Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Avast blockt verschiedene Seiten, svchost beteiligt

Avast blockt verschiedene Seiten, svchost beteiligt


Log-Analyse und Auswertung: Avast blockt verschiedene Seiten, svchost beteiligt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 01.03.2015, 23:11   #1
OleHB
 
Avast blockt verschiedene Seiten, svchost beteiligt - Standard

Avast blockt verschiedene Seiten, svchost beteiligt


Tja ich habe mich vor dem Wechsel von 32bit auf 64bit bisher immer noch gescheut, da ich mitbekommen habe, dass nicht so viel Software 32bit-fähig ist und ich ev. so einige Programme dann nicht mehr benutzen könnte (vielleicht sind es inzwischen Vorurteile?).

Ansonsten ist die Hardware eigentlich auch schon 3-5 Jahre alt und ich bezweifel, dass ich sie mit meinen stinknormalen Nutzer-Gewohnheiten wirklich ausreize (und ausreizen muss). Gegen mehr an Komfort und Schnelligkeit und Sicherheit will ich mich aber natürlich auch nicht wehren

Da es aktuell gerade eine Meldung von Avast gab, gebe ich dir hier mal genau wieder:

Infektion blockiert. Infektionsdetails:

URL: hxxp://reddie.net/3333/SegmentProlonger_1422755360720403.dll

Infektion: URL:Mal

Process: C:\Windows\system32\svchost.exe

Und als weitere Ergänzung:

Infektion blockiert. Infektionsdetails:

URL: hxxp://blackled.info/3333/LibrarySystem_142275478724102.dll

Infektion: URL:Mal

Process: C:\Windows\system32\svchost.exe

und ergänzend noch Eset Online Scan Log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4cdeebb1f896a5409e3147b962b5d983
# engine=22704
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-03-01 10:09:07
# local_time=2015-03-01 11:09:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 224694 176878938 0 0
# scanned=152779
# found=1
# cleaned=0
# scan_time=3429
sh=B318B551AE9907E449D1470EA02499EFD90168E4 ft=1 fh=09b1bc953fa364d0 vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Free mp3 Wma Converter\Uninstall.exe"

Alt 01.03.2015, 23:32   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockt verschiedene Seiten, svchost beteiligt - Standard

Avast blockt verschiedene Seiten, svchost beteiligt


Zitat:
Zitat von OleHB Beitrag anzeigen
Tja ich habe mich vor dem Wechsel von 32bit auf 64bit bisher immer noch gescheut, da ich mitbekommen habe, dass nicht so viel Software 32bit-fähig ist und ich ev. so einige Programme dann nicht mehr benutzen könnte (vielleicht sind es inzwischen Vorurteile?).

Ansonsten ist die Hardware eigentlich auch schon 3-5 Jahre alt und ich bezweifel, dass ich sie mit meinen stinknormalen Nutzer-Gewohnheiten wirklich ausreize (und ausreizen muss). Gegen mehr an Komfort und Schnelligkeit und Sicherheit will ich mich aber natürlich auch nicht wehren
Ausreden Ausreden Ausreden

Selbst deutlich ältere Hardware war schon 64-bit-fähig (amd64, selbst mein alter Sempron von 2005 konnte das). Der größte Nachteil ist, dass du bei nem 32-Bit-Windows niemals vollständig 4 GiB und mehr RAM nutzen kannst:

Zitat:
Total physical RAM: 3327.18 MB
Das ist das was dein System gerade an RAM komplett verwalten kann, du wirst garantiert mehr drin haben.

Nun solltest du entscheiden was sinnvoller ist. Ein auf alter 32-Bit-Technik basierendes aber aktuelles Windows hinbiegen oder ne Neuinstallation eines 64-Bit-Windows.
__________________

__________________
Alt 02.03.2015, 09:06   #3
OleHB
 
Avast blockt verschiedene Seiten, svchost beteiligt - Standard

Avast blockt verschiedene Seiten, svchost beteiligt


Ich für alle 1-2 Jahre eine Neuinstallation durch - da mein System aber erst mal noch gut läuft und der Aufwand doch immer recht groß ist, will ich das erst Mal so lassen. Das kommt bei der nächsten Neuinstallation mit auf die Liste.

Bei einem Scan mit aswMBR hängt sich das Programm immer bei C:\Users\Administrator auf ... hmm

und zum Schluss noch Mal die Log-Files von OTL:

Code:
ATTFilter
OTL logfile created on: 02.03.2015 08:41:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Administrator\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 57,65% Memory free
6,50 Gb Paging File | 4,88 Gb Available in Paging File | 75,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 52,19 Gb Free Space | 66,89% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 164,69 Gb Free Space | 74,87% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 15,41 Gb Free Space | 31,55% Space Free | Partition Type: NTFS
Drive F: | 833,84 Gb Total Space | 832,61 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive G: | 48,83 Gb Total Space | 23,30 Gb Free Space | 47,72% Space Free | Partition Type: NTFS
Drive X: | 1374,26 Gb Total Space | 580,18 Gb Free Space | 42,22% Space Free | Partition Type: NTFS
Drive Z: | 1374,26 Gb Total Space | 580,18 Gb Free Space | 42,22% Space Free | Partition Type: NTFS
 
