Hi

Es handelt sich um diesen Theard: http://www.trojaner-board.de/157721-...ml#post1346143

Defogger :

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:50 on 17/08/2014 (Nico)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

( Es kam keine Fehlermeldung einfach nur auf Ok danach kam nichts mehr)

FRST:




FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Nico (administrator) on NICO-PC on 17-08-2014 21:41:11
Running from C:\Users\Nico\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Nico\Downloads\Defogger.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6342688 2008-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-935688326-224242284-775663105-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-935688326-224242284-775663105-1000\...\MountPoints2: {4a62342d-25de-11e4-9ae3-000ffe725fba} - E:\pushinst.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D891BEABDB4CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\4lvwu4yt.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\4lvwu4yt.default\Extensions\ich@maltegoetz.de [2014-07-11]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\4lvwu4yt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-11]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-13]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-10] (AVAST Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2014-08-10] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [329968 2014-08-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-07-19] (Sony Mobile Communications)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 21:41 - 2014-08-17 21:41 - 00008950 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-08-17 21:41 - 2014-08-17 21:41 - 00000000 ____D () C:\FRST
2014-08-17 21:39 - 2014-08-17 21:40 - 02101760 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-08-17 21:38 - 2014-08-17 21:40 - 00000470 _____ () C:\Users\Nico\Downloads\defogger_disable.log
2014-08-17 21:38 - 2014-08-17 21:38 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2014-08-17 21:38 - 2014-08-17 21:38 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2014-08-17 13:23 - 2014-08-17 13:23 - 00001902 _____ () C:\Users\Nico\Desktop\Kaspersky Internet Security 2014 - CHIP Downloader.lnk
2014-08-17 13:19 - 2014-08-17 13:20 - 01101648 _____ () C:\Users\Nico\Downloads\Kaspersky Internet Security 2014 - CHIP-Installer.exe
2014-08-17 12:46 - 2014-08-17 13:14 - 01101648 _____ () C:\Users\Nico\Downloads\HijackThis - CHIP-Installer.exe
2014-08-17 09:43 - 2014-08-17 09:43 - 00000000 ____D () C:\Users\Nico\AVM_Driver
2014-08-16 15:35 - 2014-08-16 15:35 - 00000000 ____D () C:\Users\Nico\aTubeCatcher
2014-08-16 15:31 - 2014-08-17 12:13 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-08-16 15:31 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2014-08-16 15:28 - 2014-08-16 15:30 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher(1).exe
2014-08-16 15:25 - 2014-08-16 15:27 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher.exe
2014-08-13 15:50 - 2014-06-27 00:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 15:50 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 15:50 - 2014-06-27 00:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 15:50 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 15:50 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 15:50 - 2014-06-27 00:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 15:50 - 2014-06-06 06:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 15:50 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-12 20:37 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-12 20:37 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-12 20:37 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-12 20:37 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-12 20:37 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-12 20:37 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-12 20:37 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-12 20:37 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-12 20:37 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-12 20:37 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-12 20:37 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-12 20:37 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-12 20:37 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-12 20:37 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-12 20:37 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-12 20:37 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-12 20:37 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-12 20:37 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-12 20:37 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-12 20:37 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-12 20:37 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-12 20:37 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-12 20:37 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-12 20:37 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-12 20:36 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-12 20:36 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-12 20:36 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-12 20:36 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-12 20:36 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-12 20:36 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-12 20:36 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-12 20:36 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-12 20:35 - 2014-07-25 06:27 