Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7: Malware blockiert Internet

Windows 7: Malware blockiert Internet


Plagegeister aller Art und deren Bekämpfung: Windows 7: Malware blockiert Internet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.01.2015, 19:28   #1
Nothing
 
Windows 7: Malware blockiert Internet - Standard

Windows 7: Malware blockiert Internet


Hallo liebe Leser,

Ich habe jetzt seit einiger Zeit folgendes Problem: In unregelmäßigen Abständen habe ich keinen Zugriff aufs Internet mehr. Das gilt sowohl für den Browser als auch für Programme die eine Internetverbindung benötigen. Auffällig ist, das mir teilweise in der Taskleiste angezeigt wird ich hätte Internetzugriff. Dann wird teilweise angezeigt das momentan die Netzwerkidentifizierung wäre und dann teilweise das ich einfach kein Internet habe.

Durch das wiederholte Eintreten zu scheinbar zufälligen Zeiten tippe ich mal auf Malware. Habe sowohl Malwarebytes als auch Avast durchlaufen lassen, jedoch hat das nicht geholfen. Ich habe mich mal im Internet schlau gemacht und festgestellt das häufig nach OTL Logs gefragt wird und mir OTL gedownloadet (falls das überhaupt benötigt wird), allerdings habe ich keine Ahnung welche Einstellungen ich wählen soll.

Hier sind die Logfiles die angehängt werden sollten:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-02 19:51:27
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000063 TOSHIBA_ rev.MS2O 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\uwldapob.sys


---- User code sections - GMER 2.1 ----

.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe[1916] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\rundll32.exe[4764] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 4                                    0000000070e013b0 2 bytes JMP 75ae5660 C:\Windows\syswow64\SHELL32.dll
.text  C:\Windows\SysWOW64\rundll32.exe[4764] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 20                                   0000000070e013c0 2 bytes CALL 74a99cee C:\Windows\syswow64\msvcrt.dll
.text  ...                                                                                                                             * 20
.text  C:\Windows\SysWOW64\rundll32.exe[4764] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 22                                   0000000070e0153e 2 bytes CALL 75b7777c C:\Windows\syswow64\SHELL32.dll
.text  C:\Windows\SysWOW64\rundll32.exe[4764] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 43                                   0000000070e01553 2 bytes CALL 74be10ff C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17              00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17              00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42              00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                 00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17          00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                 00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17          00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                     00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17              00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                   00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17              00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20          00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe[6060] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31          00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17           00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17             00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17           00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42           00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17              00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17       00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17              00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17       00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17             00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                  00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17           00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17             00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17             00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17           00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20       00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2800] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31       00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17           00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17             00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17           00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42           00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17              00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17       00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17              00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17       00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17             00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                  00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17           00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17             00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17             00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17           00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20       00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[2244] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31       00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17           00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17             00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17           00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42           00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17              00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17       00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17              00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17       00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17             00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                  00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17           00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17             00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17             00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17           00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20       00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31       00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17           00000000752a1401 2 bytes JMP 74c0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17             00000000752a1419 2 bytes JMP 74c0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17           00000000752a1431 2 bytes JMP 74c88ea9 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42           00000000752a144a 2 bytes CALL 74be48ad C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                             * 9
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17              00000000752a14dd 2 bytes JMP 74c887a2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17       00000000752a14f5 2 bytes JMP 74c88978 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17              00000000752a150d 2 bytes JMP 74c88698 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17       00000000752a1525 2 bytes JMP 74c88a62 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17             00000000752a153d 2 bytes JMP 74bffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                  00000000752a1555 2 bytes JMP 74c068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17           00000000752a156d 2 bytes JMP 74c88f61 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17             00000000752a1585 2 bytes JMP 74c88ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                00000000752a159d 2 bytes JMP 74c8865c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17             00000000752a15b5 2 bytes JMP 74bffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17           00000000752a15cd 2 bytes JMP 74c0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20       00000000752a16b2 2 bytes JMP 74c88e24 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice 4\program\soffice.bin[3508] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31       00000000752a16bd 2 bytes JMP 74c885f1 C:\Windows\syswow64\kernel32.dll