Computer Name: KRAXI | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Avast\ng\vbox\AvastVBoxSVC.exe (Avast Software)
PRC - C:\Windows\SuRun.exe (hxxp://kay-bruns.de)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - D:\Portable Programme\K10Stat\speedfan.exe (Almico Software (www.almico.com))
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Hercules\Dualpix Exchange\XtrCtrlEx.exe (Guillemot Corporation S.A.)
PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Administrator\AppData\Local\Temp\sfamcc00001.dll ()
MOD - C:\Users\Administrator\AppData\Local\Temp\sfareca00001.dll ()
MOD - C:\Program Files\Avast\libcef.dll ()
MOD - C:\Program Files\Unlocker\UnlockerCOM.dll ()
MOD - C:\Program Files\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files\Hercules\Dualpix Exchange\highgui110.dll ()
MOD - C:\Program Files\Hercules\Dualpix Exchange\cv110.dll ()
MOD - C:\Program Files\Hercules\Dualpix Exchange\cxcore110.dll ()
MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\Avast\AvastSvc.exe (AVAST Software)
SRV - (AvastVBoxSvc) -- C:\Program Files\Avast\ng\vbox\AvastVBoxSVC.exe (Avast Software)
SRV - (SuRunSVC) -- C:\Windows\SuRun.exe (hxxp://kay-bruns.de)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (c2wts) -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (aswMBR) -- C:\Users\Administrator\AppData\Local\Temp\aswMBR.sys File not found
DRV - (ALSysIO) -- C:\Users\Admin.KRAXI\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswsnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswsp.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswStm) -- C:\Windows\System32\drivers\aswstm.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswHwid) -- C:\Windows\System32\drivers\aswHwid.sys ()
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (VBoxAswDrv) -- C:\Program Files\Avast\ng\vbox\VBoxAswDrv.sys (Avast Software)
DRV - (ampa) -- C:\Windows\System32\ampa.sys ()
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\Windows\System32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (hxctlflt) -- C:\Windows\System32\drivers\hxctlflt.sys (Guillemot Corporation)
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {637D6E3C-DF93-48A5-8362-159A8AC56B11}
IE - HKU\.DEFAULT\..\SearchScopes\{637D6E3C-DF93-48A5-8362-159A8AC56B11}: "URL" = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta=
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {637D6E3C-DF93-48A5-8362-159A8AC56B11}
IE - HKU\S-1-5-18\..\SearchScopes\{637D6E3C-DF93-48A5-8362-159A8AC56B11}: "URL" = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta=
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3658721051-4004364685-709729734-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3658721051-4004364685-709729734-500\..\SearchScopes,DefaultScope = {637D6E3C-DF93-48A5-8362-159A8AC56B11}
IE - HKU\S-1-5-21-3658721051-4004364685-709729734-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3658721051-4004364685-709729734-500\..\SearchScopes\{637D6E3C-DF93-48A5-8362-159A8AC56B11}: "URL" = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta=
IE - HKU\S-1-5-21-3658721051-4004364685-709729734-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:newtab"
FF - prefs.js..extensions.enabledAddons: %7Baf79f858-4b25-4ca4-822b-b5db1be628fc%7D:0.4.1
FF - prefs.js..extensions.enabledAddons: requestpolicy%40requestpolicy.com:0.5.28
FF - prefs.js..extensions.enabledAddons: firefox1%40myibay.com:1.3.7
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.15
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:4.0.2
FF - prefs.js..extensions.enabledAddons: 2.0%40disconnect.me:3.15.3
FF - prefs.js..extensions.enabledAddons: copyplaintext%40teo.pl:1.3.2
FF - prefs.js..extensions.enabledAddons: extended.copy.menu%40fix.version:1.6.1c
FF - prefs.js..extensions.enabledAddons: giorgio%40gilestro.tk:1.0.6
FF - prefs.js..extensions.enabledAddons: %7Bcd617375-6743-4ee8-bac4-fbf10f35729e%7D:2.9.5
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7BF8A55C97-3DB6-4961-A81D-0DE0080E53CB%7D:1.0.8
FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:2.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Avast\WebRep\FF [2015.01.27 12:13:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014.06.01 13:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2013.10.14 20:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\5jsiwlc9.default\extensions
[2013.10.15 10:36:06 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\5jsiwlc9.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2013.10.15 10:36:06 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\5jsiwlc9.default\extensions\https-everywhere@eff.org
[2015.03.01 14:36:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\k9u6a6ot.default\extensions
[2014.06.01 13:23:36 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\k9u6a6ot.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2015.01.01 10:01:22 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\k9u6a6ot.default\extensions\https-everywhere@eff.org
[2013.10.14 20:53:28 | 001,097,649 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\2.0@disconnect.me.xpi
[2013.10.14 20:53:28 | 000,048,746 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\copyplaintext@teo.pl.xpi
[2013.10.14 20:53:28 | 000,019,423 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\extended.copy.menu@fix.version.xpi
[2013.10.14 20:53:28 | 000,020,699 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\firefox1@myibay.com.xpi
[2013.10.14 20:53:28 | 000,077,652 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\giorgio@gilestro.tk.xpi
[2013.10.14 20:53:27 | 000,172,839 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\requestpolicy@requestpolicy.com.xpi
