Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler

Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler


Plagegeister aller Art und deren Bekämpfung: Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.07.2015, 21:34   #7
ascrobin
 
Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler - Standard

Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler


Ging wenig später dann auch bei mir. Habe immer im Abgesicherten Modus diese Programme laufen lassen. Da sollte es mit AV keine Probleme gegeben haben .

Combofix
Code:
ATTFilter
ComboFix 15-07-20.01 - Hans 21.07.2015  21:16:49.1.6 - x64 MINIMAL
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8190.7481 [GMT 2:00]
ausgeführt von:: c:\users\Hans\Desktop\Trojanerboard\ComboFix.exe
AV: Avira Antivirus *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-21 bis 2015-07-21  ))))))))))))))))))))))))))))))
.
.
2015-07-21 19:18 . 2015-07-21 19:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-20 17:20 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-20 17:20 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-20 17:20 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-20 17:20 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-20 17:20 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-20 17:20 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-20 17:20 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-20 17:20 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-19 12:12 . 2015-07-19 12:12	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-19 12:12 . 2015-07-19 12:33	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-19 12:12 . 2015-07-19 12:12	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-19 12:09 . 2015-07-19 12:09	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 22:03 . 2015-07-18 22:03	--------	d-----w-	c:\users\Hans\AppData\Local\GWX
2015-07-17 21:25 . 2015-07-21 17:55	226680	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-07-17 21:23 . 2015-07-17 21:23	--------	d-----w-	c:\windows\CheckSur
2015-07-15 20:19 . 2015-07-15 20:20	--------	d-----w-	C:\FRST
2015-07-15 19:16 . 2015-07-15 19:16	--------	d-----w-	c:\users\Hans\AppData\Local\Diagnostics
2015-07-15 18:27 . 2015-07-15 18:27	--------	d-----w-	c:\windows\Migration
2015-07-15 17:58 . 2015-07-09 17:58	37888	----a-w-	c:\windows\system32\wups2.dll
2015-07-15 17:55 . 2015-07-09 17:59	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-15 17:55 . 2015-07-09 17:58	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-15 17:55 . 2015-07-09 17:58	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-15 17:55 . 2015-07-09 17:58	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-15 17:55 . 2015-07-09 17:58	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-15 17:55 . 2015-07-09 17:58	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-15 17:55 . 2015-07-09 17:58	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-15 17:55 . 2015-07-09 17:50	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-15 17:55 . 2015-06-03 20:16	193536	----a-w-	c:\windows\system32\aepic.dll
2015-07-15 17:45 . 2015-06-11 17:56	1112576	----a-w-	c:\windows\system32\rdpcorets.dll
2015-07-15 17:45 . 2015-06-11 17:16	162816	----a-w-	c:\windows\system32\rdpudd.dll
2015-07-15 17:45 . 2015-06-11 17:15	20992	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2015-07-06 18:32 . 2015-07-06 18:32	--------	d-----w-	c:\program files (x86)\Avira
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-20 20:07 . 2015-04-16 04:15	226680	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-07-14 19:51 . 2015-04-15 18:22	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 19:51 . 2015-04-15 18:22	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 11:49 . 2015-04-16 13:01	153256	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-06-10 11:49 . 2015-04-16 13:01	132656	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-05-05 01:29 . 2015-05-13 13:47	342016	----a-w-	c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 13:47	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2015-05-01 13:17 . 2015-05-13 22:14	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 22:14	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-27 19:28 . 2015-05-13 13:45	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-04-27 19:28 . 2015-05-13 13:45	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-04-27 19:28 . 2015-05-13 13:45	155584	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-04-27 19:26 . 2015-05-13 13:45	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-04-27 19:23 . 2015-05-13 13:45	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-04-27 19:23 . 2015-05-13 13:45	243712	----a-w-	c:\windows\system32\wow64.dll
2015-04-27 19:23 . 2015-05-13 13:45	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-04-27 19:23 . 2015-05-13 13:45	210944	----a-w-	c:\windows\system32\wdigest.dll
2015-04-27 19:23 . 2015-05-13 13:45	1254400	----a-w-	c:\windows\system32\diagtrack.dll
2015-04-27 19:23 . 2015-05-13 13:45	86528	----a-w-	c:\windows\system32\TSpkg.dll
2015-04-27 19:23 . 2015-05-13 13:45	879104	----a-w-	c:\windows\system32\tdh.dll
2015-04-27 19:23 . 2015-05-13 13:45	29184	----a-w-	c:\windows\system32\sspisrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	136192	----a-w-	c:\windows\system32\sspicli.dll
2015-04-27 19:23 . 2015-05-13 13:45	503808	----a-w-	c:\windows\system32\srcore.dll
2015-04-27 19:23 . 2015-05-13 13:45	50176	----a-w-	c:\windows\system32\srclient.dll