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters@DhcpDomain                                                              fritz.box
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters@DhcpNameServer                                                          192.168.178.1

---- EOF - GMER 2.1 ----
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:34 on 02/01/2015 (Christopher)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-01-2015
Ran by Christopher (administrator) on DER_PC on 02-01-2015 19:35:04
Running from C:\Users\Christopher\Downloads
Loaded Profile: Christopher (Available profiles: Christopher)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Spotify Ltd) C:\Users\Christopher\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2015-01-01] (AVAST Software)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\...\Run: [Spotify] => C:\Users\Christopher\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\...\Run: [Spotify Web Helper] => C:\Users\Christopher\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Christopher\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\...\MountPoints2: {6990c8e7-e001-11e3-9951-806e6f6e6963} - D:\Run.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2066701334-4051273023-1510138386-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-01]

Chrome: 
=======
CHR HomePage: Profile 2 -> 
CHR StartupUrls: Profile 2 -> "https://www.google.com/"
CHR Profile: C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-05]
CHR Extension: (Google Drive) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-05]
CHR Extension: (GeoGebra) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2014-10-15]
CHR Extension: (Google-Suche) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-05]
CHR Extension: (Avira Browserschutz) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-05]
CHR Extension: (Google Wallet) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-05]
CHR Extension: (Google Mail) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-01] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-01] (Avast Software)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-05-20] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-01] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-01] (Avast Software)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-03] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-03] (VIA Technologies, Inc.)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 19:35 - 2015-01-02 19:35 - 00016792 _____ () C:\Users\Christopher\Downloads\FRST.txt
2015-01-02 19:35 - 2015-01-02 19:35 - 00000000 ____D () C:\FRST
2015-01-02 19:34 - 2015-01-02 19:34 - 00000484 _____ () C:\Users\Christopher\Desktop\defogger_disable.log
2015-01-02 19:33 - 2015-01-02 19:33 - 00000000 _____ () C:\Users\Christopher\defogger_reenable
2015-01-02 19:31 - 2015-01-02 19:31 - 02123264 _____ (Farbar) C:\Users\Christopher\Downloads\FRST64.exe
2015-01-02 19:31 - 2015-01-02 19:31 - 00380416 _____ () C:\Users\Christopher\Downloads\Gmer-19357.exe
2015-01-02 19:31 - 2015-01-02 19:31 - 00050477 _____ () C:\Users\Christopher\Desktop\Defogger.exe
2015-01-02 15:18 - 2015-01-02 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2015-01-01 12:37 - 2015-01-01 12:37 - 00000247 _____ () C:\Windows\system32\2015-01-01-11-37-02.048-aswFe.exe-628.log
2015-01-01 12:36 - 2015-01-01 12:37 - 00000197 _____ () C:\Windows\system32\2015-01-01-11-36-55.084-AvastVBoxSVC.exe-5084.log
2015-01-01 12:29 - 2015-01-01 12:29 - 00000247 _____ () C:\Windows\system32\2015-01-01-11-29-14.001-aswFe.exe-6612.log
2015-01-01 12:29 - 2015-01-01 12:29 - 00000197 _____ () C:\Windows\system32\2015-01-01-11-29-06.059-AvastVBoxSVC.exe-4708.log
2015-01-01 12:26 - 2015-01-01 12:26 - 00000000 ____D () C:\Users\Christopher\Downloads\Update_12_29_14
2015-01-01 12:24 - 2015-01-01 12:24 - 00000000 ____D () C:\Users\Christopher\Downloads\Update_12_30_14
2015-01-01 11:35 - 2015-01-02 16:21 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 11:35 - 2015-01-01 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-01 11:35 - 2015-01-01 11:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-01 11:35 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-01 11:35 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-01 11:35 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-01 11:31 - 2015-01-01 11:31 - 00000247 _____ () C:\Windows\system32\2015-01-01-10-31-08.004-aswFe.exe-4472.log
2015-01-01 11:28 - 2015-01-01 11:28 - 00000247 _____ () C:\Windows\system32\2015-01-01-10-28-34.040-aswFe.exe-5988.log
2015-01-01 11:28 - 2015-01-01 11:28 - 00000197 _____ () C:\Windows\system32\2015-01-01-10-28-27.042-AvastVBoxSVC.exe-3932.log
2015-01-01 11:18 - 2015-01-01 11:18 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\AVAST Software
2015-01-01 11:17 - 2015-01-02 18:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-01 11:17 - 2015-01-01 11:17 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-01 11:17 - 2015-01-01 11:17 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-01 11:17 - 2015-01-01 11:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-01 11:17 - 2015-01-01 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-01 11:14 - 2015-01-01 11:14 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-30 00:12 - 2014-12-30 00:12 - 05515512 _____ () C:\Users\Christopher\Downloads\DaoW 5.1b. Not protected.w3x