[2013.10.14 20:53:27 | 000,534,789 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.10.14 20:53:27 | 000,065,849 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2013.10.14 20:32:23 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.10.14 20:53:27 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.10.14 20:53:27 | 000,004,139 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\5jsiwlc9.default\extensions\{ec268e28-22c6-4a6c-ac22-635cabee283c}.xpi
[2015.02.21 18:59:19 | 000,947,844 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\2.0@disconnect.me.xpi
[2015.01.01 11:02:41 | 000,061,214 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\copyplaintext@teo.pl.xpi
[2015.02.19 17:27:45 | 000,127,486 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.10.14 21:20:54 | 000,019,423 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\extended.copy.menu@fix.version.xpi
[2014.11.23 09:59:22 | 000,020,693 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\firefox1@myibay.com.xpi
[2013.10.14 21:20:54 | 000,077,652 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\giorgio@gilestro.tk.xpi
[2014.11.20 11:40:54 | 000,160,837 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\requestpolicy@requestpolicy.com.xpi
[2015.03.01 14:36:41 | 000,202,627 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2015.02.20 14:40:11 | 000,544,463 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.09.30 16:11:51 | 000,071,151 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}.xpi
[2013.10.14 21:20:54 | 000,065,849 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2015.01.15 11:32:51 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.10.14 21:20:53 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.10.14 21:20:53 | 000,004,139 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{ec268e28-22c6-4a6c-ac22-635cabee283c}.xpi
[2015.01.01 11:02:41 | 000,133,650 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2015.03.01 10:53:06 | 000,005,783 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\searchplugins\startpage-https---deutsch.xml
[2014.05.31 09:34:35 | 000,009,419 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\k9u6a6ot.default\searchplugins\yahoo-avast.xml
[2015.02.25 10:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015.02.25 10:12:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CamserviceExchange] C:\Program Files\Hercules\Dualpix Exchange\XtrCtrlEx.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SuRun Systemmenü-Erweiterung] C:\Windows\SuRun.exe (hxxp://kay-bruns.de)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-21-3658721051-4004364685-709729734-500\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-3658721051-4004364685-709729734-500\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-21-3658721051-4004364685-709729734-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3658721051-4004364685-709729734-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-3658721051-4004364685-709729734-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CF0AE36-5C3D-4AD9-9FE1-19C17ABCEF27}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {2C7B6088-5A77-4d48-BE43-30337DCA9A86} - C:\Windows\SuRunExt.dll (hxxp://kay-bruns.de)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015.03.02 08:17:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2015.03.02 08:02:44 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Administrator\Desktop\aswmbr.exe
[2015.03.01 13:13:38 | 001,132,032 | ---- | C] (Farbar) -- C:\Users\Administrator\Desktop\FRST.exe
[2015.02.25 10:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015.02.23 08:57:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\{68D9EB6A-D28F-437C-ACB3-C801259CFA2B}
[2015.02.23 08:55:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D4F46F7B-EA64-43A2-9BE5-84321CB4D190}
[2015.02.23 08:54:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
[2015.02.21 19:00:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mp3tag
[2015.02.12 07:07:27 | 001,810,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.02.11 16:12:19 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll
[2015.02.11 16:12:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powertracker.dll
[2015.02.11 09:05:27 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.02.11 09:05:26 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.02.11 09:05:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.02.11 09:05:25 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015.02.11 09:05:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.02.11 09:05:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.02.11 09:05:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015.02.11 09:05:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015.02.11 09:05:21 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.02.11 09:05:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.02.11 09:05:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.02.11 09:05:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015.02.11 09:03:00 | 002,388,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.02.11 09:02:56 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.02.11 09:02:41 | 003,921,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.02.11 09:02:40 | 003,977,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.02.11 09:00:30 | 001,167,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2015.02.11 09:00:30 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015.02.11 09:00:30 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015.02.11 09:00:30 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015.02.11 09:00:30 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015.02.11 09:00:30 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015.02.11 09:00:29 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015.02.11 09:00:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
 
