PC läuft langsamer
Hallo seit einigen Tagen lässt sich mein langdsamer als sonst hoch und runterfahren. Das Laden von Internetseiten dauert auch länger als gewöhnlich. |
| schrauber | 18.11.2013 19:39 |
Hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
|
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by e.yil at 2013-11-18 21:58:13
Running from C:\Users\e.yil\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Acer Power Management (Version: 7.00.3013)
Acer Recovery Management (Version: 6.00.3016)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.4.144)
avast! Free Antivirus (x32 Version: 9.0.2008)
Broadcom Card Reader Driver Installer (Version: 15.4.7.1)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3729_45993)
Dritek Radio Controller (x32 Version: 2.02.2001.0803)
ESET Online Scanner v3 (x32)
ETDWare PS/2-X64 11.6.16.003_WHQL (Version: 11.6.16.003)
GeoGebra 4.4 (x32 Version: 4.3.31.0)
Identity Card (x32 Version: 2.00.3006)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Launch Manager (x32 Version: 7.0.10)
Live Updater (x32 Version: 2.00.3010)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Nero BackItUp (x32 Version: 12.5.5000)
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000)
Nero ControlCenter (x32 Version: 11.0.15600)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000)
Nero Core Components (x32 Version: 11.0.20200)
Nero Launcher (x32 Version: 12.2.7000)
Nero RescueAgent (x32 Version: 12.0.3001)
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000)
Nero Update (x32 Version: 11.0.11800.31.0)
Norton Online Backup (x32 Version: 2.2.3.51r2)
Norton Online Backup ARA (x32 Version: 4.1.0.14)
NVIDIA Grafiktreiber 311.30 (Version: 311.30)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 311.30 (Version: 311.30)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Office Addin (x32 Version: 2.02.2008)
Prerequisite installer (x32 Version: 12.0.0003)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.39)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Shared C Run-time for x64 (Version: 10.0.0)
swMSM (x32 Version: 12.0.0.1)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
YTD Video Downloader 4.3 (x32 Version: 4.3)
==================== Restore Points =========================
31-10-2013 15:21:14 Installed Cisco Systems VPN Client 5.0.07.0440
07-11-2013 23:43:36 Geplanter Prüfpunkt
14-11-2013 11:19:12 avast! antivirus system restore point
==================== Hosts content: ==========================
2012-07-26 06:26 - 2013-10-21 20:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {09DDAA8B-4142-450F-AE83-D1EFA39CE0F5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {1224BFAA-1C12-45D6-9E49-99C93C8EEAA6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-14] (AVAST Software)
Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {31A7F3C4-108F-498B-B2C5-A7F2AABE4AD3} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {3B453A50-58BE-435D-B6F6-FE2442E2B83A} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {7C45197F-E84C-4C8B-825A-E68D8DE0AE27} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {AC4E0C88-8E9D-4F55-8B83-BE25E208DD26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-05-23 06:06 - 2012-10-23 19:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-16 23:11 - 2013-11-16 19:28 - 02141184 _____ () C:\Program Files\AVAST Software\Avast\defs\13111601\algo.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-11-14 12:20 - 2013-11-14 12:20 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-07-27 04:51 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2013 00:38:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (11/17/2013 03:11:26 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (11/16/2013 08:12:30 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (11/15/2013 09:16:27 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (11/14/2013 00:19:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary ixmthiue.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (11/13/2013 11:53:01 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (11/12/2013 00:14:03 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (11/10/2013 10:06:15 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (11/10/2013 09:55:11 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (11/08/2013 02:40:40 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
System errors:
=============
Error: (11/18/2013 06:54:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SafetyNut Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/18/2013 06:53:14 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (11/18/2013 06:53:34 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 18.11.2013 um 16:27:51 unerwartet heruntergefahren.
Error: (11/15/2013 00:08:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SafetyNut Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/15/2013 00:07:39 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (11/14/2013 00:20:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (11/10/2013 10:00:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SafetyNut Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/04/2013 06:02:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SafetyNut Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/04/2013 06:02:13 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 04.11.2013 um 17:35:26 unerwartet heruntergefahren.
