.shell.shell.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32cred.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32event.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32file.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32process.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32security.pyd
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\mpir.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\msvcp100.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\msvcr100.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\wmpnetwk.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\wmpnetwk.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-28 bis 2014-01-30 ))))))))))))))))))))))))))))))
.
.
2014-01-28 18:24 . 2014-01-28 18:24 -------- d-----w- C:\FRST
2014-01-28 16:36 . 2014-01-28 16:36 -------- d-----w- c:\users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 16:36 . 2014-01-28 16:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-28 16:36 . 2014-01-28 16:36 -------- d-----w- c:\programdata\Malwarebytes
2014-01-28 16:36 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-28 15:48 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26C98A53-9E7A-4D15-8F35-F7684443315E}\mpengine.dll
2014-01-22 19:29 . 2014-01-22 19:29 -------- d-----w- c:\users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 16:59 . 2014-01-22 17:15 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-01-22 16:59 . 2014-01-22 17:15 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-01-22 16:48 . 2014-01-22 16:57 -------- d-----w- c:\programdata\Battle.net
2014-01-15 07:37 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 07:37 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 07:37 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 07:37 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 07:37 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 07:37 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 07:37 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 07:37 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-07 08:55 . 2014-01-30 10:12 -------- d-----w- c:\users\Marco\AppData\Local\Box Sync
2014-01-07 08:55 . 2014-01-07 08:55 -------- d-----w- c:\program files\Box
2014-01-07 08:55 . 2014-01-07 08:55 -------- d-----w- c:\programdata\Package Cache
2014-01-04 13:19 . 2014-01-04 13:19 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-21 06:54 . 2013-10-05 20:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-21 06:54 . 2013-10-05 20:30 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 08:51 . 2013-10-05 20:56 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-15 07:52 . 2013-11-04 13:25 566480 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-01-04 13:19 . 2013-10-05 20:19 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-04 13:19 . 2013-10-05 20:19 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-04 13:19 . 2013-10-05 20:19 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-04 13:19 . 2013-10-05 20:19 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-04 13:19 . 2013-10-05 20:19 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-04 13:19 . 2013-10-05 20:19 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 05:13 . 2013-10-05 19:56 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-06 20:31 . 2013-10-05 20:19 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-06 20:31 . 2013-10-05 20:19 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-04 21:33 . 2013-12-04 21:33 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 21:33 . 2013-12-04 21:33 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-04 21:33 . 2013-12-04 21:33 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-04 21:33 . 2013-12-04 21:33 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 21:33 . 2013-12-04 21:33 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-04 21:33 . 2013-12-04 21:33 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 21:33 . 2013-12-04 21:33 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-04 21:33 . 2013-12-04 21:33 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-04 21:33 . 2013-12-04 21:33 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-04 21:33 . 2013-12-04 21:33 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-04 21:33 . 2013-12-04 21:33 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-04 21:33 . 2013-12-04 21:33 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 21:33 . 2013-12-04 21:33 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 21:33 . 2013-12-04 21:33 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-04 21:33 . 2013-12-04 21:33 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-04 21:33 . 2013-12-04 21:33 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-04 21:33 . 2013-12-04 21:33 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-04 21:33 . 2013-12-04 21:33 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 21:33 . 2013-12-04 21:33 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-04 21:33 . 2013-12-04 21:33 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-04 21:33 . 2013-12-04 21:33 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-04 21:33 . 2013-12-04 21:33 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-04 21:33 . 2013-12-04 21:33 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-04 21:33 . 2013-12-04 21:33 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-04 21:33 . 2013-12-04 21:33 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-04 21:33 . 2013-12-04 21:33 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-04 21:33 . 2013-12-04 21:33 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-04 21:33 . 2013-12-04 21:33 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-04 21:33 . 2013-12-04 21:33 413696 ----a-w- c:\windows\system32\html.iec
