Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bootvorgang endet bei aswrvrt.exe (https://www.trojaner-board.de/162178-bootvorgang-endet-aswrvrt-exe.html)

Schnubbtator 26.12.2014 22:04
Bootvorgang endet bei aswrvrt.exe
 
Guten Abend Leute,

mein Zweitlaptop (Windows 7 Pro 32 Bit) bootet seit neuestem nicht mehr, beim Anmeldebildschirm kommt es zum freeze. Ich habe die Vermutung, dass es an der Datei aswrvrt.exe liegt, weil beim Versuch den Laptop im abgesicherten Modus zu starten der Bootvorgang bei dieser Datei stoppt. Ich habe durch die Suchfunktion ein Thema gefunden, wo dasselbe Thema angesprochen aber nicht gelöst wurde. Ich hab jetzt hier das Logfile von FRST, kann damit aber nichts anfangen. Was sollte ich nun machen?


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-12-2014
Ran by SYSTEM on MININT-2B2AU7U on 26-12-2014 21:35:46
Running from F:\
Platform: Windows 7 Professional (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [177520 2011-07-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [DRCU] => C:\Program Files\Sony\DRCU\DRCU.exe [73728 2007-06-18] (Sony Corporation)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-04-28] (Nero AG)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-12-22] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [193568 2014-10-13] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2039192 2014-11-24] (APN)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [262656 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\Admin\...\Run: [NSUFloatingUI] => C:\Program Files\Sony\Network Utility\LANUtil.exe [284592 2009-08-10] (Sony Corporation)
HKU\Karin und -\...\Run: [SmileboxTray] => C:\Users\Karin und -\AppData\Roaming\Smilebox\SmileboxTray.exe [342312 2014-09-12] (Smilebox, Inc.)
HKU\Karin und -\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Karin und -\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\Karin und -\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\Karin und -\...\Run: [RemoTerm.exe] => C:\Program Files\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe [241976 2013-09-20] (PCTV Systems S.à r.l.)
HKU\Karin und -\...\Run: [StrmServer.exe] => C:\Program Files\Common Files\PCTV Systems\StreamingServer\StrmServer.exe [746768 2011-03-16] (PCTV Systems S.à r.l.)
HKU\Karin und -\...\RunOnce: [Adobe Speed Launcher] => 1418889264
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeActiveFileMonitor8.0; C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-09-18] (Adobe Systems Incorporated)
S2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-11-24] (APN LLC.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
S2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)
S2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242928 2013-04-18] ()
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [773968 2014-01-27] (Nero AG)
S2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [303104 2009-06-11] (Sony Corporation)
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2014-07-16] (TuneUp Software)
S2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-08-14] (Sony Corporation)
S3 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [513392 2009-11-30] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1228336 2014-02-28] (Sony Corporation)
S2 ZDServ; C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe [427264 2013-11-08] ()
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2532592 2013-04-18] (Intel® Corporation)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [112096 2013-02-13] (Windows (R) Win 7 DDK provider)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-12] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-12] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-12] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-12] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-12-22] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414392 2014-12-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-12] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [192352 2014-07-12] ()
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [474880 2009-10-19] (AVerMedia TECHNOLOGIES, Inc.)
S3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [44544 2009-08-24] (AzureWave Technologies, Inc.)
S3 mod7700; C:\Windows\System32\Drivers\mod7700.sys [914816 2010-11-19] (DiBcom SA)
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [13824 2007-10-19] (DiBcom S.A.)
S3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation)
S0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [14720 2007-05-31] (Sony Corporation)
S3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation)
S3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2007-08-03] (Sony Corporation)