2015-04-27 19:23 . 2015-05-13 13:45	28160	----a-w-	c:\windows\system32\secur32.dll
2015-04-27 19:23 . 2015-05-13 13:45	113664	----a-w-	c:\windows\system32\sechost.dll
2015-04-27 19:23 . 2015-05-13 13:45	314880	----a-w-	c:\windows\system32\msv1_0.dll
2015-04-27 19:23 . 2015-05-13 13:45	309760	----a-w-	c:\windows\system32\ncrypt.dll
2015-04-27 19:23 . 2015-05-13 13:45	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-04-27 19:23 . 2015-05-13 13:45	728064	----a-w-	c:\windows\system32\kerberos.dll
2015-04-27 19:23 . 2015-05-13 13:45	424448	----a-w-	c:\windows\system32\KernelBase.dll
2015-04-27 19:23 . 2015-05-13 13:45	1461760	----a-w-	c:\windows\system32\lsasrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-04-27 19:23 . 2015-05-13 13:45	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	22016	----a-w-	c:\windows\system32\credssp.dll
2015-04-27 19:23 . 2015-05-13 13:45	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-04-27 19:22 . 2015-05-13 13:45	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-04-27 19:22 . 2015-05-13 13:45	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-04-27 19:22 . 2015-05-13 13:45	112640	----a-w-	c:\windows\system32\smss.exe
2015-04-27 19:22 . 2015-05-13 13:45	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-04-27 19:22 . 2015-05-13 13:45	43008	----a-w-	c:\windows\system32\relog.exe
2015-04-27 19:22 . 2015-05-13 13:45	31232	----a-w-	c:\windows\system32\lsass.exe
2015-04-27 19:22 . 2015-05-13 13:45	104448	----a-w-	c:\windows\system32\logman.exe
2015-04-27 19:22 . 2015-05-13 13:45	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-04-27 19:22 . 2015-05-13 13:45	338432	----a-w-	c:\windows\system32\conhost.exe
2015-04-27 19:21 . 2015-05-13 13:45	64000	----a-w-	c:\windows\system32\auditpol.exe
2015-04-27 19:18 . 2015-05-13 13:45	60416	----a-w-	c:\windows\system32\msobjs.dll
2015-04-27 19:18 . 2015-05-13 13:45	146432	----a-w-	c:\windows\system32\msaudite.dll
2015-04-27 19:16 . 2015-05-13 13:45	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-04-27 19:16 . 2015-05-13 13:45	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	686080	----a-w-	c:\windows\system32\adtschema.dll
2015-04-27 19:11 . 2015-05-13 13:45	3934144	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-04-27 19:11 . 2015-05-13 13:45	3989440	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-04-27 19:08 . 2015-05-13 13:45	1310744	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-04-27 19:05 . 2015-05-13 13:45	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2015-04-27 19:05 . 2015-05-13 13:45	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2015-04-27 19:05 . 2015-05-13 13:45	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-04-27 19:05 . 2015-05-13 13:45	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-04-27 19:05 . 2015-05-13 13:45	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-04-27 19:05 . 2015-05-13 13:45	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2015-04-27 19:05 . 2015-05-13 13:45	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-04-27 19:05 . 2015-05-13 13:45	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2015-04-27 19:05 . 2015-05-13 13:45	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2015-04-27 19:04 . 2015-05-13 13:45	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2015-04-27 19:04 . 2015-05-13 13:45	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2015-04-27 19:04 . 2015-05-13 13:45	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-04-27 19:04 . 2015-05-13 13:45	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-27 19:04 . 2015-05-13 13:45	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-04-27 19:04 . 2015-05-13 13:45	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-04-27 19:04 . 2015-05-13 13:45	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-04-27 19:04 . 2015-05-13 13:45	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-04-27 19:04 . 2015-05-13 13:45	82944	----a-w-	c:\windows\SysWow64\logman.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"Spotify Web Helper"="c:\users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-07-02 2030648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"avgnt"="e:\programme\Antivir\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"SL-6482 Gaming Keyboard"="e:\programme\Speedlink\Monitor.exe" [2014-04-21 1976832]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-06-02 134368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 AntiVirMailService;Avira Email-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirSchedulerService;Avira Planer;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 Samsung Link Service;Samsung Link Service;e:\programme\Samsung link\Samsung Link\Samsung Link.exe;e:\programme\Samsung link\Samsung Link\Samsung Link.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;e:\spiele\Origin\OriginClientService.exe;e:\spiele\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 19:51]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2984976~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.1.29]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067903~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067904~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070738~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3075516~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-21  21:19:25
ComboFix-quarantined-files.txt  2015-07-21 19:19
.