Error: (11/04/2013 06:00:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (11/18/2013 00:38:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (11/17/2013 03:11:26 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (11/16/2013 08:12:30 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (11/15/2013 09:16:27 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (11/14/2013 00:19:18 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary ixmthiue.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (11/13/2013 11:53:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (11/12/2013 00:14:03 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (11/10/2013 10:06:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (11/10/2013 09:55:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (11/08/2013 02:40:40 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
CodeIntegrity Errors:
===================================
Date: 2013-10-21 21:50:02.340
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 8007.27 MB
Available physical RAM: 6841.88 MB
Total Pagefile: 9415.27 MB
Available Pagefile: 8226.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:636.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: CBEF7EA1)
Partition: GPT Partition Type
==================== End Of Log ============================
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by e.yil (administrator) on ENES on 18-11-2013 21:57:36
Running from C:\Users\e.yil\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [RadioController] - C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-27] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-14] (AVAST Software)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {36369C9A-5ECE-4688-80C5-A9854BD46297} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {36369C9A-5ECE-4688-80C5-A9854BD46297} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {36369C9A-5ECE-4688-80C5-A9854BD46297} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {36369C9A-5ECE-4688-80C5-A9854BD46297} URL =
SearchScopes: HKCU - {36369C9A-5ECE-4688-80C5-A9854BD46297} URL =
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\e.yil\AppData\Roaming\Mozilla\Firefox\Profiles\sdl34xky.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: New tab - C:\Users\e.yil\AppData\Roaming\Mozilla\Firefox\Profiles\sdl34xky.default\Extensions\{9473F86A-8CD2-0C01-CF9E-946854F63D87}
FF Extension: Adblock Plus - C:\Users\e.yil\AppData\Roaming\Mozilla\Firefox\Profiles\sdl34xky.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-14] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-27] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-14] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-27] (Dritek System Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-04-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-18 21:57 - 2013-11-18 21:57 - 00010123 _____ C:\Users\e.yil\Desktop\FRST.txt
2013-11-18 21:57 - 2013-11-18 21:57 - 00000000 ____D C:\FRST
2013-11-18 21:56 - 2013-11-18 21:56 - 01957964 _____ (Farbar) C:\Users\e.yil\Desktop\FRST64.exe
2013-11-18 18:53 - 2013-11-18 18:53 - 00281248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-16 22:55 - 2013-11-16 22:55 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-11-15 21:01 - 2013-11-15 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 12:35 - 2013-11-15 12:35 - 00001815 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-11-15 12:35 - 2013-11-15 12:35 - 00000000 ____D C:\Users\e.yil\AppData\Roaming\GeoGebra 4.4
2013-11-15 12:34 - 2013-11-15 12:35 - 00000000 ____D C:\Program Files (x86)\GeoGebra 4.4
2013-11-15 12:21 - 2013-11-15 12:22 - 41578544 _____ (International GeoGebra Institute) C:\Users\e.yil\Downloads\GeoGebra-Windows-Installer-4-3-31-0.exe
2013-11-14 20:03 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 20:03 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 20:03 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-14 20:03 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-14 15:09 - 2013-11-18 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-14 15:08 - 2013-11-14 15:08 - 00283104 _____ (Mozilla) C:\Users\e.yil\Downloads\Firefox Setup Stub 25.0.exe
2013-11-14 12:23 - 2013-11-14 12:23 - 00000000 ____D C:\Users\e.yil\AppData\Roaming\AVAST Software
2013-11-14 12:20 - 2013-11-14 12:20 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-14 12:20 - 2013-11-14 12:20 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-14 12:20 - 2013-11-14 12:20 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-14 12:20 - 2013-11-14 12:20 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-14 12:19 - 2013-11-14 12:19 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-14 12:17 - 2013-11-14 12:17 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-14 12:17 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-11-14 12:17 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-11-14 12:17 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-14 12:17 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-14 12:17 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-14 12:17 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-11-14 12:17 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-11-14 12:17 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-11-14 12:17 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-11-14 12:17 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-11-14 12:17 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-11-14 12:17 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-11-14 12:17 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-11-14 12:17 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-14 12:17 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-11-14 12:16 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 12:16 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 12:16 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 12:16 