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-12 20:35 - 2014-07-25 06:18 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-12 20:35 - 2014-07-25 05:15 - 02781696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-12 20:35 - 2014-06-14 02:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-12 20:35 - 2014-06-14 02:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-12 20:28 - 2014-07-08 03:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-12 20:28 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-12 20:28 - 2014-06-02 23:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-12 20:28 - 2014-06-02 23:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-12 20:28 - 2014-06-02 23:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-12 20:28 - 2014-06-02 23:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-12 20:28 - 2014-06-02 22:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-12 20:28 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-12 20:28 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-12 20:28 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-10 14:41 - 2014-08-10 14:41 - 366111132 _____ () C:\Windows\MEMORY.DMP
2014-08-10 14:41 - 2014-08-10 14:41 - 00270376 _____ () C:\Windows\Minidump\Mini081014-01.dmp
2014-08-10 14:41 - 2014-08-10 14:41 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 13:01 - 2014-08-10 13:01 - 00001835 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-10 13:00 - 2014-08-10 12:59 - 00329968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-08-10 13:00 - 2014-08-10 12:59 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-10 12:59 - 2014-08-10 12:59 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-07-31 17:25 - 2014-07-31 17:25 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000888 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 17:16 - 2014-07-29 18:40 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\.minecraft
2014-07-25 17:13 - 2014-07-25 19:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-25 17:13 - 2014-07-25 17:13 - 00000000 ____D () C:\ProgramData\Sun
2014-07-25 00:29 - 2014-08-17 19:01 - 00003584 _____ () C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-23 15:50 - 2014-07-31 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 18:06 - 2014-07-21 18:06 - 00000000 ____D () C:\Program Files (x86)\Hama
2014-07-21 18:06 - 2009-02-05 02:49 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-07-19 17:19 - 2014-07-19 17:19 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-07-19 17:19 - 2014-07-19 17:19 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2014-07-19 17:19 - 2014-07-19 17:19 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-07-19 17:17 - 2014-07-20 18:46 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-07-19 17:17 - 2014-07-20 18:46 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-07-19 17:10 - 2014-07-19 18:35 - 00207970 _____ () C:\Windows\DPINST.LOG
2014-07-18 15:55 - 2014-07-18 16:02 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 21:41 - 2014-08-17 21:41 - 00008950 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-08-17 21:41 - 2014-08-17 21:41 - 00000000 ____D () C:\FRST
2014-08-17 21:40 - 2014-08-17 21:39 - 02101760 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-08-17 21:40 - 2014-08-17 21:38 - 00000470 _____ () C:\Users\Nico\Downloads\defogger_disable.log
2014-08-17 21:38 - 2014-08-17 21:38 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2014-08-17 21:38 - 2014-08-17 21:38 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2014-08-17 21:38 - 2014-07-11 03:02 - 00000000 ____D () C:\Users\Nico
2014-08-17 21:32 - 2014-07-11 03:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 20:42 - 2006-11-02 17:22 - 00005616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 20:42 - 2006-11-02 17:22 - 00005616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 20:07 - 2014-07-11 03:23 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Skype
2014-08-17 19:46 - 2006-11-02 17:27 - 01999120 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 19:41 - 2014-07-15 14:16 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\TS3Client
2014-08-17 19:01 - 2014-07-25 00:29 - 00003584 _____ () C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-17 18:48 - 2014-07-11 03:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-17 18:48 - 2006-11-02 20:56 - 00673264 _____ () C:\Windows\system32\perfh007.dat
2014-08-17 18:48 - 2006-11-02 20:56 - 00145082 _____ () C:\Windows\system32\perfc007.dat
2014-08-17 18:48 - 2006-11-02 14:46 - 01564930 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 18:46 - 2014-07-11 03:39 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-17 18:46 - 2014-07-11 03:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-17 18:46 - 2014-07-11 03:39 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-17 18:42 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 18:39 - 2006-11-02 17:42 - 00028090 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-17 13:23 - 2014-08-17 13:23 - 00001902 _____ () C:\Users\Nico\Desktop\Kaspersky Internet Security 2014 - CHIP Downloader.lnk
2014-08-17 13:20 - 2014-08-17 13:19 - 01101648 _____ () C:\Users\Nico\Downloads\Kaspersky Internet Security 2014 - CHIP-Installer.exe
2014-08-17 13:14 - 2014-08-17 12:46 - 01101648 _____ () C:\Users\Nico\Downloads\HijackThis - CHIP-Installer.exe
2014-08-17 12:13 - 2014-08-16 15:31 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-08-17 09:43 - 2014-08-17 09:43 - 00000000 ____D () C:\Users\Nico\AVM_Driver
2014-08-16 15:35 - 2014-08-16 15:35 - 00000000 ____D () C:\Users\Nico\aTubeCatcher