Vor Suchlauf: 8 Verzeichnis(se), 20.441.919.488 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 20.190.187.520 Bytes frei
.
- - End Of File - - BD57C40A005BF083D5BF53F1315DAEAA
A36C5E4F47E84449FF07ED3517B43A31
Habe es auch nochmal im normal betrieb mit deaktivirtem av gemacht.
Code:
ATTFilter
ComboFix 15-07-20.01 - Hans 21.07.2015  22:27:07.2.6 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8190.6655 [GMT 2:00]
ausgeführt von:: c:\users\Hans\Desktop\Trojanerboard\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Hans\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-21 bis 2015-07-21  ))))))))))))))))))))))))))))))
.
.
2015-07-20 17:20 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-20 17:20 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-20 17:20 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-20 17:20 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-20 17:20 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-20 17:20 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-20 17:20 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-20 17:20 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-19 12:12 . 2015-07-19 12:12	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-19 12:12 . 2015-07-19 12:33	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-19 12:12 . 2015-07-19 12:12	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-19 12:09 . 2015-07-19 12:09	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 22:03 . 2015-07-18 22:03	--------	d-----w-	c:\users\Hans\AppData\Local\GWX
2015-07-17 21:25 . 2015-07-21 17:55	226680	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-07-17 21:23 . 2015-07-17 21:23	--------	d-----w-	c:\windows\CheckSur
2015-07-15 20:19 . 2015-07-15 20:20	--------	d-----w-	C:\FRST
2015-07-15 19:16 . 2015-07-15 19:16	--------	d-----w-	c:\users\Hans\AppData\Local\Diagnostics
2015-07-15 18:27 . 2015-07-15 18:27	--------	d-----w-	c:\windows\Migration
2015-07-15 17:58 . 2015-07-09 17:58	37888	----a-w-	c:\windows\system32\wups2.dll
2015-07-15 17:55 . 2015-07-09 17:59	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-15 17:55 . 2015-07-09 17:58	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-15 17:55 . 2015-07-09 17:58	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-15 17:55 . 2015-07-09 17:58	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-15 17:55 . 2015-07-09 17:58	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-15 17:55 . 2015-07-09 17:58	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-15 17:55 . 2015-07-09 17:58	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-15 17:55 . 2015-07-09 17:50	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-15 17:55 . 2015-06-03 20:16	193536	----a-w-	c:\windows\system32\aepic.dll
2015-07-15 17:45 . 2015-06-11 17:56	1112576	----a-w-	c:\windows\system32\rdpcorets.dll
2015-07-15 17:45 . 2015-06-11 17:16	162816	----a-w-	c:\windows\system32\rdpudd.dll
2015-07-15 17:45 . 2015-06-11 17:15	20992	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2015-07-06 18:32 . 2015-07-06 18:32	--------	d-----w-	c:\program files (x86)\Avira
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-20 20:07 . 2015-04-16 04:15	226680	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-07-14 19:51 . 2015-04-15 18:22	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 19:51 . 2015-04-15 18:22	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 11:49 . 2015-04-16 13:01	153256	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-06-10 11:49 . 2015-04-16 13:01	132656	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-05-05 01:29 . 2015-05-13 13:47	342016	----a-w-	c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 13:47	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2015-05-01 13:17 . 2015-05-13 22:14	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 22:14	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-27 19:28 . 2015-05-13 13:45	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-04-27 19:28 . 2015-05-13 13:45	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-04-27 19:28 . 2015-05-13 13:45	155584	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-04-27 19:26 . 2015-05-13 13:45	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-04-27 19:23 . 2015-05-13 13:45	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-04-27 19:23 . 2015-05-13 13:45	243712	----a-w-	c:\windows\system32\wow64.dll
2015-04-27 19:23 . 2015-05-13 13:45	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-04-27 19:23 . 2015-05-13 13:45	210944	----a-w-	c:\windows\system32\wdigest.dll
2015-04-27 19:23 . 2015-05-13 13:45	1254400	----a-w-	c:\windows\system32\diagtrack.dll
2015-04-27 19:23 . 2015-05-13 13:45	86528	----a-w-	c:\windows\system32\TSpkg.dll
2015-04-27 19:23 . 2015-05-13 13:45	879104	----a-w-	c:\windows\system32\tdh.dll
2015-04-27 19:23 . 2015-05-13 13:45	29184	----a-w-	c:\windows\system32\sspisrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	136192	----a-w-	c:\windows\system32\sspicli.dll
2015-04-27 19:23 . 2015-05-13 13:45	503808	----a-w-	c:\windows\system32\srcore.dll
2015-04-27 19:23 . 2015-05-13 13:45	50176	----a-w-	c:\windows\system32\srclient.dll
2015-04-27 19:23 . 2015-05-13 13:45	28160	----a-w-	c:\windows\system32\secur32.dll
2015-04-27 19:23 . 2015-05-13 13:45	113664	----a-w-	c:\windows\system32\sechost.dll
2015-04-27 19:23 . 2015-05-13 13:45	314880	----a-w-	c:\windows\system32\msv1_0.dll