2013-12-04 21:33 . 2013-12-04 21:33 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 21:33 . 2013-12-04 21:33 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-04 21:33 . 2013-12-04 21:33 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 21:33 . 2013-12-04 21:33 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-04 21:33 . 2013-12-04 21:33 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-04 21:33 . 2013-12-04 21:33 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-04 21:33 . 2013-12-04 21:33 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-04 21:33 . 2013-12-04 21:33 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-04 21:33 . 2013-12-04 21:33 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-04 21:33 . 2013-12-04 21:33 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-04 21:33 . 2013-12-04 21:33 235520 ----a-w- c:\windows\system32\url.dll
2013-12-04 21:33 . 2013-12-04 21:33 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-04 21:33 . 2013-12-04 21:33 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-04 21:33 . 2013-12-04 21:33 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-04 21:33 . 2013-12-04 21:33 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-04 21:33 . 2013-12-04 21:33 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-04 21:33 . 2013-12-04 21:33 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-04 21:33 . 2013-12-04 21:33 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-04 21:33 . 2013-12-04 21:33 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-04 21:33 . 2013-12-04 21:33 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-04 21:33 . 2013-12-04 21:33 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-04 21:33 . 2013-12-04 21:33 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-04 21:33 . 2013-12-04 21:33 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-04 21:33 . 2013-12-04 21:33 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-04 21:33 . 2013-12-04 21:33 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-04 21:33 . 2013-12-04 21:33 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-04 21:33 . 2013-12-04 21:33 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 21:33 . 2013-12-04 21:33 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-04 21:33 . 2013-12-04 21:33 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 21:33 . 2013-12-04 21:33 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-04 21:33 . 2013-12-04 21:33 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-12-04 21:33 . 2013-12-04 21:33 859648 ----a-w- c:\windows\system32\tdh.dll
2013-12-04 21:33 . 2013-12-04 21:33 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-12-04 21:33 . 2013-12-04 21:33 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-12-04 21:33 . 2013-12-04 21:33 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-12-04 21:33 . 2013-12-04 21:33 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-12-04 21:33 . 2013-12-04 21:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-12-04 21:33 . 2013-12-04 21:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-12-04 21:33 . 2013-12-04 21:33 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-12-04 21:33 . 2013-12-04 21:33 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-12-04 21:33 . 2013-12-04 21:33 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-12-04 21:33 . 2013-12-04 21:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-12-04 21:33 . 2013-12-04 21:33 243712 ----a-w- c:\windows\system32\wow64.dll
2013-12-04 21:33 . 2013-12-04 21:33 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-12-04 21:33 . 2013-12-04 21:33 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-12-04 21:33 . 2013-12-04 21:33 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-12-04 21:33 . 2013-12-04 21:33 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-12-04 21:33 . 2013-12-04 21:33 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-12-04 21:33 . 2013-12-04 21:33 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-12-04 21:33 . 2013-12-04 21:33 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-12-04 21:33 . 2013-12-04 21:33 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-12-04 21:33 . 2013-12-04 21:33 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-11-26 11:54 . 2013-12-11 06:43 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 06:43 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 06:43 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 06:43 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 06:43 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 06:43 2764288 ----a-w- c:\windows\system32\iertutil.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-04 13:36 222712 ----a-w- c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-04 13:36 222712 ----a-w- c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-04 13:36 222712 ----a-w- c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\spiele\Steam\Steam.exe" [2014-01-27 1815976]
"Akamai NetSession Interface"="c:\users\Marco\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"EPGServiceTool"="c:\progra~2\WinTV\EPG Services\System\EPGClient.exe" [2008-05-15 688128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-04 3764024]
.