2014-08-16 15:33 - 2014-07-11 03:03 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-08-16 15:30 - 2014-08-16 15:28 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher(1).exe
2014-08-16 15:27 - 2014-08-16 15:25 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher.exe
2014-08-15 14:50 - 2014-07-11 14:01 - 00008750 _____ () C:\Windows\PFRO.log
2014-08-15 14:14 - 2014-07-11 14:09 - 00003880 _____ () C:\Windows\system32\spsys.log
2014-08-13 17:40 - 2014-07-11 12:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-13 16:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-08-13 16:33 - 2006-11-02 17:21 - 00228600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 16:08 - 2014-07-11 15:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 16:06 - 2006-11-02 14:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-11 17:15 - 2014-07-11 03:23 - 00000000 ____D () C:\ProgramData\Skype
2014-08-10 14:41 - 2014-08-10 14:41 - 366111132 _____ () C:\Windows\MEMORY.DMP
2014-08-10 14:41 - 2014-08-10 14:41 - 00270376 _____ () C:\Windows\Minidump\Mini081014-01.dmp
2014-08-10 14:41 - 2014-08-10 14:41 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 13:01 - 2014-08-10 13:01 - 00001835 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-10 13:01 - 2014-07-11 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-10 12:59 - 2014-08-10 13:00 - 00329968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-08-10 12:59 - 2014-08-10 13:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-10 12:59 - 2014-08-10 12:59 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-07-31 17:25 - 2014-07-31 17:25 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000888 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 17:25 - 2014-07-23 15:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:40 - 2014-07-25 17:16 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\.minecraft
2014-07-26 00:07 - 2014-07-11 04:07 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-25 19:56 - 2014-07-25 17:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-25 18:53 - 2014-07-15 14:28 - 00000097 _____ () C:\Users\Nico\AppData\Roaming\LauncherSettings_live.cfg
2014-07-25 17:13 - 2014-07-25 17:13 - 00000000 ____D () C:\ProgramData\Sun
2014-07-25 06:27 - 2014-08-12 20:35 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-25 06:18 - 2014-08-12 20:35 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 05:15 - 2014-08-12 20:35 - 02781696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-24 21:28 - 2014-08-12 20:37 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 21:12 - 2014-08-12 20:37 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 21:10 - 2014-08-12 20:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 21:07 - 2014-08-12 20:37 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 21:06 - 2014-08-12 20:37 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 21:05 - 2014-08-12 20:37 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 21:05 - 2014-08-12 20:37 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 21:05 - 2014-08-12 20:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 21:04 - 2014-08-12 20:36 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 21:03 - 2014-08-12 20:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 21:03 - 2014-08-12 20:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 21:02 - 2014-08-12 20:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 20:07 - 2014-08-12 20:37 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-24 19:58 - 2014-08-12 20:37 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-24 19:57 - 2014-08-12 20:36 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-24 19:52 - 2014-08-12 20:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 19:51 - 2014-08-12 20:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-24 19:51 - 2014-08-12 20:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-24 19:50 - 2014-08-12 20:37 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-24 19:50 - 2014-08-12 20:37 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-24 19:49 - 2014-08-12 20:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-24 19:49 - 2014-08-12 20:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-24 19:49 - 2014-08-12 20:36 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-24 19:49 - 2014-08-12 20:36 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-24 19:49 - 2014-08-12 20:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-24 19:48 - 2014-08-12 20:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-24 19:48 - 2014-08-12 20:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-24 19:48 - 2014-08-12 20:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-24 19:47 - 2014-08-12 20:37 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-21 18:06 - 2014-07-21 18:06 - 00000000 ____D () C:\Program Files (x86)\Hama
2014-07-21 18:06 - 2014-07-11 22:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-20 18:46 - 2014-07-19 17:17 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-07-20 18:46 - 2014-07-19 17:17 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-07-19 18:35 - 2014-07-19 17:10 - 00207970 _____ () C:\Windows\DPINST.LOG
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-07-19 17:19 - 2014-07-19 17:19 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-07-19 17:19 - 2014-07-19 17:19 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2014-07-19 17:19 - 2014-07-19 17:19 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-07-18 16:02 - 2014-07-18 15:55 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 18:47

