Avast schlägt immer an svchost.exe blackled.info / reddie.net

Mimili · 20.05.2015, 18:18

Hallo,

wie die überschrift schon sagt schlägt mein Avast immer an bei diesen einträgen.

habe schon Malwarebytes und so weiter drüber laufen lassen aber es ist angeblich nichts vorhanden nach jedem neustart schlägt Avast min. 24 mal an.Normalerweise hab ich bis heute immer alles selbst weg bekommen aber dabei bin ich echt überfragt.

Über hilfe würde ich mich freuen Gruß.

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Caro88 at 2015-05-20 19:12:08
Running from C:\Users\Caro88\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2655304571-1486060762-985095830-500 - Administrator - Disabled)
Caro88 (S-1-5-21-2655304571-1486060762-985095830-1001 - Administrator - Enabled) => C:\Users\Caro88
Gast (S-1-5-21-2655304571-1486060762-985095830-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Curse Client (HKU\S-1-5-21-2655304571-1486060762-985095830-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2655304571-1486060762-985095830-1001_Classes\CLSID\{1d1b39a0-58de-4381-b94d-9622260938ff}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2655304571-1486060762-985095830-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2655304571-1486060762-985095830-1001_Classes\CLSID\{c555d7ac-98ee-40cf-8173-2530dedda69a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

20-05-2015 18:37:45 Ende der Bereinigung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1EE0A559-1EE6-496A-9318-46FCA4D38E9A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {2A622B20-9897-494D-8944-573DA50125F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {550C6FDF-E5E4-4509-AEDB-C867237108D3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-18] (Oracle Corporation)
Task: {63C6CED0-8839-4285-B99F-672B8BB55F7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-01] (Google Inc.)
Task: {89541071-DABC-4182-A289-7DAB4A9ED30B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {89B2A97F-3CC2-410D-8543-102DE6953CA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {89CA5872-AA5C-44AF-AFF3-882F17D08DF5} - System32\Tasks\{C9B8CCC0-5DAB-4FC0-B56B-12AFAA1C71D7} => pcalua.exe -a C:\ProgramData\TVWizard\uninstall.exe -c /kb=y /ic=1 <==== ATTENTION
Task: {A7CBA8B6-7D4F-4D6B-9162-BEC2D509993E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-01] (Google Inc.)
Task: {AB638416-16F1-48CD-A4C7-6AA87E6D7461} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {B259958F-6E8C-46CA-BDAB-9A9C77AAFEF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {DC9DA13B-6E76-49DF-8D20-AAA1EB90380E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-30] (Avast Software s.r.o.)
Task: {E2C5C901-D9CF-4435-B683-9E1EA3D3438D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-12-17] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-16 23:40 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-10-25 09:06 - 2014-10-25 09:06 - 00016384 ____N () C:\Users\Caro88\AppData\Local\Apps\2.0\1TE9OHEW.OOQ\O5P3BB39.GV2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2013-12-17 09:49 - 2013-12-17 09:49 - 00035840 _____ () C:\Users\Caro88\AppData\Local\Apps\2.0\1TE9OHEW.OOQ\O5P3BB39.GV2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2014-10-25 09:06 - 2014-10-25 09:06 - 00099840 ____N () C:\Users\Caro88\AppData\Local\Apps\2.0\1TE9OHEW.OOQ\O5P3BB39.GV2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-30 08:07 - 2015-04-30 08:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-30 08:07 - 2015-04-30 08:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-20 15:01 - 2015-05-20 15:01 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15052000\algo.dll
2015-04-12 19:50 - 2015-04-12 19:50 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-09 23:35 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2655304571-1486060762-985095830-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "SpywareTerminatorShield"
HKLM\...\StartupApproved\Run: => "SpywareTerminatorUpdater"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "gmsd_de_431"
HKU\S-1-5-21-2655304571-1486060762-985095830-1001\...\StartupApproved\StartupFolder: => "hqghumeaylnlf.lnk"
HKU\S-1-5-21-2655304571-1486060762-985095830-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2655304571-1486060762-985095830-1001\...\StartupApproved\Run: => "Optimizer Pro"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{7F7C49D6-83FD-4088-AA87-D2535762F349}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3E65B7DD-48D3-49F1-BFE2-D0856AE8E937}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC5AA5CB-2D50-4CAE-A5E0-DC1F685AA70E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5DDBE19-6A66-4FFE-896D-C816821FAF9E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0BA0F14D-FC55-4D67-8DE0-2B06F960276C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9ED5FF85-7C9A-4838-9893-EA71BE04DE08}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{71F1BEAA-452D-4638-91F3-143D68CB94CF}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F4832FE6-EC00-47A9-83EC-D63CAC470927}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{55A14A4D-F033-44B5-8069-34AE27B4E609}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E863BEC6-9825-479E-93C6-877E8AFA06CB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6FFBD04B-920B-4C99-836D-C48155B552CD}] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{73A83015-4D11-452F-9861-08855BCF8B5F}] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{D2735EF9-F06B-46D1-88AA-B24BE80D5E81}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{491E05B4-437F-495D-85C7-130B5DF52275}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{25891119-BB9A-48D4-B984-F309CAE7997A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C4A6CF0-F72B-41CF-9A43-D8F4BCBCBA3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{501715C3-ED4F-4D25-9859-05D1740FD69B}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{BEB7874B-3D07-46AC-B19F-58D5ACDF3AFE}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{A38C2555-3245-424B-9B49-46A2FEF7B315}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{DE84E366-08F5-4E09-9E09-EFBBF587B9F5}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{819A79B7-0DE7-4DC9-B289-89F2667734FA}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{A1C6DD3F-84C1-4F08-A0AA-1617C825474C}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FEDCC817-A0B3-4F43-A442-043E2845C418}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{FBEE629D-567A-4245-8760-02C029E52AE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C09E5404-CF2D-4D55-A669-4CF7EAAD8823}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{853A2893-1B56-49E8-A900-F14CDCD50C69}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E3CAF2F-42BF-478F-9B6B-2906E0B5A0F9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCEC8F1D-48AD-462C-94CF-357F2EDEFA8A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{945C071F-3977-4469-8F01-CDFE8B622369}] => (Allow) C:\Program Files (x86)\Electronic Arts\SimCity\SimCity\SimCity.exe
FirewallRules: [{33477E03-85CA-443F-85AC-B554C49FC749}] => (Allow) C:\Program Files (x86)\Electronic Arts\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{94BB5F67-9F1B-48F7-8DEE-1ECA4300C33C}C:\program files (x86)\ea games\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{ADAABBB8-FA1D-45F3-BAD5-DAD7544840F0}C:\program files (x86)\ea games\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{9C2B6DD6-551E-4FC0-8B6A-26EC0F3DD43A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A531D184-39B7-49A9-9FA6-475290F7C90A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E51ADDA5-4A18-405A-8B1F-49DD0D6C7FD6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A2B021E2-9C3A-489F-96D2-C20EB27D2836}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{180640B9-398B-433F-A0A6-E1A8E1FFCD58}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1D2BAD19-F787-4C95-B993-B418D14A428B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2015 07:01:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012bb8
ID des fehlerhaften Prozesses: 0x420
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (05/20/2015 06:37:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (05/20/2015 06:15:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000017719
ID des fehlerhaften Prozesses: 0x394
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (05/20/2015 06:11:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000017719
ID des fehlerhaften Prozesses: 0x33c
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (05/20/2015 05:58:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000017719
ID des fehlerhaften Prozesses: 0x408
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (05/20/2015 05:41:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000017719
ID des fehlerhaften Prozesses: 0x37c
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (05/20/2015 03:59:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (05/20/2015 03:59:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (05/20/2015 03:59:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8

