Internet Total langsam - Merkwürdige Prozesse

Ladekabel612 · 23.04.2015, 14:53

hey,

Soll ich die Meldung von Avast ignorieren die kommt wenn ich Combofix runterladen möchte?

Code:

ATTFilter

URL: hxxp://download.bleepingcomputer.com/sUBs/ComboFix.exe
Infektion: FileRepMetagen [DRP]
Prozess: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Combofix Logfile:

Code:

ATTFilter

ComboFix 15-04-19.01 - Lem0th 23.04.2015  14:20:54.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.2046.837 [GMT 2:00]
ausgeführt von:: c:\users\Lem0th\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-03-23 bis 2015-04-23  ))))))))))))))))))))))))))))))
.
.
2015-04-23 12:48 . 2015-04-23 12:48	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-04-23 12:48 . 2015-04-23 12:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-23 12:23 . 2015-04-23 12:23	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{708DE8EF-E18C-4B24-A72F-27AD8B66C00F}\offreg.dll
2015-04-22 14:42 . 2015-04-22 14:45	--------	d-----w-	C:\FRST
2015-04-21 12:02 . 2015-04-04 06:25	12032440	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{708DE8EF-E18C-4B24-A72F-27AD8B66C00F}\mpengine.dll
2015-04-17 16:29 . 2015-04-17 16:29	--------	d-----w-	C:\.jagex_cache_32
2015-04-17 13:59 . 2015-04-17 13:59	--------	d-----w-	C:\found.000
2015-04-15 23:05 . 2015-04-15 23:05	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2015-04-15 14:34 . 2015-04-15 14:34	--------	d-s---w-	c:\windows\SysWow64\GWX
2015-04-15 14:34 . 2015-04-15 14:38	--------	d-s---w-	c:\windows\system32\GWX
2015-04-15 14:02 . 2015-02-25 03:18	754688	----a-w-	c:\windows\system32\drivers\http.sys
2015-04-15 14:00 . 2015-03-04 04:55	367552	----a-w-	c:\windows\system32\clfs.sys
2015-04-15 14:00 . 2015-03-04 04:41	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-15 14:00 . 2015-03-04 04:10	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-04-15 13:08 . 2015-04-23 12:25	--------	d-----w-	c:\users\Lem0th
2015-04-15 00:39 . 2015-04-15 00:40	--------	d-----w-	c:\program files\Speccy
2015-04-14 17:33 . 1997-11-19 12:49	303616	----a-w-	c:\windows\IsUninst.exe
2015-04-13 16:17 . 2015-04-14 22:00	--------	d-----w-	c:\program files (x86)\MTA San Andreas 1.4
2015-04-13 16:17 . 2015-04-13 16:17	--------	d-----w-	c:\programdata\MTA San Andreas All
2015-04-13 16:05 . 2015-04-14 18:09	--------	d-----w-	c:\program files (x86)\Rockstar Games
2015-04-13 16:04 . 2015-04-13 16:04	--------	d-----w-	c:\program files (x86)\Common Files\InstallShield
2015-04-13 14:37 . 2015-04-13 14:37	--------	d-----w-	c:\program files (x86)\MediaFire Desktop
2015-04-13 14:36 . 2015-03-23 15:40	20696	----a-w-	c:\windows\system32\drivers\mfmonitor_x64.sys
2015-04-07 09:25 . 2015-04-07 09:25	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-04-07 09:25 . 2015-04-07 09:25	--------	d-----r-	c:\program files (x86)\Skype
2015-04-07 09:25 . 2015-04-07 09:26	--------	d-----w-	c:\programdata\Skype
2015-04-06 18:35 . 2015-04-23 10:48	--------	d-----w-	c:\windows\system32\catroot2
2015-04-03 18:26 . 2015-04-03 18:26	--------	d-----w-	c:\programdata\VS Revo Group
2015-04-02 11:30 . 2015-04-23 12:23	--------	d-----w-	c:\program files\PeerBlock
2015-04-02 10:33 . 2015-04-02 10:33	364472	----a-w-	c:\windows\system32\aswBoot.exe
2015-04-02 10:33 . 2015-04-02 10:33	43112	----a-w-	c:\windows\avastSS.scr
2015-03-30 20:56 . 2015-03-30 20:56	--------	d-----w-	c:\programdata\TrueCrypt
2015-03-30 15:19 . 2015-03-16 15:36	922704	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2015-03-30 15:19 . 2015-03-16 15:35	128592	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2015-03-30 15:17 . 2015-04-15 13:38	--------	dc----w-	c:\windows\system32\DRVSTORE
2015-03-29 19:34 . 2015-03-29 21:18	--------	d-----w-	c:\programdata\TrackMania
2015-03-28 22:34 . 2015-03-28 22:34	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-03-28 17:27 . 2015-03-28 17:27	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-03-28 17:26 . 2015-03-28 17:28	--------	d-----w-	c:\program files\TrueCrypt
2015-03-28 16:04 . 2015-04-15 13:42	--------	d-----w-	c:\users\Deus