==================== End Of Log ============================
         

--- --- ---


Addition:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Nico at 2014-08-17 21:42:39
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
ATI AVIVO64 Codecs (Version: 11.1.0.50406 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{9009C23D-3A54-DA44-4524-5E2250CE152F}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0406.2133.36843 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help English (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help French (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help German (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0406.2133.36843 - ATI) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5645 - Realtek Semiconductor Corp.)
Skins (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-07-2014 11:57:12 Windows Update
19-07-2014 15:10:09 Sony PC Companion
19-07-2014 15:18:53 Installed Sony Mobile Drivers
19-07-2014 16:33:59 Sony PC Companion
20-07-2014 19:11:43 Geplanter Prüfpunkt
21-07-2014 15:17:40 Geplanter Prüfpunkt
21-07-2014 16:06:35 Installiert Hama Wireless LAN Adapter
21-07-2014 18:35:22 Installiert Hama Wireless LAN Adapter
22-07-2014 10:29:06 Geplanter Prüfpunkt
22-07-2014 12:48:21 Windows Update
25-07-2014 15:10:31 Installed Java 7 Update 65
25-07-2014 15:17:07 Removed Java 7 Update 65
25-07-2014 17:53:47 Installed Java 7 Update 65
27-07-2014 13:16:42 Geplanter Prüfpunkt
28-07-2014 20:54:29 Geplanter Prüfpunkt
29-07-2014 08:38:15 Windows Update
30-07-2014 18:09:14 Geplanter Prüfpunkt
31-07-2014 15:08:41 Removed Java 7 Update 65
31-07-2014 15:10:30 Removed Java 7 Update 65
01-08-2014 12:57:48 Windows Update
04-08-2014 15:09:58 Geplanter Prüfpunkt
05-08-2014 13:33:20 Windows Update
06-08-2014 15:41:25 Geplanter Prüfpunkt
10-08-2014 10:54:07 avast! antivirus system restore point
10-08-2014 11:00:30 Gerätetreiber-Paketinstallation: ALWIL Software Netzwerkdienst
12-08-2014 18:18:10 Windows Update
13-08-2014 13:46:44 Windows Update
15-08-2014 12:57:28 Installiert Hama Wireless LAN Adapter
15-08-2014 13:04:57 Windows Update
16-08-2014 09:24:16 Geplanter Prüfpunkt
17-08-2014 08:21:43 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01930737-A65B-45E6-AF6D-9B9D2380949A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {14F21DCD-FDA1-48F5-BB0B-9E895AC3A17C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4E946E6C-49EC-4FD9-8F58-EB5AF1752C5D} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {5040BA28-B793-48BE-B106-7236CAC69250} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {604FB42A-ABB3-4255-AE0E-6E8B89547189} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {ABE1E530-7390-424C-8C0F-282F6A02AA75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {FF7B43F9-E7FC-4592-B99A-B8BA876E0AB1} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Loaded Modules (whitelisted) =============