========== Files - Modified Within 30 Days ==========
 
[2015.03.02 08:23:10 | 000,030,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.03.02 08:23:10 | 000,030,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.03.02 08:17:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2015.03.02 08:03:07 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\Administrator\Desktop\aswmbr.exe
[2015.03.02 07:48:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.03.02 07:48:03 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys
[2015.03.01 13:30:51 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.03.01 13:13:53 | 000,380,416 | ---- | M] () -- C:\Users\Administrator\Desktop\Gmer-19357.exe
[2015.03.01 13:13:45 | 001,132,032 | ---- | M] (Farbar) -- C:\Users\Administrator\Desktop\FRST.exe
[2015.03.01 13:13:16 | 000,050,477 | ---- | M] () -- C:\Users\Administrator\Desktop\Defogger.exe
[2015.02.11 10:53:00 | 000,269,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.02.05 09:04:25 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.02.05 09:04:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.02.04 03:54:02 | 000,482,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015.02.04 03:53:44 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015.02.04 03:53:39 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015.02.04 03:53:37 | 000,767,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015.02.04 03:53:36 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015.02.04 03:53:36 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015.02.04 03:49:50 | 000,886,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
 
========== Files Created - No Company Name ==========
 
[2015.03.02 08:23:31 | 000,000,512 | ---- | C] () -- C:\Users\Administrator\Desktop\MBR.dat
[2015.03.01 13:13:51 | 000,380,416 | ---- | C] () -- C:\Users\Administrator\Desktop\Gmer-19357.exe
[2015.03.01 13:13:13 | 000,050,477 | ---- | C] () -- C:\Users\Administrator\Desktop\Defogger.exe
[2014.12.18 20:18:13 | 001,806,960 | ---- | C] () -- C:\Windows\ampa.exe
[2014.12.18 20:18:13 | 000,014,448 | ---- | C] () -- C:\Windows\System32\ampa.sys
[2014.04.23 18:07:54 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014.01.27 13:34:24 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2013.11.26 18:31:56 | 000,000,017 | ---- | C] () -- C:\Windows\spwdrt.INI
[2013.11.04 16:03:08 | 000,009,728 | ---- | C] () -- C:\Windows\System32\HWLMSET2PS.dll
[2013.10.27 12:46:44 | 000,007,633 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2013.10.19 23:35:59 | 000,002,865 | ---- | C] () -- C:\Windows\System32\k10stat.dat
[2013.10.15 15:46:45 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
[2013.10.15 15:46:44 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
[2013.10.15 13:13:41 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.10.15 13:13:40 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.10.15 13:05:15 | 005,694,504 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013.10.15 13:05:11 | 000,620,273 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.10.15 13:04:55 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2013.10.14 19:33:05 | 000,394,752 | ---- | C] () -- C:\Windows\System32\cygwinb19.dll
[2013.10.14 19:31:47 | 003,600,384 | ---- | C] () -- C:\Windows\ffmpeg.exe
[2013.10.14 19:30:49 | 003,482,112 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2013.10.14 19:30:49 | 000,184,320 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2013.10.14 19:30:49 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2013.10.14 19:30:49 | 000,027,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2013.10.14 19:30:49 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2013.10.14 19:27:25 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.10.14 19:09:58 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2013.10.14 19:08:13 | 000,000,060 | R--- | C] () -- C:\Program Files\BRINST.INI
[2013.10.14 18:44:59 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.10.14 18:44:59 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.10.14 18:44:59 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013.10.14 18:31:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.10.14 18:12:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.10.14 17:50:20 | 001,199,175 | ---- | C] () -- C:\Windows\unins002.exe
[2013.10.14 17:50:20 | 000,012,137 | ---- | C] () -- C:\Windows\unins002.dat
[2013.10.14 17:50:11 | 000,052,836 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2013.10.14 17:50:10 | 000,162,304 | ---- | C] () -- C:\Windows\System32\libpng13.dll
[2013.10.14 17:50:10 | 000,138,752 | ---- | C] () -- C:\Windows\System32\libpng15.dll
[2013.10.14 17:50:09 | 001,199,179 | ---- | C] () -- C:\Windows\unins001.exe
[2013.10.14 17:50:09 | 000,017,847 | ---- | C] () -- C:\Windows\unins001.dat
[2013.10.14 17:49:11 | 000,709,719 | ---- | C] () -- C:\Windows\unins000.exe
[2013.10.14 17:49:11 | 000,007,966 | ---- | C] () -- C:\Windows\unins000.dat
[2013.10.14 00:21:24 | 000,000,338 | ---- | C] () -- C:\Windows\System32\WinToolkitRunOnce.exe.config
[2013.10.13 23:09:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.10.13 22:00:43 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:37:22 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.10.15 15:54:25 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AIMP3
[2014.04.18 19:51:23 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\.kde
[2015.01.02 12:17:40 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\AIMP3
[2013.10.22 10:46:18 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\AVAST Software
[2014.11.30 19:12:26 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\FileZilla
[2014.02.08 15:22:36 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\FreeAudioPack
[2014.04.22 20:00:02 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\gnupg
[2015.02.28 09:09:57 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\Mp3tag
[2014.12.27 20:56:45 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\MusicBrainz
[2014.04.18 18:37:24 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\PyBitmessage
[2015.02.28 19:11:40 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\uTorrent
[2015.02.27 17:12:55 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\XnConvert
[2015.02.28 22:27:46 | 000,000,000 | ---D | M] -- C:\Users\Admin.KRAXI\AppData\Roaming\XnViewMP
[2013.10.22 11:27:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AVAST Software
[2013.10.19 16:03:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ElevatedShortcut
[2014.01.27 13:34:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FreeAudioPack
[2014.04.22 20:00:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gnupg
[2015.03.01 22:47:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mp3tag
[2015.01.01 11:21:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MusicBrainz
[2014.09.12 13:02:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Oracle
[2015.02.24 10:26:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >
und ergänzend:

Code:
ATTFilter
OTL Extras logfile created on: 02.03.2015 08:41:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Administrator\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 57,65% Memory free
6,50 Gb Paging File | 4,88 Gb Available in Paging File | 75,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 52,19 Gb Free Space | 66,89% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 164,69 Gb Free Space | 74,87% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 15,41 Gb Free Space | 31,55% Space Free | Partition Type: NTFS
Drive F: | 833,84 Gb Total Space | 832,61 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive G: | 48,83 Gb Total Space | 23,30 Gb Free Space | 47,72% Space Free | Partition Type: NTFS
Drive X: | 1374,26 Gb Total Space | 580,18 Gb Free Space | 42,22% Space Free | Partition Type: NTFS
Drive Z: | 1374,26 Gb Total Space | 580,18 Gb Free Space | 42,22% Space Free | Partition Type: NTFS
 