2015-03-28 15:58 . 2015-03-28 15:58	--------	d-----w-	c:\users\Administrator
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-22 17:12 . 2014-11-03 18:08	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-15 14:25 . 2015-01-17 15:13	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 14:25 . 2015-01-17 15:13	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-15 14:07 . 2014-01-23 18:41	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-04-13 14:37 . 2015-04-13 14:37	1409	----a-w-	c:\windows\Fonts\OpenSans-Regular.fot
2015-04-13 14:37 . 2015-04-13 14:37	1409	----a-w-	c:\windows\Fonts\OpenSans-Bold.fot
2015-04-13 14:37 . 2015-04-13 14:37	1409	----a-w-	c:\windows\Fonts\OpenSans-Light.fot
2015-04-02 10:33 . 2014-11-03 18:29	136752	----a-w-	c:\windows\system32\drivers\aswStm.sys
2015-04-02 10:33 . 2014-11-03 18:29	271200	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-04-02 10:33 . 2014-11-03 18:29	442264	----a-w-	c:\windows\system32\drivers\aswSP.sys
2015-04-02 10:33 . 2014-11-03 18:29	65736	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-04-02 10:33 . 2014-11-03 18:29	88408	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-04-02 10:33 . 2014-11-03 18:29	29168	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-04-02 10:33 . 2014-11-03 18:29	93528	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-04-02 10:33 . 2014-11-03 18:29	1047320	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-03-28 22:31 . 2015-02-21 21:53	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-03-17 04:56 . 2015-04-15 14:03	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-03-16 15:35 . 2015-03-16 15:35	204264	------w-	c:\windows\system32\VBoxNetFltNobj.dll
2015-03-16 15:35 . 2015-03-16 15:35	141440	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2015-02-26 03:25 . 2015-03-11 15:25	3204096	----a-w-	c:\windows\system32\win32k.sys
2015-02-24 21:04 . 2015-02-24 21:05	720896	----a-w-	c:\windows\iun6002ev.exe
2015-02-24 02:17 . 2010-11-21 03:27	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-21 21:17 . 2015-02-21 20:40	499712	----a-w-	c:\windows\system32\API.dll
2015-02-20 04:41 . 2015-03-11 15:28	41984	----a-w-	c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 15:28	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 15:28	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 15:28	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 15:28	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 15:28	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 15:28	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 15:28	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 15:28	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 15:28	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-02-16 15:20 . 2015-02-16 15:20	33856	---ha-w-	c:\windows\system32\drivers\hamachi.sys
2015-02-13 05:22 . 2015-03-11 15:26	14177280	----a-w-	c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13	869536	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-11 15:25	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 15:25	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 15:27	693176	----a-w-	c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 15:27	94656	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 15:27	616360	----a-w-	c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 15:28	14632960	----a-w-	c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 15:28	782848	----a-w-	c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 15:27	229376	----a-w-	c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 15:26	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 15:26	215552	----a-w-	c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 15:27	5120	----a-w-	c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 15:27	5120	----a-w-	c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 15:27	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 15:27	1574400	----a-w-	c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 15:27	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 15:27	371712	