2014-07-11 14:25 - 2010-04-07 09:22 - 00026112 _____ () C:\Windows\system32\atitmp64.dll
2010-01-08 14:15 - 2010-01-08 14:15 - 01552384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-07-11 14:32 - 2014-07-11 14:32 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-17 21:38 - 2014-08-17 21:38 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2014-07-11 12:47 - 2014-07-11 12:47 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-17 09:17 - 2014-08-17 09:17 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081700\algo.dll
2014-08-17 21:41 - 2014-08-17 21:41 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081701\algo.dll
2014-07-11 12:47 - 2014-07-11 12:47 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-11 03:47 - 2014-08-14 00:31 - 02144448 _____ () C:\Program Files (x86)\Steam\video.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-07-11 03:47 - 2014-07-31 05:47 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-07-11 03:47 - 2014-08-14 00:30 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.dll
2014-07-11 03:47 - 2014-08-13 08:27 - 34587328 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 17:08 - 2014-08-13 08:27 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-07-31 17:25 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-17 18:46 - 2014-08-17 18:46 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2014 05:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 31.0.0.5310, Zeitstempel 0x53c75e91, fehlerhaftes Modul mozalloc.dll, Version 31.0.0.5310, Zeitstempel 0x53c72e91, Ausnahmecode 0x80000003, Fehleroffset 0x0000141b,
Prozess-ID 0x1ec, Anwendungsstartzeit plugin-container.exe0.

Error: (08/17/2014 05:18:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 12f0
Anfangszeit: 01cfba2e30827bc4
Zeitpunkt der Beendigung: 19

Error: (08/16/2014 10:42:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 173c
Anfangszeit: 01cfb98c234b8e35
Zeitpunkt der Beendigung: 45


System errors:
=============
Error: (08/17/2014 00:52:53 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "TOBI",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{5C34AC46-597A-4E4D-A765-23057A77A24E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/16/2014 11:39:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU

Error: (08/16/2014 10:24:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU

Error: (08/15/2014 05:10:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Steam Client Service%%1053

Error: (08/15/2014 05:10:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Steam Client Service

Error: (08/15/2014 02:58:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Realtek11nSU

Error: (08/15/2014 02:16:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU

Error: (08/14/2014 08:14:45 PM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "NICO-PC        :20" konnte nicht auf der Schnittstelle mit IP-Adresse 0.0.0.0
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (08/14/2014 08:14:45 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{83ECF501-D64A-47C0-BC69-944950BDCA1E} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (08/14/2014 06:10:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU


Microsoft Office Sessions:
=========================
Error: (08/17/2014 05:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b1ec01cfba2e4005bc64

Error: (08/17/2014 05:18:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.531012f001cfba2e30827bc419

Error: (08/16/2014 10:42:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: csgo.exe0.0.0.0173c01cfb98c234b8e3545


CodeIntegrity Errors:
===================================
  Date: 2014-07-11 16:13:38.844
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Nico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.764
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Nico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.308
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.214
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.00GHz
Percentage of memory in use: 65%
Total physical RAM: 3062.5 MB
Available physical RAM: 1068.23 MB
Total Pagefile: 6345.28 MB
Available Pagefile: 3965.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:352.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 4BCE3C8A)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

HijackThis

Code: Alles auswählenAufklappen

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:50:28, on 17.08.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_14_0_0_145.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Nico\AppData\Local\Temp\DMR\Downloads\fc1 4996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fe e276ba88bb81\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6099 bytes
         

Gmer:

hi,

also wenn irgend ein Rechner im Netz on is geht bei dir nix mehr?


Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset IE Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size
• List Minidump Files

Klicke Go und poste den Inhalt der Result.txt.

Mein pc braucht jetzt auch noch egeig zum hochfahren . sind da denn irgendwleche vieren zu erkkenn?

werde das ergbniss gleich editieren schreibe gerade mit handy

Code: Alles auswählenAufklappen

ATTFilter

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Nico (administrator) on 18-08-2014 at 16:21:13
Running from "C:\Users\Nico\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel(R) 82566DM-Gigabit-Netzwerkverbindung = LAN-Verbindung (Connected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : Nico-PC
   Prim�res DNS-Suffix . . . . . . . : 
   Knotentyp . . . . . . . . . . . . : Hybrid
   IP-Routing aktiviert  . . . . . . : Nein
   WINS-Proxy aktiviert  . . . . . . : Nein
   DNS-Suffixsuchliste . . . . . . . : Speedport_W_724V_Typ_A_05011602_00_001