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 12:16 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 12:16 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 12:16 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 12:16 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-11-14 12:16 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 12:16 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-11-14 12:16 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 12:16 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 12:16 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 12:16 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 12:16 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 12:16 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 12:16 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-14 12:16 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-11-14 12:16 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-11-14 12:16 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-11-14 12:16 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-14 12:16 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-11-14 12:16 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-14 12:16 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-14 12:16 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 12:16 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-11-14 12:16 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-11-14 12:16 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-11-14 12:15 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 12:15 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 12:15 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 12:15 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 12:15 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 12:15 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 12:15 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 12:15 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 12:15 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 12:15 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 12:13 - 2013-11-14 12:16 - 87529432 _____ (AVAST Software) C:\Users\e.yil\Downloads\avast_free_antivirus_setup2008.exe
2013-11-04 17:19 - 2013-11-04 17:19 - 00002623 _____ C:\Users\e.yil\Desktop\VPN Client.lnk
2013-11-01 00:08 - 2013-11-01 00:08 - 00001032 _____ C:\Users\e.yil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2013-10-31 19:44 - 2013-10-31 19:44 - 00001366 _____ C:\Users\e.yil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programme.lnk
2013-10-31 16:21 - 2013-10-31 16:22 - 00001594 _____ C:\Windows\VPNInstall.MIF
2013-10-31 16:21 - 2013-10-31 16:21 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2013-10-31 16:21 - 2013-10-31 16:21 - 00000000 ____D C:\Program Files (x86)\Cisco Systems
2013-10-31 16:20 - 2013-10-31 18:43 - 05026816 _____ C:\Users\e.yil\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9.exe
2013-10-25 18:54 - 2013-10-25 18:54 - 00000000 ____D C:\Users\e.yil\AppData\Local\Secunia PSI
2013-10-25 18:54 - 2013-10-25 18:54 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-25 18:53 - 2013-10-25 18:53 - 03864904 _____ (Secunia) C:\Users\e.yil\Downloads\PSISetup_30b8013.exe
2013-10-25 18:47 - 2013-10-25 18:47 - 00001068 _____ C:\DelFix.txt
2013-10-24 07:28 - 2013-10-24 07:28 - 00000295 _____ C:\Users\e.yil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2013-10-24 07:05 - 2013-10-24 07:05 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-23 21:59 - 2013-11-15 13:09 - 00000000 ___RD C:\Users\e.yil\Documents\Notes
2013-10-23 09:53 - 2013-10-25 18:47 - 00000000 ____D C:\Windows\ERUNT
2013-10-23 09:48 - 2013-10-23 09:48 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-10-23 09:06 - 2013-10-23 09:06 - 00000000 ____D C:\Users\e.yil\AppData\Roaming\Malwarebytes
2013-10-23 09:06 - 2013-10-23 09:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-23 09:04 - 2013-10-23 09:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\e.yil\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-21 20:46 - 2013-10-25 18:45 - 00000000 ____D C:\Windows\erdnt
2013-10-21 07:38 - 2013-10-21 07:37 - 00534549 _____ C:\Users\e.yil\Downloads\noscript_security_suite-2.6.8.3-fn_fx_sm.xpi.zip
==================== One Month Modified Files and Folders =======
2013-11-18 21:57 - 2013-11-18 21:57 - 00010123 _____ C:\Users\e.yil\Desktop\FRST.txt
2013-11-18 21:57 - 2013-11-18 21:57 - 00000000 ____D C:\FRST
2013-11-18 21:56 - 2013-11-18 21:56 - 01957964 _____ (Farbar) C:\Users\e.yil\Desktop\FRST64.exe
2013-11-18 21:31 - 2013-10-13 16:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 20:57 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-11-18 19:01 - 2013-07-27 14:31 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-11-18 19:01 - 2013-07-27 14:31 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-11-18 19:01 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-18 18:59 - 2013-10-07 23:22 - 00000006 _____ C:\Users\e.yil\Downloads\settings
2013-11-18 18:53 - 2013-11-18 18:53 - 00281248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-18 18:53 - 2013-11-14 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-18 18:53 - 2013-05-23 05:13 - 00029080 _____ C:\Windows\PFRO.log
2013-11-18 18:53 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-18 15:21 - 2013-07-27 04:46 - 02073562 _____ C:\Windows\WindowsUpdate.log
2013-11-16 22:55 - 2013-11-16 22:55 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-11-16 15:37 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-11-15 21:01 - 2013-11-15 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 13:09 - 2013-10-23 21:59 - 00000000 ___RD C:\Users\e.yil\Documents\Notes
2013-11-15 12:35 - 2013-11-15 12:35 - 00001815 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-11-15 12:35 - 2013-11-15 12:35 - 00000000 ____D C:\Users\e.yil\AppData\Roaming\GeoGebra 4.4