2014-12-27 23:47 - 2014-12-27 23:46 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-27 23:46 - 2014-12-27 23:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-27 23:46 - 2014-12-27 23:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-27 23:46 - 2014-12-27 23:46 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-27 23:46 - 2014-12-27 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-27 23:46 - 2014-12-27 23:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-27 23:31 - 2014-12-27 23:31 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-27 23:31 - 2014-12-27 23:31 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-27 22:58 - 2015-01-02 18:39 - 00006928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-27 22:58 - 2015-01-02 18:39 - 00006928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-27 22:58 - 2014-12-27 22:58 - 00000552 _____ () C:\Windows\system32\spsys.log
2014-12-27 21:26 - 2015-01-02 18:29 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-12-27 17:42 - 2014-12-27 17:42 - 00094802 _____ () C:\Users\Christopher\Desktop\Extras.Txt
2014-12-27 14:56 - 2014-12-27 14:56 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 23:27 - 2014-12-29 21:21 - 03480747 _____ () C:\Users\Christopher\Desktop\Azeroth Wars NeGe Alpha 1.w3x
2014-12-19 17:55 - 2014-12-19 19:32 - 00030295 _____ () C:\Users\Christopher\Desktop\Fatales Gewurschtel.odt
2014-12-19 17:51 - 2014-12-19 17:51 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\PDF Architect 2
2014-12-19 17:51 - 2014-12-19 17:51 - 00000000 ____D () C:\Users\Christopher\AppData\Local\pdfforge
2014-12-19 17:48 - 2014-12-19 17:48 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-12-18 17:45 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 17:45 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 16:50 - 2014-12-15 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 16:50 - 2014-12-15 16:50 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-13 11:13 - 2014-12-13 11:13 - 00000000 ____D () C:\ProgramData\ATI
2014-12-13 07:38 - 2014-12-13 07:38 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-13 07:37 - 2014-12-13 07:37 - 00058826 _____ () C:\Windows\SysWOW64\CCCInstall_201412130737515024.log
2014-12-13 07:37 - 2014-12-13 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-11 15:20 - 2014-12-11 15:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 23:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 23:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 16:42 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 16:42 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 16:42 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 16:42 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 16:42 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 16:42 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 16:42 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 16:42 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 16:42 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 16:42 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 16:42 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 16:42 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 16:42 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 16:42 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 16:42 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 16:42 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 16:42 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 16:42 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 16:42 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 16:42 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 16:42 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 16:42 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 16:42 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 16:42 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 16:42 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 16:42 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 16:42 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 16:42 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 16:42 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 16:42 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 16:42 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 16:42 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 16:42 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 16:42 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 16:42 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 16:42 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 16:42 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 16:42 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 16:42 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 16:42 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 16:42 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 16:42 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 16:42 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 16:42 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 16:42 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 16:42 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 16:42 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 16:42 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 16:42 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 16:42 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 16:42 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 16:42 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 16:42 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 16:42 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 16:42 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 16:42 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 16:42 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 16:42 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 16:42 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 