----a-w-	c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 15:27	188416	----a-w-	c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 15:27	37376	----a-w-	c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 15:27	9728	----a-w-	c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 15:27	641024	----a-w-	c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-11 15:27	325632	----a-w-	c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-11 15:27	11264	----a-w-	c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-11 15:27	432128	----a-w-	c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-11 15:27	4121600	----a-w-	c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-11 15:27	206848	----a-w-	c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-11 15:27	631808	----a-w-	c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-11 15:27	284672	----a-w-	c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-11 15:28	1202176	----a-w-	c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-11 15:27	497664	----a-w-	c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-11 15:27	1480192	----a-w-	c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-11 15:27	1069056	----a-w-	c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-11 15:27	82432	----a-w-	c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-11 15:27	140288	----a-w-	c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-11 15:27	187904	----a-w-	c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-11 15:28	842240	----a-w-	c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-11 15:27	680960	----a-w-	c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-11 15:27	296448	----a-w-	c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-11 15:27	440832	----a-w-	c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-11 15:27	32256	----a-w-	c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-11 15:27	58880	----a-w-	c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-11 15:27	55808	----a-w-	c:\windows\system32\rrinstaller.exe
2015-02-03 03:30 . 2015-03-11 15:27	11264	----a-w-	c:\windows\system32\pcawrk.exe
2015-02-03 03:30 . 2015-03-11 15:27	9728	----a-w-	c:\windows\system32\pcalua.exe
2015-02-03 03:30 . 2015-03-11 15:27	24576	----a-w-	c:\windows\system32\mfpmp.exe
2015-02-03 03:30 . 2015-03-11 15:27	126464	----a-w-	c:\windows\system32\audiodg.exe
2015-02-03 03:30 . 2015-03-11 15:27	146944	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:30 . 2015-03-11 15:27	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:30 . 2015-03-11 15:27	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2015-02-03 03:29 . 2015-03-11 15:27	8704	----a-w-	c:\windows\system32\pcaevts.dll
2015-02-03 03:28 . 2015-03-11 15:27	2048	----a-w-	c:\windows\system32\mferror.dll
2015-02-03 03:19 . 2015-03-11 15:27	663552	----a-w-	c:\windows\system32\drivers\PEAuth.sys
2015-02-03 03:12 . 2015-03-11 15:28	617984	----a-w-	c:\windows\SysWow64\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-11 15:27	179200	----a-w-	c:\windows\SysWow64\wintrust.dll
2015-02-03 03:12 . 2015-03-11 15:26	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-11 15:26	171520	----a-w-	c:\windows\SysWow64\ubpm.dll
2015-02-03 03:12 . 2015-03-11 15:27	4096	----a-w-	c:\windows\SysWow64\msdxm.ocx
2015-02-03 03:12 . 2015-03-11 15:27	4096	----a-w-	c:\windows\SysWow64\dxmasf.dll
2015-02-03 03:12 . 2015-03-11 15:27	1329664	----a-w-	c:\windows\SysWow64\quartz.dll
2015-02-03 03:12 . 2015-03-11 15:27	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2015-02-03 03:12 . 2015-03-11 15:27	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-11 15:27	8192	----a-w-	c:\windows\SysWow64\spwmp.dll
2015-02-03 03:12 . 2015-03-11 15:27	504320	----a-w-	c:\windows\SysWow64\msscp.dll
2015-02-03 03:12 . 2015-03-11 15:27	265216	----a-w-	c:\windows\SysWow64\msnetobj.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2014-01-14 2513992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-02 5512912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNA3100M Genie.lnk - c:\program files (x86)\NETGEAR\WNA3100M\WNA3100M.exe [2015-2-11 8274648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