Computer Name: KRAXI | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3658721051-4004364685-709729734-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
cmdfile [print] -- Reg Error: Value error.
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
regfile [print] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- Reg Error: Key error.
vbsfile [print] -- Reg Error: Value error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- Reg Error: Value error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [SuRun] -- Reg Error: Invalid data type.
Directory [TO] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{037E67B2-B0F6-4860-8F76-DD5484DBADC0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{19412C55-A430-42B8-A5BF-00F344FBAA8C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{23E8BC34-59D3-4A1B-BEB7-B729576259C4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{326637DD-B420-41A0-8299-6E405DA7E26E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{636A3D33-6CFB-4B73-BB33-B03B09073A24}" = lport=138 | protocol=17 | dir=in | app=system | 
"{647B9F91-9012-4FDD-B597-AAB1F150BE61}" = lport=445 | protocol=6 | dir=in | app=system | 
"{80AC0FFB-2EEE-4BD0-AE55-E950D5942508}" = lport=137 | protocol=17 | dir=in | app=system | 
"{85E8F301-5B54-48C7-B753-10BB96E06DD6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8EC24B38-DB17-4973-BBD6-14CA160DD59E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{92644C14-DAC9-48F9-8E07-778E14ECE321}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BC72979C-0D0D-4B9B-B5F6-05D48FD34863}" = rport=445 | protocol=6 | dir=out | app=system | 
"{BDF4FC38-4608-42D5-B8CD-059DF8916716}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C400FB06-A936-496E-9800-C27944D2221D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C753DD23-7CD0-4972-8870-32BBB11AE7D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F6DAD5-B202-4D8B-A9A1-5EBFE5E33AA8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{0A1CE1D1-64B3-4195-8030-663E718DFB9F}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"{14544858-6FA0-4B82-B534-CEBF855017BA}" = protocol=17 | dir=in | app=d:\portable programme\toropera 3.5\bitmessage 0.42.exe | 
"{1A141DFD-24D8-4CF8-BCB8-473FB8374988}" = protocol=6 | dir=in | app=d:\portable programme\filezilla 3.73\filezilla.exe | 
"{28DA3ADD-05B7-4898-8B1A-73CB5C55B983}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |  
"{343DFC1D-9356-4328-A1F4-49AF7CE69BC6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | | 
"{434E9B45-D0EE-48F8-B929-8A143573FDB5}" = protocol=6 | dir=in | app=c:\program files\avast\ng\vbox\aswfe.exe |  
"{51DBB5F8-BE97-417F-9F1B-5F2C0270D2D2}" = protocol=17 | dir=in | app=d:\portable programme\operator 3.5\opera\opera.exe | 
"{53721C41-FC4F-4CAB-828E-2FF46F2ADD6F}" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_31\bin\javaw.exe | 
"{5A7D079C-6B76-40F1-9AD0-2F23655E05C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5CBFE664-6DBA-43AF-BCDB-439A3A150501}" = protocol=17 | dir=in | app=d:\portable programme\operator 3.5\bitmessage 0.42.exe | 
"{69AD79E3-84FD-4522-958A-9CF8DAA3402E}" = protocol=6 | dir=in | app=d:\portable programme\toropera 3.5\opera\opera.exe | 
"{731B0E59-1E1B-4EBD-9CF8-F213180BF77F}" = protocol=6 | dir=in | app=c:\program files\fiddler2\fiddler.exe | 
"{75746B0E-C872-4613-A759-D72C4844FAE8}" = protocol=17 | dir=in | app=d:\portable programme\toropera 3.5\opera\opera.exe | 
"{75F0AAFB-6787-4A90-B447-92B48C899AC5}" = protocol=6 | dir=in | app=c:\users\admin.kraxi\desktop\bitmessage.exe |  
"{84F56EB0-B8DD-46B2-8137-E4A8C956A757}" = protocol=17 | dir=in | app=c:\users\admin.kraxi\desktop\foobar 1.37b\foobar2000.exe | 
"{86B59496-E7BA-4810-B215-3DDA3839B60F}" = protocol=6 | dir=in | app=d:\portable programme\totalcommander suite 5.0\totalcmd.exe | 
"{8CDA6D61-83A7-4563-AB43-3ADE43AB1F20}" = protocol=6 | dir=in | app=d:\portable programme\torfirefox 3.6b\bitmessage 0.42.exe | 
"{915591FC-2EB1-4C7A-9263-76F4BBF4DA76}" = protocol=6 | dir=in | app=c:\program files\qnap\qfinder\qfinder.exe | 
"{98D4EA87-C341-49F9-81E2-227FCFF84DED}" = protocol=6 | dir=in | app=d:\portable programme\foobar2000\foobar2000.exe | 
"{9CCD1706-E1AB-4EB8-9CB2-705754605C9D}" = protocol=6 | dir=in | app=d:\portable programme\operator 3.5\opera\opera.exe | 
"{A10A71E9-C252-4229-9B4F-9F833BC02542}" = protocol=17 | dir=in | app=c:\users\admin.kraxi\desktop\bitmessage.exe | 
"{A4B5D983-3AF1-423A-9DC1-50745CFC4B24}" = protocol=17 | dir=in | app=c:\program files\avast\ng\vbox\aswfe.exe | 
"{A5C11146-A95F-40A0-B6B6-95035E713C39}" = protocol=6 | dir=in | app=d:\portable programme\toropera 3.5\bitmessage 0.42.exe ||
"{C1527039-9D46-4118-A61A-48E385E70A32}" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_31\bin\javaw.exe | 
"{C47D29D0-B38F-45F3-B7D7-A64397CC10CA}" = protocol=17 | dir=in | app=d:\portable programme\totalcommander suite 5.0\totalcmd.exe | 
"{C48C385B-C037-4CF0-967C-447D59654F18}" = protocol=17 | dir=in | app=c:\program files\qnap\finder\qfinder.exe | 
"{C49065BF-1B94-44B2-9737-B08511108257}" = protocol=6 | dir=in | app=c:\users\admin.kraxi\desktop\foobar 1.37b\foobar2000.exe | 
"{CEFF7408-39E3-43AB-A122-D162728F5565}" = protocol=17 | dir=in | app=c:\program files\qnap\qfinder\qfinder.exe | 
"{D1A2615F-D49D-4397-B31D-701DC43F02C3}" = protocol=6 | dir=in | app=d:\portable programme\operator 3.5\bitmessage 0.42.exe | 
"{D7934FDD-F202-4900-B4A9-C56BF54F8290}" = protocol=6 | dir=in | app=c:\program files\qnap\finder\qfinder.exe |  