16:42 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 16:42 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 16:42 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 16:42 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 16:42 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 16:42 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 16:41 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 16:41 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 16:41 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 16:41 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 16:41 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 16:41 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 16:41 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 16:41 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 16:41 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 16:41 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 16:41 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 16:41 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 16:41 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 16:41 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 18:13 - 2015-01-02 19:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-09 18:13 - 2015-01-01 11:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 22:42 - 2014-12-29 20:49 - 00000349 _____ () C:\Users\Christopher\Desktop\Neues Textdokument.txt
2014-12-05 18:27 - 2014-12-05 18:27 - 00045611 _____ () C:\Users\Christopher\Desktop\luna.w3x
2014-12-03 21:34 - 2014-12-03 21:34 - 00276656 _____ () C:\Windows\Minidump\120314-17019-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 19:33 - 2014-05-20 10:38 - 00000000 ____D () C:\Users\Christopher
2015-01-02 19:04 - 2014-08-25 21:05 - 00000000 ____D () C:\Users\Christopher\AppData\Local\Battle.net
2015-01-02 19:02 - 2014-07-05 21:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-02 18:53 - 2014-05-20 11:06 - 00000000 ___RD () C:\Users\Christopher\Desktop\Wichtiges
2015-01-02 18:35 - 2014-05-20 10:38 - 01852359 _____ () C:\Windows\WindowsUpdate.log
2015-01-02 18:33 - 2014-09-25 17:20 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\Skype
2015-01-02 18:33 - 2014-05-20 14:12 - 00000000 ____D () C:\ProgramData\Origin
2015-01-02 18:32 - 2014-07-14 18:40 - 00000000 ____D () C:\Users\Christopher\AppData\Local\LogMeIn Hamachi
2015-01-02 18:32 - 2014-05-31 20:43 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\Spotify
2015-01-02 18:31 - 2014-07-05 21:43 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-02 18:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-02 18:30 - 2009-07-14 05:51 - 00071877 _____ () C:\Windows\setupact.log
2015-01-02 15:18 - 2014-11-07 20:14 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\Raptr
2015-01-02 15:17 - 2014-11-07 20:14 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-02 15:15 - 2014-05-20 14:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-01 21:15 - 2010-11-21 04:47 - 01681366 _____ () C:\Windows\PFRO.log
2015-01-01 11:35 - 2014-07-10 19:27 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-01 11:35 - 2014-07-10 19:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-01 11:14 - 2014-09-19 15:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-31 17:05 - 2014-05-31 15:52 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-12-30 23:31 - 2014-05-20 11:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-30 18:42 - 2014-05-20 13:18 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\TS3Client
2014-12-29 11:07 - 2014-05-20 11:56 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\.minecraft
2014-12-29 01:04 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-28 23:51 - 2014-05-20 13:10 - 00000000 ____D () C:\Program Files (x86)\Warcraft III
2014-12-27 14:49 - 2014-08-25 21:05 - 00000000 ____D () C:\Users\Christopher\AppData\Roaming\Battle.net
2014-12-27 14:49 - 2014-07-31 19:01 - 00000000 ____D () C:\Users\Christopher\AppData\Local\Akamai
2014-12-27 14:49 - 2014-05-20 11:06 - 00000000 ___RD () C:\Users\Christopher\Desktop\Fun
2014-12-27 14:48 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-27 14:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-15 18:57 - 2014-05-21 14:51 - 00217647 _____ () C:\Windows\DirectX.log
2014-12-15 18:01 - 2014-07-29 18:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-14 21:51 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-14 20:23 - 2014-05-31 20:44 - 00000000 ____D () C:\Users\Christopher\AppData\Local\Spotify
2014-12-14 16:40 - 2014-09-06 20:49 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:31 - 2014-08-25 21:05 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-13 07:38 - 2014-05-20 12:13 - 00000000 ____D () C:\Program Files\AMD
2014-12-13 07:38 - 2014-05-20 12:11 - 00000000 ____D () C:\ProgramData\AMD
2014-12-13 07:36 - 2014-05-20 12:03 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-13 07:35 - 2014-05-20 12:13 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-12-13 07:35 - 2014-05-20 12:10 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-12-13 07:34 - 2014-10-25 23:50 - 00000000 ____D () C:\AMD
2014-12-12 16:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 15:20 - 2014-05-22 17:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 15:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 15:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 23:45 - 2014-05-29 19:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 23:43 - 2014-05-29 19:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-03 21:34 - 2014-05-30 15:52 - 615946550 _____ () C:\Windows\MEMORY.DMP
2014-12-03 21:34 - 2014-05-30 15:52 - 00000000 ____D () C:\Windows\Minidump