@="Service"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp64.sys;c:\eek\bin\cleanhlp64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8023x64;Realtek 10/100-Netzwerkkartenfamilie-NDIS-x64-Treiber;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R4 ALSysIO;ALSysIO;c:\users\Jendrik\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jendrik\AppData\Local\Temp\ALSysIO64.sys [x]
R4 DRHARD;DRHARD;c:\windows\system32\DRIVERS\DRHARD.SYS;c:\windows\SYSNATIVE\DRIVERS\DRHARD.SYS [x]
R4 MF NTFS Monitor;MediaFire NTFS Monitor;c:\users\Deus\AppData\Local\MEDIAF~1\MFUSNM~1.EXE;c:\users\Deus\AppData\Local\MEDIAF~1\MFUSNM~1.EXE [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 WSWNA3100M;WSWNA3100M;c:\program files (x86)\NETGEAR\WNA3100M\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 mfmonitor;mfmonitor;c:\windows\system32\DRIVERS\mfmonitor_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mfmonitor_x64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0078.sys;c:\windows\SYSNATIVE\DRIVERS\Neo_0078.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wna3100m;NETGEAR WNA3100M N300 Wireless Mini USB Adapter;c:\windows\system32\DRIVERS\wna3100m.sys;c:\windows\SYSNATIVE\DRIVERS\wna3100m.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PBFILTER
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-14 22:46	988488	----a-w-	c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-17 14:25]
.
2015-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08 12:39]
.
2015-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08 12:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-02 10:33	722400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaFireIconError]
@="{5EE8C634-CDC0-453D-9731-DF0B19F4E807}"
[HKEY_CLASSES_ROOT\CLSID\{5EE8C634-CDC0-453D-9731-DF0B19F4E807}]
2015-03-23 15:40	89600	----a-w-	c:\program files (x86)\MediaFire Desktop\MediaFireIcon3_d1739.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaFireIconReadOnly]
@="{7995D0FC-769B-4197-AEC0-991921CB99E1}"
[HKEY_CLASSES_ROOT\CLSID\{7995D0FC-769B-4197-AEC0-991921CB99E1}]
2015-03-23 15:40	89088	----a-w-	c:\program files (x86)\MediaFire Desktop\MediaFireIcon5_d1739.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaFireIconSynched]
@="{9A3B79CB-D899-40B5-8DBC-20447F1ADC8F}"
[HKEY_CLASSES_ROOT\CLSID\{9A3B79CB-D899-40B5-8DBC-20447F1ADC8F}]
2015-03-23 15:40	84992	----a-w-	c:\program files (x86)\MediaFire Desktop\MediaFireIcon_d1739.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaFireIconSyncing]
@="{C4D81971-6B13-4173-AB21-F83AD20CCC04}"
[HKEY_CLASSES_ROOT\CLSID\{C4D81971-6B13-4173-AB21-F83AD20CCC04}]
2015-03-23 15:40	86528	----a-w-	c:\program files (x86)\MediaFire Desktop\MediaFireIcon2_d1739.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MediaFireIconLock]
@="{759F3E92-F4E8-4953-8315-238B8B17E0F3}"
[HKEY_CLASSES_ROOT\CLSID\{759F3E92-F4E8-4953-8315-238B8B17E0F3}]
2015-03-23 15:40	84992	----a-w-	c:\program files (x86)\MediaFire Desktop\MediaFireIcon4_d1739.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mSearch Bar = https://www.google.com/?trackid=sp-006
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
AddRemove-7art Fluorescent Clock Screensaver_is1 - c:\users\compaq\AppData\Roaming\7art ScreenSavers\Fluorescent Clock\unins000.exe
AddRemove-MediaFire Desktop 1.4.26.10815 - c:\users\Deus\AppData\Local\MediaFire Desktop\uninstall.exe
AddRemove-Minecraft1.6.2 - c:\users\Deus\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2015-04-23  14:51:13
ComboFix-quarantined-files.txt  2015-04-23 12:51
.
Vor Suchlauf: 8 Verzeichnis(se), 372.534.513.664 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 372.104.089.600 Bytes frei
.
- - End Of File - - 3010A319DD2D96748E7F82DF74ADE371

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/Code]

Internet Total langsam - Merkwürdige Prozesse

Log-Analyse und Auswertung: Internet Total langsam - Merkwürdige Prozesse

Internet Total langsam - Merkwürdige Prozesse

Ähnliche Themen: Internet Total langsam - Merkwürdige Prozesse