"{E08E8195-A67D-4E83-9278-6178A782AABB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EA7372BB-58F7-4DEF-BE39-CDBE59E6AC90}" = protocol=17 | dir=in | app=d:\portable programme\foobar2000 old\foobar2000.exe | 
"{EC103DC0-7BE2-4E8B-95D0-9BC225CD8CBF}" = protocol=17 | dir=in | app=d:\portable programme\foobar2000\foobar2000.exe | 
"{EDCE411A-4292-434E-A50F-B8396CCE62A1}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"{EE574110-B938-44A3-8046-C7B312847037}" = protocol=6 | dir=in | app=c:\program files\μtorrent 3.0 leecher\utorrent 3.0.0 (25422)_org.exe | 
"{F67C8139-D43F-4C97-B38D-20C612FCA0D9}" = protocol=6 | dir=in | app=d:\portable programme\foobar2000 old\foobar2000.exe | 
"{F82CA4D0-DB48-4F01-B427-DC9B7FD85BC0}" = protocol=17 | dir=in | app=d:\portable programme\filezilla 3.73\filezilla.exe | 
"{FFEFFFBC-7FC6-40A3-8683-CF00877DFE10}" = protocol=17 | dir=in | app=d:\portable programme\torfirefox 3.6b\bitmessage 0.42.exe | 
"TCP Query User{0B4FFFC0-5551-4EC5-BE90-428000F9A506}D:\portable programme\operator 3.5\opera\opera.exe" = protocol=6 | dir=in | app=d:\portable programme\operator 3.5\opera\opera.exe |  
"TCP Query User{1D737C87-6F5D-46E1-BC6C-0240F4EB10E5}C:\program files\qnap\finder\finder.exe" = protocol=6 | dir=in | app=c:\program files\qnap\finder\finder.exe | 
"TCP Query User{1E71912D-8EE7-4AFE-9732-E55393C9C5F2}C:\users\admin.kraxi\desktop\foobar 1.37b\foobar2000.exe" = protocol=6 | dir=in | app=c:\users\admin.kraxi\desktop\foobar 1.37b\foobar2000.exe | 
"TCP Query User{26B80AA4-768F-45C1-9788-FC7B03CA6CEA}D:\portable programme\filezilla 3.73\filezilla.exe" = protocol=6 | dir=in | app=d:\portable programme\filezilla 3.73\filezilla.exe | 
"TCP Query User{3F126A14-A519-4C19-83A1-9B2888F769BC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{423ED87B-A127-4521-A881-3E2CFEBAEFD8}C:\program files\hercules\dualpix exchange\xtrctrlex.exe" = protocol=6 | dir=in | app=c:\program files\hercules\dualpix exchange\xtrctrlex.exe | 
"TCP Query User{43B520FC-4281-49A7-BEA8-9C9711D1D0B2}D:\portable programme\operator 3.5\bitmessage 0.42.exe" = protocol=6 | dir=in | app=d:\portable programme\operator 3.5\bitmessage 0.42.exe | 
"TCP Query User{4B2C9678-4A71-475F-B7C3-BE5D7BC9B763}C:\program files\qnap\qfinder\qfinder.exe" = protocol=6 | dir=in | app=c:\program files\qnap\qfinder\qfinder.exe | 
"TCP Query User{5CEC2FB0-8242-4711-A58C-E9D4739324B4}D:\portable programme\foobar2000\foobar2000.exe" = protocol=6 | dir=in | app=d:\portable programme\foobar2000\foobar2000.exe | 
"TCP Query User{657901A1-0293-4314-9965-9C7C94B45737}D:\portable programme\totalcommander suite 5.0\totalcmd.exe" = protocol=6 | dir=in | app=d:\portable programme\totalcommander suite 5.0\totalcmd.exe | 
"TCP Query User{8BCE6A79-F972-4C84-AF50-572FF2F7DB08}C:\users\admin.kraxi\desktop\bitmessage.exe" = protocol=6 | dir=in | app=c:\users\admin.kraxi\desktop\bitmessage.exe | 
"TCP Query User{8E1AF40B-7BB1-4F0E-8100-B03F9D262D4F}C:\program files\qnap\finder\qfinder.exe" = protocol=6 | dir=in | app=c:\program files\qnap\finder\qfinder.exe | 
"TCP Query User{8E9EFE4D-5141-499F-B05B-8907EA6E1E15}D:\portable programme\torfirefox 3.6b\bitmessage 0.42.exe" = protocol=6 | dir=in | app=d:\portable programme\torfirefox 3.6b\bitmessage 0.42.exe |  
"TCP Query User{903B118D-AB55-4A59-94DE-208A0A94A5F9}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{A0326C43-AE9E-478D-9F95-E187D058FBEF}D:\portable programme\toropera 3.5\bitmessage 0.42.exe" = protocol=6 | dir=in | app=d:\portable programme\toropera 3.5\bitmessage 0.42.exe |  
"TCP Query User{D4D9D3F1-B852-4ABB-9C02-0CE3EDD586CA}D:\portable programme\foobar2000 old\foobar2000.exe" = protocol=6 | dir=in | app=d:\portable programme\foobar2000 old\foobar2000.exe | 
"TCP Query User{E0958C98-7A76-4BBC-9E5C-DBFA6CA7FF1E}C:\program files\hercules\dualpix exchange\xtrctrl.exe" = protocol=6 | dir=in | app=c:\program files\hercules\dualpix exchange\xtrctrl.exe |  
"TCP Query User{EC7D8EF6-6569-436A-982B-183FFDE2C673}C:\program files\java\jre1.8.0_31\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_31\bin\javaw.exe | 
"TCP Query User{F12187F0-F169-4833-B79F-28189C82F620}D:\portable programme\toropera 3.5\opera\opera.exe" = protocol=6 | dir=in | app=d:\portable programme\toropera 3.5\opera\opera.exe | 
"TCP Query User{F2579E26-E1FF-4D66-AE83-DCFC159B82A0}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{086DE2E8-ECB5-43D2-B647-33A6CD107C9C}C:\program files\hercules\dualpix exchange\xtrctrl.exe" = protocol=17 | dir=in | app=c:\program files\hercules\dualpix exchange\xtrctrl.exe | 
"UDP Query User{121C4A42-0654-48A2-AFC2-525C6FCAA191}C:\program files\java\jre1.8.0_31\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_31\bin\javaw.exe | 
"UDP Query User{184DA726-F935-43F1-87F5-38F40A4F86A2}C:\users\admin.kraxi\desktop\bitmessage.exe" = protocol=17 | dir=in | app=c:\users\admin.kraxi\desktop\bitmessage.exe |  
"UDP Query User{29F8BD9C-BB99-424B-BEC6-82D076146DB8}D:\portable programme\totalcommander suite 5.0\totalcmd.exe" = protocol=17 | dir=in | app=d:\portable programme\totalcommander suite 5.0\totalcmd.exe | 
"UDP Query User{365F5E39-B48D-46D9-B963-F9622FF6602E}D:\portable programme\filezilla 3.73\filezilla.exe" = protocol=17 | dir=in | app=d:\portable programme\filezilla 3.73\filezilla.exe | 
"UDP Query User{3D7DB3BE-9F62-4556-9DB0-049F76F648E5}C:\program files\qnap\finder\qfinder.exe" = protocol=17 | dir=in | app=c:\program files\qnap\finder\qfinder.exe | 