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files (x86)\WinTV\Ir.exe /QUIET [2013-10-5 110647]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BoxSyncUpdateService;Box Sync Update Service;c:\program files\Box\Box Sync\SyncUpdaterService.exe;c:\program files\Box\Box Sync\SyncUpdaterService.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 EPGService;EPGService;c:\progra~2\WinTV\EPG Services\System\EPGService.exe;c:\progra~2\WinTV\EPG Services\System\EPGService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys;c:\windows\SYSNATIVE\Drivers\hcw95bda.sys [x]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys;c:\windows\SYSNATIVE\DRIVERS\hcw95rc.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-05 06:54]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05 20:19]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05 20:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-04 13:36 261624 ----a-w- c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-04 13:36 261624 ----a-w- c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-04 13:36 261624 ----a-w- c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-15 07:54 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-15 07:54 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-15 07:54 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncFileLocked]
@="{1b9c95e1-ce36-3737-81c8-1ec9807f03c1}"
[HKEY_CLASSES_ROOT\CLSID\{1b9c95e1-ce36-3737-81c8-1ec9807f03c1}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncNotSynced]
@="{e22ccf16-2db6-3de8-9a2c-acb66b571b69}"
[HKEY_CLASSES_ROOT\CLSID\{e22ccf16-2db6-3de8-9a2c-acb66b571b69}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncProblem]
@="{84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc}"
[HKEY_CLASSES_ROOT\CLSID\{84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncSynced]
@="{01fcd170-7f0a-3b6a-b992-66a7a20289b5}"
[HKEY_CLASSES_ROOT\CLSID\{01fcd170-7f0a-3b6a-b992-66a7a20289b5}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-04 13:19 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-06-24 7191768]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-06-05 1311304]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]
"BoxSync"="c:\program files\Box\Box Sync\BoxSync.exe" [2014-01-14 12920496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Hauppauge WinTV DVB-T EPG Service - c:\windows\System32\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Chipset\AsusSetup.exe
c:\windows\Chipset\AsusSetup.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-30 11:22:23 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-30 10:22
.
Vor Suchlauf: 9 Verzeichnis(se), 73.015.812.096 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 76.067.098.624 Bytes frei
.
- - End Of File - - B3509986D8B84EE2DA0962893C75EF7B
A36C5E4F47E84449FF07ED3517B43A31
C/Users/Marco/AppData/Local/Temp/203519Log.iniis lost C/Users/Marco/AppData/Local/Temp/203445Log.iniis lost Was soll das sein? |
|
31.01.2014, 08:37
| #6 |
| /// the machine /// TB-Ausbilder | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet ach die labern alle nur, ich find es geil und hab schon 16 Tage Spielzeit Das sind nur Temp Dateien, machen wir im Anschluss. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet |
|
31.01.2014, 13:13
| #7 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet 16 Tage  die hab ich glaub nicht mal bei mw2 zusammen...dann denk ich vielleicht nochmal drüber nach hab alles scan durchgeführt. Hier die logs. Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.28.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Marco :: MARCO-PC [Administrator] 31.01.2014 11:28:13 mbam-log-2014-01-31 (11-28-13).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 530073 Laufzeit: 32 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 12:48:50
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Marco - MARCO-PC
# Gestartet von : C:\Users\Marco\Downloads\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [744 octets] - [31/01/2014 12:48:50]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [803 octets] ##########
und adw [SO] Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 12:50:25
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Marco - MARCO-PC
# Gestartet von : C:\Users\Marco\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [886 octets] - [31/01/2014 12:48:50]
AdwCleaner[S0].txt - [762 octets] - [31/01/2014 12:50:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [821 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Marco on 31.01.2014 at 12:55:38,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\cx6vxi10.default\minidumps [7 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2014 at 12:56:42,46
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Marco (administrator) on MARCO-PC on 31-01-2014 12:58:04
Running from C:\Users\Marco\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [BoxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [12920496 2014-01-14] (Box, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [EPGServiceTool] - C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Steam] - E:\Spiele\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DD8983906C2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-11-04]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [919552 2008-04-17] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [47232 2008-04-17] (Hauppauge Computer Works, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-31 12:58 - 2014-01-31 12:58 - 00013510 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:48 - 2014-01-31 12:50 - 00000000 ____D C:\AdwCleaner