Some content of TEMP:
====================
C:\Users\Christopher\AppData\Local\Temp\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe
C:\Users\Christopher\AppData\Local\Temp\avgnt.exe
C:\Users\Christopher\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Christopher\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Christopher\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Christopher\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Christopher\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Christopher\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Christopher\AppData\Local\Temp\tmp373A.exe
C:\Users\Christopher\AppData\Local\Temp\tmpFD22.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 20:32

==================== End Of Log ============================
--- --- ---


Wäre sehr nett wenn man mir helfen könnte.

Liebe Grüße Chris
Geändert von Nothing (02.01.2015 um 19:58 Uhr)

 

Themen zu Windows 7: Malware blockiert Internet
ahnung, avast, benötigt, blockiert, browser, einfach, einstellungen, festgestellt, folge, folgendes, internet, internetverbindung, kein internet, launch, malware, malwarebytes, problem, programme, tan, taskleiste, unregelmäßige, verbindung, windows, windows 7, überhaupt, zugriff


« Verknüpfungen auf USB, lassen sich nicht löschen (WIN8) | Telekom Abuse Team Sicherheitswarnung: Spam-Mails »


Ähnliche Themen: Windows 7: Malware blockiert Internet


  1. Windows 8: Malware/Adware Probleme, Aufruf von unerwünschten Seiten im Internet
    Log-Analyse und Auswertung - 10.08.2014 (7)
  2. Windows 7: Rootkit durch Avast Internet Security blockiert und in Virus Container verschoben
    Log-Analyse und Auswertung - 30.05.2014 (26)
  3. TR/Crypt.Zpack.23950 /Windows Vista -Online-Banking, Internet langsam, Avira blockiert etc.
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (21)
  4. Malware blockiert Rechner
    Plagegeister aller Art und deren Bekämpfung - 04.08.2013 (11)
  5. Malware trotz OS X Internet Reccovery - VM Malware? Ubuntu in EFI ? Win7 im gleichen Netz infiziert
    Alles rund um Mac OSX & Linux - 26.06.2013 (5)
  6. Virus/Malware blockiert Avira, Windows-Firewall und Sicherheitscenter. Dank im Voraus!
    Log-Analyse und Auswertung - 03.04.2013 (2)
  7. Ihr Internet Service Provider blockiert Virus Windows XP entfernen
    Log-Analyse und Auswertung - 20.03.2013 (14)
  8. Malware blockiert denn Computer
    Plagegeister aller Art und deren Bekämpfung - 14.04.2012 (1)
  9. Malware blockiert Bootvorgang
    Nachrichten - 13.04.2012 (0)
  10. Bundestrojaner Clone - Windows blockiert / 50 Euro Malware
    Log-Analyse und Auswertung - 06.04.2012 (22)
  11. Pc wird blockiert: Aus Sicherheitsgründen wurde ihr Windows System blockiert.....
    Log-Analyse und Auswertung - 29.12.2011 (19)
  12. PC bzw.Screen durch Virus/Malware blockiert; Taskmgr und Regedit blockiert nur MS-Dos funktioniert
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (14)
  13. Windows blockiert, 50 Euro-Forderung - Problem mit Malware?
    Log-Analyse und Auswertung - 18.12.2011 (1)
  14. Pc wird blockiert: Aus Sicherheitsgründen wurde ihr Windows System blockiert.....
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (7)
  15. Malware/virus blOckiert Internet
    Plagegeister aller Art und deren Bekämpfung - 28.05.2011 (2)
  16. Windows 7 Internet langsam/blockiert Malware?
    Alles rund um Windows - 23.11.2010 (3)
  17. Malware, die Google-Suche betrifft und Malware-Entfernungsprogramme blockiert
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Malware blockiert Internet - Hallo liebe Leser, Ich habe jetzt seit einiger Zeit folgendes Problem: In unregelmäßigen Abständen habe ich keinen Zugriff aufs Internet mehr. Das gilt sowohl für den Browser als auch für - Windows 7: Malware blockiert Internet...
Archiv
Du betrachtest: Windows 7: Malware blockiert Internet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131