2015-04-27 19:23 . 2015-05-13 13:45	309760	----a-w-	c:\windows\system32\ncrypt.dll
2015-04-27 19:23 . 2015-05-13 13:45	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-04-27 19:23 . 2015-05-13 13:45	728064	----a-w-	c:\windows\system32\kerberos.dll
2015-04-27 19:23 . 2015-05-13 13:45	424448	----a-w-	c:\windows\system32\KernelBase.dll
2015-04-27 19:23 . 2015-05-13 13:45	1461760	----a-w-	c:\windows\system32\lsasrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-04-27 19:23 . 2015-05-13 13:45	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45	22016	----a-w-	c:\windows\system32\credssp.dll
2015-04-27 19:23 . 2015-05-13 13:45	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-04-27 19:22 . 2015-05-13 13:45	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-04-27 19:22 . 2015-05-13 13:45	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-04-27 19:22 . 2015-05-13 13:45	112640	----a-w-	c:\windows\system32\smss.exe
2015-04-27 19:22 . 2015-05-13 13:45	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-04-27 19:22 . 2015-05-13 13:45	43008	----a-w-	c:\windows\system32\relog.exe
2015-04-27 19:22 . 2015-05-13 13:45	31232	----a-w-	c:\windows\system32\lsass.exe
2015-04-27 19:22 . 2015-05-13 13:45	104448	----a-w-	c:\windows\system32\logman.exe
2015-04-27 19:22 . 2015-05-13 13:45	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-04-27 19:22 . 2015-05-13 13:45	338432	----a-w-	c:\windows\system32\conhost.exe
2015-04-27 19:21 . 2015-05-13 13:45	64000	----a-w-	c:\windows\system32\auditpol.exe
2015-04-27 19:18 . 2015-05-13 13:45	60416	----a-w-	c:\windows\system32\msobjs.dll
2015-04-27 19:18 . 2015-05-13 13:45	146432	----a-w-	c:\windows\system32\msaudite.dll
2015-04-27 19:16 . 2015-05-13 13:45	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-04-27 19:16 . 2015-05-13 13:45	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45	686080	----a-w-	c:\windows\system32\adtschema.dll
2015-04-27 19:11 . 2015-05-13 13:45	3934144	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-04-27 19:11 . 2015-05-13 13:45	3989440	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-04-27 19:08 . 2015-05-13 13:45	1310744	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-04-27 19:05 . 2015-05-13 13:45	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2015-04-27 19:05 . 2015-05-13 13:45	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2015-04-27 19:05 . 2015-05-13 13:45	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-04-27 19:05 . 2015-05-13 13:45	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-04-27 19:05 . 2015-05-13 13:45	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-04-27 19:05 . 2015-05-13 13:45	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2015-04-27 19:05 . 2015-05-13 13:45	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-04-27 19:05 . 2015-05-13 13:45	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2015-04-27 19:05 . 2015-05-13 13:45	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2015-04-27 19:04 . 2015-05-13 13:45	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2015-04-27 19:04 . 2015-05-13 13:45	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2015-04-27 19:04 . 2015-05-13 13:45	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-04-27 19:04 . 2015-05-13 13:45	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-27 19:04 . 2015-05-13 13:45	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-04-27 19:04 . 2015-05-13 13:45	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-04-27 19:04 . 2015-05-13 13:45	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-04-27 19:04 . 2015-05-13 13:45	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-04-27 19:04 . 2015-05-13 13:45	82944	----a-w-	c:\windows\SysWow64\logman.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"Spotify Web Helper"="c:\users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-07-02 2030648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"avgnt"="e:\programme\Antivir\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"SL-6482 Gaming Keyboard"="e:\programme\Speedlink\Monitor.exe" [2014-04-21 1976832]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-06-02 134368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AntiVirMailService;Avira Email-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Samsung Link Service;Samsung Link Service;e:\programme\Samsung link\Samsung Link\Samsung Link.exe;e:\programme\Samsung link\Samsung Link\Samsung Link.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;e:\spiele\Origin\OriginClientService.exe;e:\spiele\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 19:51]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\
FF - prefs.js: browser.startup.homepage - google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2984976~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.1.29]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067903~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067904~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070738~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3075516~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\programme\Antivir\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-21  22:32:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-21 20:32
.
Vor Suchlauf: 11 Verzeichnis(se), 20.134.416.384 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 20.068.728.832 Bytes frei
.
- - End Of File - - E78FDBEDEA50620CBEA0C7D3BF0A01DC
A36C5E4F47E84449FF07ED3517B43A31