Ethernet-Adapter LAN-Verbindung:

   Verbindungsspezifisches DNS-Suffix: Speedport_W_724V_Typ_A_05011602_00_001
   Beschreibung. . . . . . . . . . . : Intel(R) 82566DM-Gigabit-Netzwerkverbindung
   Physikalische Adresse . . . . . . : 00-0F-FE-72-5F-BA
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   IPv6-Adresse. . . . . . . . . . . : 2003:4d:2f08:7912:8865:aff4:6311:ea3c(Bevorzugt) 
   Tempor�re IPv6-Adresse. . . . . . : 2003:4d:2f08:7912:c446:8490:bc48:ca22(Bevorzugt) 
   Verbindungslokale IPv6-Adresse  . : fe80::8865:aff4:6311:ea3c%8(Bevorzugt) 
   IPv4-Adresse  . . . . . . . . . . : 192.168.2.101(Bevorzugt) 
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Lease erhalten. . . . . . . . . . : Montag, 18. August 2014 15:58:35
   Lease l�uft ab. . . . . . . . . . : Montag, 8. September 2014 15:58:34
   Standardgateway . . . . . . . . . : fe80::1%8
                                       192.168.2.1
   DHCP-Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6-IAID . . . . . . . . . . . : 201330686
   DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-90-AA-DC-15-00-0F-FE-72-5F-BA
   DNS-Server  . . . . . . . . . . . : fe80::1%8
                                       192.168.2.1
   NetBIOS �ber TCP/IP . . . . . . . : Aktiviert

Tunneladapter LAN-Verbindung* 10:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: Speedport_W_724V_Typ_A_05011602_00_001
   Beschreibung. . . . . . . . . . . : isatap.Speedport_W_724V_Typ_A_05011602_00_001
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja

Tunneladapter LAN-Verbindung* 2:

   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physikalische Adresse . . . . . . : 02-00-54-55-4E-01
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
   IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:6ab8:2877:1270:3f57:fd9a(Bevorzugt) 
   Verbindungslokale IPv6-Adresse  . : fe80::2877:1270:3f57:fd9a%9(Bevorzugt) 
   Standardgateway . . . . . . . . . : 
   NetBIOS �ber TCP/IP . . . . . . . : Deaktiviert
Server:  Speedport.ip
Address:  fe80::1

Name:    google.com
Addresses:  2a00:1450:4001:80c::1008
	  173.194.116.98
	  173.194.116.100
	  173.194.116.99
	  173.194.116.101
	  173.194.116.97
	  173.194.116.96
	  173.194.116.104
	  173.194.116.102
	  173.194.116.110
	  173.194.116.105
	  173.194.116.103



Ping wird ausgef�hrt f�r google.com [2a00:1450:4001:80c::1008] von 2003:4d:2f08:7912:c446:8490:bc48:ca22 mit 32 Bytes Daten:

Antwort von 2a00:1450:4001:80c::1008: Zeit=33ms 

Antwort von 2a00:1450:4001:80c::1008: Zeit=32ms 



Ping-Statistik f�r 2a00:1450:4001:80c::1008:

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),

Ca. Zeitangaben in Millisek.:

    Minimum = 32ms, Maximum = 33ms, Mittelwert = 32ms

Server:  Speedport.ip
Address:  fe80::1

Name:    yahoo.com
Addresses:  98.138.253.109
	  206.190.36.45
	  98.139.183.24



Ping wird ausgef�hrt f�r yahoo.com [206.190.36.45] mit 32 Bytes Daten:

Antwort von 206.190.36.45: Bytes=32 Zeit=199ms TTL=49

Antwort von 206.190.36.45: Bytes=32 Zeit=197ms TTL=49



Ping-Statistik f�r 206.190.36.45:

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),

Ca. Zeitangaben in Millisek.:

    Minimum = 197ms, Maximum = 199ms, Mittelwert = 198ms



Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten:

Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128



Ping-Statistik f�r 127.0.0.1:

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),

Ca. Zeitangaben in Millisek.:

    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms

===========================================================================
Schnittstellenliste
  8 ...00 0f fe 72 5f ba ...... Intel(R) 82566DM-Gigabit-Netzwerkverbindung
  1 ........................... Software Loopback Interface 1
 19 ...00 00 00 00 00 00 00 e0  isatap.Speedport_W_724V_Typ_A_05011602_00_001
  9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.101     10
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
      192.168.2.0    255.255.255.0   Auf Verbindung     192.168.2.101    266
    192.168.2.101  255.255.255.255   Auf Verbindung     192.168.2.101    266
    192.168.2.255  255.255.255.255   Auf Verbindung     192.168.2.101    266
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung     192.168.2.101    266
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung     192.168.2.101    266
===========================================================================
St�ndige Routen:
  Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
  8     26 ::/0                     fe80::1
  1    306 ::1/128                  Auf Verbindung
  9     18 2001::/32                Auf Verbindung
  9    266 2001:0:9d38:6ab8:2877:1270:3f57:fd9a/128
                                    Auf Verbindung
  8     18 2003:4d:2f08:7912::/64   Auf Verbindung
  8    266 2003:4d:2f08:7912:8865:aff4:6311:ea3c/128
                                    Auf Verbindung
  8    266 2003:4d:2f08:7912:c446:8490:bc48:ca22/128
                                    Auf Verbindung
  8    266 fe80::/64                Auf Verbindung
  9    266 fe80::/64                Auf Verbindung
  9    266 fe80::2877:1270:3f57:fd9a/128
                                    Auf Verbindung
  8    266 fe80::8865:aff4:6311:ea3c/128
                                    Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
  9    266 ff00::/8                 Auf Verbindung
  8    266 ff00::/8                 Auf Verbindung
===========================================================================
St�ndige Routen:
  Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (01/01/1970 02:00:00 AM) (Source: Service Control Manager) (User: )
Description: avast! Antivirus150001Neustart des Diensts


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-07-11 16:13:38.844
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Nico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.764
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Nico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.308
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.214
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.



=========================== Installed Programs ============================
ATI AVIVO64 Codecs (Version: 11.1.0.50406 - ATI Technologies Inc.) Hidden
ATI AVIVO64 Codecs (x32 Version: 11.1.0.50406 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{9009C23D-3A54-DA44-4524-5E2250CE152F}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
ATI Catalyst Install Manager (HKLM-x32\...\{9009C23D-3A54-DA44-4524-5E2250CE152F}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
ccc-utility64 (Version: 2010.0406.2133.36843 - ATI) Hidden
ccc-utility64 (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM-x32\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM-x32\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM-x32\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinRAR 5.10 (64-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 3062.5 MB
Available physical RAM: 1635.01 MB
Total Pagefile: 6343.28 MB
Available Pagefile: 4593.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 4004.25 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:352.29 GB) NTFS

========================= Users: ========================================

Benutzerkonten f�r \\NICO-PC

Administrator            Gast                     Nico                     
Der Befehl wurde erfolgreich ausgef�hrt.

========================= Minidump Files ==================================

C:\Windows\Minidump\Mini081014-01.dmp

**** End of log ****
         

zu sehen is noch nix.

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.08.19.08

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Nico :: NICO-PC [administrator]

19.08.2014 19:25:17
mbar-log-2014-08-19 (19-25-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 285962
Time elapsed: 13 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

TDSSKiller hat nichts gefunden

Da is nix

Woran könnte das liegen ich hab das bei Lan und bei Wlan, könnte es an einen treiber liegen ?

Router schon mal 30 min vom Strom getrennt?

Nop werde ich abends mal machen melde mich dann wieder

ok