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-30 14:26 - 2014-01-30 14:28 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:23 - 2014-01-30 12:34 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ C:\ComboFix.txt
2014-01-30 11:17 - 2014-01-30 11:22 - 00000000 ____D C:\Qoobox
2014-01-30 11:17 - 2014-01-30 11:21 - 00000000 ____D C:\Windows\erdnt
2014-01-30 11:17 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-30 11:17 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-30 11:17 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-30 10:08 - 2014-01-30 10:10 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:42 - 2014-01-28 19:42 - 00487387 _____ C:\Users\Marco\Desktop\Gmer.txt
2014-01-28 19:24 - 2014-01-28 19:27 - 00029457 _____ C:\Users\Marco\Desktop\Addition.txt
2014-01-28 19:24 - 2014-01-28 19:25 - 00026124 _____ C:\Users\Marco\Desktop\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Desktop\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-01-28 19:19 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 17:34 - 2014-01-28 17:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 18:09 - 2014-01-22 18:11 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:59 - 2014-01-23 22:57 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 17:59 - 2014-01-22 18:15 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 17:59 - 2014-01-22 18:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 17:48 - 2014-01-22 17:57 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-15 08:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 13:50 - 2014-01-07 13:51 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-31 12:55 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
==================== One Month Modified Files and Folders =======
2014-01-31 12:58 - 2014-01-31 12:58 - 00013510 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:55 - 2014-01-07 09:55 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-31 12:55 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Dropbox
2014-01-31 12:55 - 2013-10-05 21:19 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 12:55 - 2013-10-05 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-31 12:55 - 2013-10-05 19:21 - 01698900 _____ C:\Windows\WindowsUpdate.log
2014-01-31 12:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 12:55 - 2009-07-14 05:51 - 00044899 _____ C:\Windows\setupact.log
2014-01-31 12:55 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 12:55 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 12:54 - 2013-10-05 21:05 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26B70CC-B586-48AA-82B2-A9DBCCF0E556}
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:50 - 2014-01-31 12:48 - 00000000 ____D C:\AdwCleaner
2014-01-31 12:40 - 2013-10-05 21:19 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 12:22 - 2013-10-05 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-31 10:56 - 2009-07-14 18:58 - 00698688 _____ C:\Windows\system32\perfh007.dat
2014-01-31 10:56 - 2009-07-14 18:58 - 00148828 _____ C:\Windows\system32\perfc007.dat
2014-01-31 10:56 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-31 00:45 - 2013-10-05 23:05 - 00000000 ____D C:\Program Files (x86)\WinTV
2014-01-30 14:44 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-30 14:28 - 2014-01-30 14:26 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:34 - 2014-01-30 12:23 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ C:\ComboFix.txt
2014-01-30 11:22 - 2014-01-30 11:17 - 00000000 ____D C:\Qoobox
2014-01-30 11:21 - 2014-01-30 11:17 - 00000000 ____D C:\Windows\erdnt
2014-01-30 11:21 - 2013-10-05 22:29 - 00112978 _____ C:\Windows\PFRO.log
2014-01-30 11:21 - 2009-07-14 03:34 - 66846720 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 21495808 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-30 10:14 - 2013-10-05 21:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-30 10:10 - 2014-01-30 10:08 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 21:41 - 2013-10-10 13:26 - 00000000 ____D C:\Users\Marco\AppData\Roaming\vlc
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:42 - 2014-01-28 19:42 - 00487387 _____ C:\Users\Marco\Desktop\Gmer.txt
2014-01-28 19:27 - 2014-01-28 19:24 - 00029457 _____ C:\Users\Marco\Desktop\Addition.txt
2014-01-28 19:25 - 2014-01-28 19:24 - 00026124 _____ C:\Users\Marco\Desktop\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Desktop\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:22 - 2013-10-05 19:21 - 00000000 ____D C:\Users\Marco
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:19 - 2014-01-28 19:18 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:35 - 2014-01-28 17:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-23 22:57 - 2014-01-22 17:59 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-22 18:15 - 2014-01-22 17:59 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 18:15 - 2014-01-22 17:59 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 18:11 - 2014-01-22 18:09 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:57 - 2014-01-22 17:48 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-21 07:54 - 2013-10-05 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-21 07:54 - 2013-10-05 21:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-21 07:54 - 2013-10-05 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-21 07:53 - 2013-10-05 23:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2014-01-17 08:17 - 2013-10-25 10:39 - 00000979 _____ C:\Users\Marco\Desktop\Dropbox.lnk