2013-11-15 12:35 - 2013-11-15 12:34 - 00000000 ____D C:\Program Files (x86)\GeoGebra 4.4
2013-11-15 12:22 - 2013-11-15 12:21 - 41578544 _____ (International GeoGebra Institute) C:\Users\e.yil\Downloads\GeoGebra-Windows-Installer-4-3-31-0.exe
2013-11-15 11:15 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2013-11-15 00:06 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-11-15 00:06 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-11-15 00:05 - 2013-09-28 02:45 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 00:04 - 2013-10-02 01:03 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 22:58 - 2013-09-27 03:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-203516366-1611124414-2465361564-1002
2013-11-14 15:08 - 2013-11-14 15:08 - 00283104 _____ (Mozilla) C:\Users\e.yil\Downloads\Firefox Setup Stub 25.0.exe
2013-11-14 12:23 - 2013-11-14 12:23 - 00000000 ____D C:\Users\e.yil\AppData\Roaming\AVAST Software
2013-11-14 12:20 - 2013-11-14 12:20 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-14 12:20 - 2013-11-14 12:20 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-14 12:20 - 2013-11-14 12:20 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-14 12:20 - 2013-11-14 12:20 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-14 12:20 - 2013-11-14 12:20 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-14 12:19 - 2013-11-14 12:19 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-14 12:17 - 2013-11-14 12:17 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-14 12:16 - 2013-11-14 12:13 - 87529432 _____ (AVAST Software) C:\Users\e.yil\Downloads\avast_free_antivirus_setup2008.exe
2013-11-05 23:58 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-04 18:54 - 2013-09-27 07:35 - 00000000 ____D C:\Users\e.yil\AppData\Local\Adobe
2013-11-04 17:19 - 2013-11-04 17:19 - 00002623 _____ C:\Users\e.yil\Desktop\VPN Client.lnk
2013-11-02 17:52 - 2013-10-10 21:47 - 00000182 _____ C:\Users\e.yil\Desktop\Neues Textdokument.txt
2013-11-01 00:08 - 2013-11-01 00:08 - 00001032 _____ C:\Users\e.yil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2013-10-31 19:44 - 2013-10-31 19:44 - 00001366 _____ C:\Users\e.yil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programme.lnk
2013-10-31 18:43 - 2013-10-31 16:20 - 05026816 _____ C:\Users\e.yil\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9.exe
2013-10-31 16:22 - 2013-10-31 16:21 - 00001594 _____ C:\Windows\VPNInstall.MIF
2013-10-31 16:21 - 2013-10-31 16:21 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2013-10-31 16:21 - 2013-10-31 16:21 - 00000000 ____D C:\Program Files (x86)\Cisco Systems
2013-10-28 01:30 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-25 21:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-25 18:54 - 2013-10-25 18:54 - 00000000 ____D C:\Users\e.yil\AppData\Local\Secunia PSI
2013-10-25 18:54 - 2013-10-25 18:54 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-25 18:53 - 2013-10-25 18:53 - 03864904 _____ (Secunia) C:\Users\e.yil\Downloads\PSISetup_30b8013.exe
2013-10-25 18:47 - 2013-10-25 18:47 - 00001068 _____ C:\DelFix.txt
2013-10-25 18:47 - 2013-10-23 09:53 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 18:45 - 2013-10-21 20:46 - 00000000 ____D C:\Windows\erdnt
2013-10-24 20:03 - 2013-09-27 03:08 - 00000000 ____D C:\Users\e.yil\AppData\Local\Packages
2013-10-24 07:28 - 2013-10-24 07:28 - 00000295 _____ C:\Users\e.yil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2013-10-24 07:05 - 2013-10-24 07:05 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-23 09:48 - 2013-10-23 09:48 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-10-23 09:06 - 2013-10-23 09:06 - 00000000 ____D C:\Users\e.yil\AppData\Roaming\Malwarebytes
2013-10-23 09:06 - 2013-10-23 09:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-23 09:05 - 2013-10-23 09:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\e.yil\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-21 20:51 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2013-10-21 20:50 - 2012-07-26 06:26 - 00000215 _____ C:\Windows\system.ini
2013-10-21 07:37 - 2013-10-21 07:38 - 00534549 _____ C:\Users\e.yil\Downloads\noscript_security_suite-2.6.8.3-fn_fx_sm.xpi.zip
Some content of TEMP:
====================
C:\Users\e.yil\AppData\Local\temp\javagiac0.3337734254283862.dll
C:\Users\e.yil\AppData\Local\temp\Quarantine.exe
C:\Users\e.yil\AppData\Local\temp\vpnclient_setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-18 12:37
==================== End Of Log ============================
--- --- --- |
| schrauber | 19.11.2013 12:20 |
Downloade Dir bitte  Malwarebytes Anti-Malware - Installiere das Programm in den vorgegebenen Pfad.
(Bebilderte Anleitung zu MBAM)
- Starte Malwarebytes' Anti-Malware (MBAM).
- Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
- Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
- Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
- Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
- Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
- Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
- Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
- Starte die AdwCleaner.exe mit einem Doppelklick.
- Stimme den Nutzungsbedingungen zu.
- Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
- Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
- Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
- Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
- Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade  Junkware Removal Tool auf Deinen Desktop - Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
- Drücke eine beliebige Taste, um das Tool zu starten.
- Je nach System kann der Scan eine Weile dauern.
- Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
- Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.
und ein frisches FRST log bitte. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 22:34 Uhr. | |
Copyright ©2000-2025, Trojaner-Board
Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.