"UDP Query User{41FAA023-F3FC-44AA-9A20-E480AB153733}D:\portable programme\foobar2000 old\foobar2000.exe" = protocol=17 | dir=in | app=d:\portable programme\foobar2000 old\foobar2000.exe | 
"UDP Query User{4351E5A5-617B-4D41-9C7B-9EDDE2D3B539}D:\portable programme\toropera 3.5\opera\opera.exe" = protocol=17 | dir=in | app=d:\portable programme\toropera 3.5\opera\opera.exe | 
"UDP Query User{4F0DED22-4310-4B4B-AEEB-40C3A3E0522D}D:\portable programme\toropera 3.5\bitmessage 0.42.exe" = protocol=17 | dir=in | app=d:\portable programme\toropera 3.5\bitmessage 0.42.exe | 
"UDP Query User{85B335F7-A12E-494D-9F17-3B937067F9EF}D:\portable programme\operator 3.5\opera\opera.exe" = protocol=17 | dir=in | app=d:\portable programme\operator 3.5\opera\opera.exe | 
"UDP Query User{9115AD7B-30B8-4EA7-BE87-A84A57058D03}C:\program files\qnap\finder\finder.exe" = protocol=17 | dir=in | app=c:\program files\qnap\finder\finder.exe |   
"UDP Query User{BBB57DBB-B75C-43C4-8506-F7903402B2CF}D:\portable programme\foobar2000\foobar2000.exe" = protocol=17 | dir=in | app=d:\portable programme\foobar2000\foobar2000.exe | 
"UDP Query User{C1DE50F7-9807-4FE3-B245-A3023A008D6E}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{CE358951-0B2F-4D5A-ADBE-89AFF82068C9}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |  
"UDP Query User{DC960BD9-29FA-4CCD-99FD-A16D10C229D6}D:\portable programme\torfirefox 3.6b\bitmessage 0.42.exe" = protocol=17 | dir=in | app=d:\portable programme\torfirefox 3.6b\bitmessage 0.42.exe | 
"UDP Query User{EA4036ED-BE36-4F92-A219-131C5C48FEF0}C:\program files\qnap\qfinder\qfinder.exe" = protocol=17 | dir=in | app=c:\program files\qnap\qfinder\qfinder.exe | 
"UDP Query User{EB81AAB2-31DA-423F-BED8-39ADA2219C97}C:\users\admin.kraxi\desktop\foobar 1.37b\foobar2000.exe" = protocol=17 | dir=in | app=c:\users\admin.kraxi\desktop\foobar 1.37b\foobar2000.exe | 
"UDP Query User{EC3959C3-D76F-4F2E-8B88-3BED7A77CEB4}D:\portable programme\operator 3.5\bitmessage 0.42.exe" = protocol=17 | dir=in | app=d:\portable programme\operator 3.5\bitmessage 0.42.exe | 
"UDP Query User{F36CBB39-DDF3-407C-A484-91E4609450EE}C:\program files\hercules\dualpix exchange\xtrctrlex.exe" = protocol=17 | dir=in | app=c:\program files\hercules\dualpix exchange\xtrctrlex.exe | 
"UDP Query User{F77B7717-8AFC-44C8-B828-21F267D18BA3}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000EF65-BE80-3B99-BDE5-84C515C3F64C}" = Microsoft .NET Framework 4.5.2 (DEU)
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}" = Microsoft Application Compatibility Toolkit 5.6
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{2C00465A-EA83-4D9B-9482-9180FBEBD4AC}" = Oracle VM VirtualBox 4.2.18
"{2FDDE008-7BAA-4CAC-9AC3-92C0C1111A3A}" = Dualpix Exchange
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50AF8559-F490-381F-A6E7-06A07DE227DC}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830
"{5C085A19-B4A1-6686-0103-E9E6F7B2831A}" = AMD Catalyst Install Manager
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{9243354A-3075-C91E-6E12-403D932B38E5}" = Catalyst Control Center InstallProxy
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.2 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9dba0447-b749-41ea-90bc-2aa19a9eb580}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Deutsch
"{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}" = Adobe Shockwave Player 12.0
"{C3C44248-B8F7-4B20-A5C7-994870B60F55}" = Hercules Webcam Station Evolution SE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CF9FEB7B-3BBF-47D6-801B-09530B7DA7CA}" = M-Audio FireWire 6.0.4 (x86)
"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F68B404C-0E04-337F-A132-796508EE337A}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1" = DirectX for Managed Code
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"avast" = Avast Free Antivirus
"Default Programs Editor" = Default Programs Editor
"eLicenser Control" = eLicenser Control
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
"M928366" = 
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.4.1028
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1 SP1
"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox 36.0 (x86 de)" = Mozilla Firefox 36.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3-Info extension_is1" = MP3-Info extension V3.4.23
"Mp3tag" = Mp3tag v2.66
"MusicBrainz Picard" = MusicBrainz Picard
"QNAP_FINDER" = QNAP Qfinder
"SpeedFan" = SpeedFan (remove only)
"SuRun" = Super User Run (SuRun)
"Unlocker" = Unlocker 1.9.2
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.00 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3658721051-4004364685-709729734-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.02.2015 09:37:20 | Computer Name = Kraxi | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.02.2015 15:33:43 | Computer Name = Kraxi | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.02.2015 05:13:15 | Computer Name = Kraxi | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.02.2015 18:05:00 | Computer Name = Kraxi | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.02.2015 03:12:32 | Computer Name = Kraxi | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.02.2015 10:58:32 | Computer Name = Kraxi | Source = Application Hang | ID = 1002
Description = Programm TagRename.exe, Version 3.8.1.41 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1324    Startzeit:
 01d04f6573daaae6    Endzeit: 131    Anwendungspfad: D:\Portable Programme\TagRename 3.81\TagRename.exe