Error: (05/20/2015 03:59:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8


System errors:
=============
Error: (05/20/2015 07:01:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/20/2015 06:15:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/20/2015 06:15:15 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/20/2015 06:11:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/20/2015 06:11:29 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/20/2015 06:11:29 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/20/2015 06:11:29 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/20/2015 06:11:29 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/20/2015 06:11:29 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/20/2015 06:11:28 PM) (Source: DCOM) (EventID: 10016) (User: Caro)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CaroCaro88S-1-5-21-2655304571-1486060762-985095830-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (05/20/2015 07:01:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c00000050000000000012bb842001d0931e98d8592eC:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exedc045af6-ff11-11e4-82f8-d050993b5086

Error: (05/20/2015 06:37:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (05/20/2015 06:15:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c0000005000000000001771939401d093181e7a1e1dC:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe67a68179-ff0b-11e4-82f7-d050993b5086

Error: (05/20/2015 06:11:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c0000005000000000001771933c01d093178e80dd29C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exee12e599d-ff0a-11e4-82f6-d050993b5086

Error: (05/20/2015 05:58:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c0000005000000000001771940801d09315b1bb0079C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exefd7103b5-ff08-11e4-82f5-d050993b5086

Error: (05/20/2015 05:41:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c0000005000000000001771937c01d093134248ef41C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exeab235122-ff06-11e4-82f4-d050993b5086

Error: (05/20/2015 03:59:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (05/20/2015 03:59:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (05/20/2015 03:59:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8

Error: (05/20/2015 03:59:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8


CodeIntegrity Errors:
===================================
  Date: 2015-04-30 09:07:54.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 22%
Total physical RAM: 8131.86 MB
Available physical RAM: 6277.59 MB
Total Pagefile: 9411.86 MB
Available Pagefile: 7318.47 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.28 GB) (Free:257.1 GB) NTFS
Drive d: () (Fixed) (Total:443.23 GB) (Free:185.65 GB) NTFS
Drive f: () (Fixed) (Total:297.99 GB) (Free:294.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8189C3BD)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6C9370F9)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 20.05.2015, 18:31

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Mimili · 20.05.2015, 18:56

Irgendwie funktioniert das mit dem code nicht er sagt mir immer max. 120000 kein plan was ich falsch mache

schrauber · 21.05.2015, 10:31

Dann das Log einfach aufteilen und mehrere Posts benutzen, das Log ist einfach zu lang für einen Post

21.05.2015, 10:31	#4
schrauber /// the machine /// TB-Ausbilder	Avast schlägt immer an svchost.exe blackled.info / reddie.net Dann das Log einfach aufteilen und mehrere Posts benutzen, das Log ist einfach zu lang für einen Post __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Avast schlägt immer an svchost.exe blackled.info / reddie.net

Plagegeister aller Art und deren Bekämpfung: Avast schlägt immer an svchost.exe blackled.info / reddie.net