2014-01-17 08:17 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 08:17 - 2013-10-05 19:21 - 00000000 ___RD C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 15:34 - 2009-07-14 05:45 - 00446264 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:52 - 2013-10-05 21:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 09:51 - 2013-10-05 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:56 - 2013-11-04 14:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-07 16:13 - 2013-11-03 17:35 - 00000000 ____D C:\Users\Marco\Documents\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-07 13:51 - 2014-01-07 13:50 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 13:50 - 2013-10-06 15:19 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-07 09:10 - 2013-10-10 13:26 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 17:31 - 2013-10-06 11:30 - 00000000 ____D C:\Windows\System32\Tasks\Games
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-04 14:19 - 2013-10-05 21:19 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-04 14:19 - 2013-10-05 21:19 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 19:04
==================== End Of Log ============================
--- --- --- --- --- --- btw: meine tae-doese wurde gestern gewechselt -ohne nennenswerten Erfolg  Ich kann das Problem mittlerweile aber etwas spezifizieren: Der Rechner braucht ne gewisse Zeit bis die Leitung steht - soll heißen: Sobald ich einen Neustart mache, hab ich ne miese Bandbreite. Wenn ich dann ne Stunde oder auch zwei warte und auch mal ein video streame, steht die Leitung und ich hab die volle Bandbreite. |
|
01.02.2014, 11:00
| #8 |
| /// the machine /// TB-Ausbilder | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Andere Rechner in deinem Netz haben keine Probleme? ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.02.2014, 12:47
| #9 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet mein laptop hat die ähnlichen probleme - der Rechner vom techniker hatte gar keine probleme.. ESET Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=552eb596b2fd9942b58279814462e05b
# engine=16895
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-01 11:36:23
# local_time=2014-02-01 12:36:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 77 2397516 2416618 0 0
# compatibility_mode=5893 16776573 100 94 91780 142884433 0 0
# scanned=317309
# found=0
# cleaned=0
# scan_time=4140
Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 12.0.0.43 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (26.0) Mozilla Thunderbird (24.2.0) ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 03
Ran by Marco (administrator) on MARCO-PC on 01-02-2014 12:46:48
Running from C:\Users\Marco\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\WinTV.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [BoxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [13059912 2014-01-24] (Box, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [EPGServiceTool] - C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3454655378-3721952221-3468027484-1000\...\Run: [Steam] - E:\Spiele\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-3454655378-3721952221-3468027484-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DD8983906C2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-11-04]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [919552 2008-04-17] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [47232 2008-04-17] (Hauppauge Computer Works, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-01 12:46 - 2014-02-01 12:46 - 00000000 ____D () C:\Users\Marco\Downloads\FRST-OlderVersion
2014-02-01 12:44 - 2014-02-01 12:44 - 00000856 _____ () C:\Users\Marco\Desktop\checkup.txt
2014-02-01 11:24 - 2014-02-01 11:24 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-01 11:22 - 2014-02-01 11:22 - 00987425 _____ () C:\Users\Marco\Downloads\SecurityCheck.exe
2014-02-01 11:21 - 2014-02-01 11:21 - 02347384 _____ (ESET) C:\Users\Marco\Downloads\esetsmartinstaller_enu.exe
2014-01-31 12:58 - 2014-02-01 12:46 - 00013610 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ () C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ () C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ () C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:48 - 2014-01-31 12:50 - 00000000 ____D () C:\AdwCleaner
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ () C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-30 14:26 - 2014-01-30 14:28 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:23 - 2014-01-30 12:34 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ () C:\ComboFix.txt
2014-01-30 11:17 - 2014-01-30 11:22 - 00000000 ____D () C:\Qoobox
2014-01-30 11:17 - 2014-01-30 11:21 - 00000000 ____D () C:\Windows\erdnt
2014-01-30 11:17 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-30 11:17 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-30 11:17 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-30 10:08 - 2014-01-30 10:10 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ () C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:24 - 2014-02-01 12:46 - 00000000 ____D () C:\FRST