Berichts-ID:
 6cdf6817-bb6c-11e4-ab04-40618667f7ca  
 
Error - 01.03.2015 17:04:32 | Computer Name = Kraxi | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16609 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: d10    Startzeit: 01d05463186a4130    Endzeit: 10    Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 02.03.2015 02:59:10 | Computer Name = Kraxi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16609,
 Zeitstempel: 0x54b5c951  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0e301368  ID des fehlerhaften
 Prozesses: 0xa08  Startzeit der fehlerhaften Anwendung: 0x01d054b5589de9e7  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: 9fe4c4dc-c0a9-11e4-b552-40618667f7ca
 
[ System Events ]
Error - 27.02.2015 12:03:43 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 27.02.2015 14:42:05 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 28.02.2015 03:07:44 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 28.02.2015 06:05:11 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 28.02.2015 13:23:48 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 01.03.2015 05:30:04 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 01.03.2015 08:06:33 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 01.03.2015 09:29:33 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 01.03.2015 11:10:59 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 02.03.2015 02:48:18 | Computer Name = Kraxi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
 
< End of report >
__________________
Geändert von OleHB (02.03.2015 um 08:40 Uhr)

Antwort

Themen zu Avast blockt verschiedene Seiten, svchost beteiligt
adware, antivirus, askbar, blackled.info, bonjour, browser, converter, defender, ebay, firefox, flash player, helper, homepage, mozilla, mp3, musik, realtek, registry, scan, schutz, security, services.exe, software, svchost, svchost.exe, windows, wma


« AVG 2013 durch Gruppenrichtlinie blockiert | einzelne URL Adresse nicht erreichbar »


Ähnliche Themen: Avast blockt verschiedene Seiten, svchost beteiligt


  1. Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (24)
  2. Avast meldet "Eine Bedrohung wurde gefunden" - svchost.exe beteiligt
    Plagegeister aller Art und deren Bekämpfung - 18.06.2015 (33)
  3. svchost.exe Avast geblockt
    Plagegeister aller Art und deren Bekämpfung - 16.06.2015 (13)
  4. Windows 7: Avast blockt ständig Webseiten, svchost.exe
    Log-Analyse und Auswertung - 11.06.2015 (14)
  5. Avast blockt Youtube Link
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (5)
  6. Kaspersky blockt gmail und andere google-Seiten
    Antiviren-, Firewall- und andere Schutzprogramme - 26.06.2014 (1)
  7. Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube
    Log-Analyse und Auswertung - 26.03.2014 (4)
  8. Firefox öffnet verschiedene seiten in unregelmäsigen abständen.
    Log-Analyse und Auswertung - 11.09.2013 (12)
  9. Hallo (; Windows 7 Firewall Tool von Chip.de Blockt svchost und System.exe ist das ein Virus?
    Antiviren-, Firewall- und andere Schutzprogramme - 23.08.2013 (20)
  10. I have net - Problem bei der Google suche. Werde umgelitet auf verschiedene Seiten unter anderem I have net.com
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (9)
  11. GVU-Trojaner, Überprüfung mit malwarebytes, Kaspersky Rescue Disk und avast, verschiedene Funde, jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (22)
  12. C:\windows\system32\svchost.exe Tojaner , Malwarebytes blockt IP
    Log-Analyse und Auswertung - 10.12.2011 (44)
  13. Google suche leitet auf verschiedene Seiten um.
    Log-Analyse und Auswertung - 23.09.2011 (5)
  14. InternetExplorer öffnet automatisch verschiedene Seiten
    Plagegeister aller Art und deren Bekämpfung - 26.11.2010 (3)
  15. Google seiten werden auf verschiedene seiten umgeleitet oder nicht geladen
    Log-Analyse und Auswertung - 05.10.2010 (28)
  16. Kann manche Internet-Seiten nicht mehr öffnen (Firewall blockt?)
    Antiviren-, Firewall- und andere Schutzprogramme - 08.07.2010 (12)
  17. Irgendwas blockt Anti-Spyware-Seiten und kompromittiert Combofix
    Plagegeister aller Art und deren Bekämpfung - 27.10.2009 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avast blockt verschiedene Seiten, svchost beteiligt - Tja ich habe mich vor dem Wechsel von 32bit auf 64bit bisher immer noch gescheut, da ich mitbekommen habe, dass nicht so viel Software 32bit-fähig ist und ich ev. so - Avast blockt verschiedene Seiten, svchost beteiligt...
Archiv
Du betrachtest: Avast blockt verschiedene Seiten, svchost beteiligt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19