 

Themen zu Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler
adware, antivir, antivirus, avira, browser, desktop, fehler, firefox, firefox 39.0, flash player, helper, homepage, internet, internet explorer, malware, newtab, problem, scan, security, software, starten, svchost.exe, tcp, udp, usb, windows, wlan


« Google blockiert Suche | Rechner hängt sich in Firefox auf »


Ähnliche Themen: Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler


  1. Windows Firewall lässt sich nicht starten Fehler 0x8007042c
    Plagegeister aller Art und deren Bekämpfung - 17.08.2015 (21)
  2. Windows Firewall nicht bedienbar, Fehlercode: 0x6D9
    Antiviren-, Firewall- und andere Schutzprogramme - 06.02.2015 (1)
  3. Windows 7: Windows Firewall deaktiviert, nicht bedienbar, Fehlercode: 0x6D9
    Log-Analyse und Auswertung - 07.01.2015 (7)
  4. Wlan verbindung zeigt Fehler an?!
    Smartphone, Tablet & Handy Security - 23.09.2014 (15)
  5. Windows Firewall nicht startbar Fehlermeldung 0x8007042c und Fehler 1068
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (1)
  6. OS X 10.9.4 behebt WLAN-Fehler und Sicherheitslücken
    Nachrichten - 01.07.2014 (0)
  7. Firewall Fehler 0x8007042c
    Log-Analyse und Auswertung - 25.02.2014 (13)
  8. Acer Aspire 5742g, wlan funktioniert nicht mehr, geräte manager zeigt Fehler an
    Netzwerk und Hardware - 09.01.2014 (14)
  9. Windows7 Firewall startet nicht Fehler 0x8007042c
    Log-Analyse und Auswertung - 09.01.2014 (11)
  10. Windows 7: Windows Firewall deaktiviert, nicht bedienbar, Fehlercode: 0x6D9
    Log-Analyse und Auswertung - 23.10.2013 (15)
  11. Windows 7: Windows Firewall nicht aktivierbar, Fehlercode: 0x6D9
    Log-Analyse und Auswertung - 19.10.2013 (13)
  12. Windows 7: Windows Firewall deaktiviert, nicht bedienbar, Fehlercode: 0x6D9
    Mülltonne - 18.10.2013 (0)
  13. Windows 7 HP: Firewall Fehler Code : 0x6D9 und Rundll Fehler beim Start
    Log-Analyse und Auswertung - 23.09.2013 (22)
  14. Firewall geht nicht mehr Fehler 0x8007042c
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (1)
  15. Firewall Fehler Code: 0x6d9
    Log-Analyse und Auswertung - 24.03.2012 (3)
  16. WLAN-Fehler: Verbindungsstatus unbekannt
    Plagegeister aller Art und deren Bekämpfung - 21.01.2011 (35)
  17. Windows XP Firewall Symbol in Taskleiste ist nicht da, obwohl Firewall aktiviert ist!
    Antiviren-, Firewall- und andere Schutzprogramme - 15.01.2007 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler - Ging wenig später dann auch bei mir. Habe immer im Abgesicherten Modus diese Programme laufen lassen. Da sollte es mit AV keine Probleme gegeben haben . Combofix Code: Alles auswählen - Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler...
Archiv
Du betrachtest: Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131