2014-01-28 19:24 - 2014-01-31 12:58 - 00029801 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ () C:\Users\Marco\defogger_reenable
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ () C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-02-01 12:46 - 02080256 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ () C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 17:34 - 2014-01-28 17:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D () C:\Users\Marco\Downloads\antimal ware
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 18:09 - 2014-01-22 18:11 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:59 - 2014-01-23 22:57 - 00000000 ____D () C:\Users\Marco\Documents\StarCraft II
2014-01-22 17:59 - 2014-01-22 18:15 - 00000845 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 17:59 - 2014-01-22 18:15 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-01-22 17:48 - 2014-01-22 17:57 - 00000000 ____D () C:\ProgramData\Battle.net
2014-01-15 08:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 13:50 - 2014-01-07 13:51 - 00005604 _____ () C:\Windows\system32\lvcoinst.log
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ () C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-02-01 10:36 - 00000000 ____D () C:\Users\Marco\AppData\Local\Box Sync
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D () C:\Users\Marco\Documents\My Box Files
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
==================== One Month Modified Files and Folders =======
2014-02-01 12:46 - 2014-02-01 12:46 - 00000000 ____D () C:\Users\Marco\Downloads\FRST-OlderVersion
2014-02-01 12:46 - 2014-01-31 12:58 - 00013610 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-02-01 12:46 - 2014-01-28 19:24 - 00000000 ____D () C:\FRST
2014-02-01 12:46 - 2014-01-28 19:18 - 02080256 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-02-01 12:45 - 2013-10-05 23:08 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-02-01 12:45 - 2013-10-05 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-01 12:45 - 2013-10-05 21:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-01 12:45 - 2013-10-05 21:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-01 12:45 - 2013-10-05 21:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-01 12:45 - 2013-10-05 21:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26B70CC-B586-48AA-82B2-A9DBCCF0E556}
2014-02-01 12:44 - 2014-02-01 12:44 - 00000856 _____ () C:\Users\Marco\Desktop\checkup.txt
2014-02-01 12:40 - 2013-10-05 21:19 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-01 12:21 - 2013-10-05 23:05 - 00000000 ____D () C:\Program Files (x86)\WinTV
2014-02-01 11:25 - 2013-10-05 19:21 - 01723196 _____ () C:\Windows\WindowsUpdate.log
2014-02-01 11:25 - 2009-07-14 18:58 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-02-01 11:25 - 2009-07-14 18:58 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-02-01 11:25 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-01 11:24 - 2014-02-01 11:24 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-01 11:22 - 2014-02-01 11:22 - 00987425 _____ () C:\Users\Marco\Downloads\SecurityCheck.exe
2014-02-01 11:21 - 2014-02-01 11:21 - 02347384 _____ (ESET) C:\Users\Marco\Downloads\esetsmartinstaller_enu.exe
2014-02-01 10:36 - 2014-01-07 09:55 - 00000000 ____D () C:\Users\Marco\AppData\Local\Box Sync
2014-02-01 10:01 - 2009-07-14 05:45 - 00017568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-01 10:01 - 2009-07-14 05:45 - 00017568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-01 09:54 - 2013-10-25 10:37 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dropbox
2014-02-01 09:54 - 2013-10-05 21:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-01 09:54 - 2013-10-05 21:19 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-01 09:54 - 2013-10-05 21:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-01 09:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-01 09:54 - 2009-07-14 05:51 - 00045515 _____ () C:\Windows\setupact.log
2014-01-31 12:58 - 2014-01-28 19:24 - 00029801 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ () C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ () C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ () C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:50 - 2014-01-31 12:48 - 00000000 ____D () C:\AdwCleaner
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ () C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-30 14:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-30 14:28 - 2014-01-30 14:26 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:34 - 2014-01-30 12:23 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ () C:\ComboFix.txt
2014-01-30 11:22 - 2014-01-30 11:17 - 00000000 ____D () C:\Qoobox
2014-01-30 11:21 - 2014-01-30 11:17 - 00000000 ____D () C:\Windows\erdnt
2014-01-30 11:21 - 2013-10-05 22:29 - 00112978 _____ () C:\Windows\PFRO.log
2014-01-30 11:21 - 2009-07-14 03:34 - 66846720 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 21495808 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-30 10:10 - 2014-01-30 10:08 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 21:41 - 2013-10-10 13:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\vlc
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ () C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ () C:\Users\Marco\defogger_reenable
2014-01-28 19:22 - 2013-10-05 19:21 - 00000000 ____D () C:\Users\Marco
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ () C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ () C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:35 - 2014-01-28 17:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D () C:\Users\Marco\Downloads\antimal ware
2014-01-23 22:57 - 2014-01-22 17:59 - 00000000 ____D () C:\Users\Marco\Documents\StarCraft II
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 19:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-22 18:15 - 2014-01-22 17:59 - 00000845 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 18:15 - 2014-01-22 17:59 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-01-22 18:11 - 2014-01-22 18:09 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:57 - 2014-01-22 17:48 - 00000000 ____D () C:\ProgramData\Battle.net
2014-01-17 08:17 - 2013-10-25 10:39 - 00000979 _____ () C:\Users\Marco\Desktop\Dropbox.lnk
2014-01-17 08:17 - 2013-10-25 10:37 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 08:17 - 2013-10-05 19:21 - 00000000 ___RD () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 15:34 - 2009-07-14 05:45 - 00446264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:52 - 2013-10-05 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 09:51 - 2013-10-05 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:56 - 2013-11-04 14:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-07 16:13 - 2013-11-03 17:35 - 00000000 ____D () C:\Users\Marco\Documents\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-01-07 13:51 - 2014-01-07 13:50 - 00005604 _____ () C:\Windows\system32\lvcoinst.log
2014-01-07 13:50 - 2013-10-06 15:19 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ () C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D () C:\Users\Marco\Documents\My Box Files
2014-01-07 09:10 - 2013-10-10 13:26 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 17:31 - 2013-10-06 11:30 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-04 14:19 - 2013-10-05 21:19 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-04 14:19 - 2013-10-05 21:19 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\log4net.dll
C:\Users\Marco\AppData\Local\Temp\Quarantine.exe
C:\Users\Marco\AppData\Local\Temp\SyncRestarter.exe
C:\Users\Marco\AppData\Local\Temp\sync_upgrader.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 19:04
==================== End Of Log ============================
--- --- --- |
|
02.02.2014, 06:43
| #10 | |
| /// the machine /// TB-Ausbilder | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames InternetZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.02.2014, 10:18
| #11 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet das ist so korrekt. ich werde den laptop aber die Tage nochmal eischalten und das überprüfen, ob auch dort die Verbindung schlecht ist. |
|
03.02.2014, 10:40
| #12 |
| /// the machine /// TB-Ausbilder | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Ja bitte. Wenn 2 Rechner das Problem haben sind es definitiv nicht die Rechner.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.02.2014, 19:48
| #13 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet aaaalso: Laptop eingeschalten, erstmal updates installiert über wlan - lief wunderbar schnell -kabel angeschlossen, speedtest gemacht - volle bandbreite aufm Laptop während der rechner, der probleme macht 10 sekunden davor nict mal 0,5mbit download zusammengebracht hat. Speedtest aus Interesse aufm Laptop auch über wlan gemacht - alles super. Dann: Kabel an Problem-Rechner angeschlossen: Ping 204ms, Down:3Mbps, Up: 0,37 Mbps Laptop war noch an: vergleichsweise Speedcheck über wlan dort nochmal gemacht: Ping: 457ms, Down: 0,63Mbps, Up: 0,20Mbps Nächster Speedcheck am Problemrechner obwohl Windows Updates gezogen hat: Ping: 69ms, Down: 4,64Mbps, Up: 0,58Mbps und beim Laptop ähnlich schnell. Ich könnt die ganze Zeit so weitermachen... Als der Techniker hier war hat er seinen Rechner über LAN angeschlossen und die Verbindung war sofort mit voller Bandbreite vorhanden, wie es eigentlich auch sein sollte. Wie gesagt: beim Problemrechner ist es am schlechtesten, wenn er neugestartet wird. zu allem Überfluss gabs jetzt auch noch einen Bluescreen  - bei Bedarf kann ich die Infos dazu mit BlueScreenViewer auslesen und hochladen.Achja apropos Neustart: Die Bandbreite ist seitdem wieder unterirdisch: Ping 1055ms, Down:0,12Mbps, Up:0,15Mbps |
|
04.02.2014, 13:44
| #14 |
| /// the machine /// TB-Ausbilder | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet Ja, Infos von Bluescreenview bitte posten. WLAN intern oder extern am Problemrechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.02.2014, 20:11
| #15 |
| | Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet hier ein screenshot von bluescreen viewer. Grafiktreiber habe ich danach aktualisiert, da ich bemerkt habe, dass es ein update gibt. alle anderen treiber sind aktuell. dachte dass es vielleicht am directx liegt. wlan am problemrechner ist extern über einen usb-dongle. wlan am laptop ist intern. |
|
| Themen zu Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet |
| anleitung, avast, bandbreite, check, dsl, durchgeführt, gen, guten, herzlichen, internet, konfigurationen, lan, langsames internet, laptop, logfiles, probleme, prüfung, router, scan, super, system, virenscan, wirklich, wlan, woche, zusammen |
Linear-Darstellung