S3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [807424 2007-03-19] (Texas Instruments)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S1 aswKbd; \SystemRoot\system32\drivers\aswKbd.sys [X]
S0 aswNdisFlt; system32\DRIVERS\aswNdisFlt.sys [X]
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 21:34 - 2014-12-26 21:35 - 00000000 ____D () C:\FRST
2014-12-21 14:03 - 2014-12-21 14:04 - 08005632 _____ () C:\Users\Karin und -\Downloads\10740702_738915292829940_375938359_n.pps
2014-12-20 19:46 - 2014-12-20 19:46 - 00000000 ____D () C:\avast! sandbox
2014-12-18 09:17 - 2014-12-18 09:17 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (11).cab
2014-12-17 18:36 - 2014-12-17 18:36 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (69).vpx
2014-12-17 11:24 - 2014-12-17 11:24 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (68).vpx
2014-12-17 11:24 - 2014-12-17 11:24 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (67).vpx
2014-12-17 08:47 - 2014-12-17 08:47 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (66).vpx
2014-12-17 04:16 - 2014-12-17 04:16 - 00000005 _____ () C:\Users\Karin und -\Downloads\MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ-xkCfyHfJr7GQ6M658NRZ4SHo-AQUCPVR6Pv+PT1kNnxoz1t4qN+5xTcCEGf0qAJGPfJPhE
2014-12-16 18:16 - 2014-12-16 18:16 - 00000706 _____ () C:\Users\Karin und -\Downloads\GIAG2.crl
2014-12-16 18:16 - 2014-12-16 18:16 - 00000706 _____ () C:\Users\Karin und -\Downloads\GIAG2 (1).crl
2014-12-16 15:00 - 2014-12-16 15:00 - 00000727 _____ () C:\Users\Karin und -\Downloads\mswww(6).crl
2014-12-16 12:44 - 2014-12-16 12:44 - 00000561 _____ () C:\Users\Karin und -\Downloads\WinPCA.crl
2014-12-16 08:59 - 2014-12-16 09:00 - 00002339 _____ () C:\Users\Karin und -\Downloads\servers.def (43).vpx
2014-12-15 22:14 - 2014-12-15 22:14 - 00002339 _____ () C:\Users\Karin und -\Downloads\servers.def (42).vpx
2014-12-15 12:34 - 2014-12-15 12:34 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (65).vpx
2014-12-15 07:58 - 2014-12-15 07:58 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (9).cab
2014-12-15 07:58 - 2014-12-15 07:58 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (10).cab
2014-12-15 06:04 - 2014-12-15 06:04 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (64).vpx
2014-12-14 10:59 - 2014-12-14 10:59 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (63).vpx
2014-12-13 19:16 - 2014-12-13 19:16 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (62).vpx
2014-12-13 08:59 - 2014-12-13 08:59 - 00002339 _____ () C:\Users\Karin und -\Downloads\servers.def (41).vpx
2014-12-12 13:59 - 2014-12-12 13:59 - 00002339 _____ () C:\Users\Karin und -\Downloads\servers.def (40).vpx
2014-12-12 13:59 - 2014-12-12 13:59 - 00002339 _____ () C:\Users\Karin und -\Downloads\servers.def (39).vpx
2014-12-12 06:58 - 2014-12-12 06:59 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (61).vpx
2014-12-11 18:43 - 2014-12-11 18:43 - 00002339 _____ () C:\Users\Karin und -\Downloads\servers.def (38).vpx
2014-12-11 07:38 - 2014-12-11 07:38 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (60).vpx
2014-12-10 16:04 - 2014-12-10 16:04 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (59).vpx
2014-12-10 12:00 - 2014-12-10 12:00 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (58).vpx
2014-12-10 11:29 - 2014-12-10 11:29 - 00000000 ____D () C:\Windows\System32\appraiser
2014-12-10 11:26 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2014-12-10 09:18 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2014-12-10 09:18 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2014-12-10 09:18 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2014-12-10 09:18 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2014-12-10 09:18 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-12-10 09:18 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2014-12-10 09:18 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-12-10 09:18 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2014-12-10 09:18 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-12-10 09:18 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-12-10 09:18 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-12-10 09:18 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-12-10 09:18 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-12-10 09:18 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2014-12-10 09:17 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-12-10 09:17 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-12-10 09:17 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-12-10 09:17 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-12-10 09:17 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-12-10 09:17 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-12-10 09:17 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-12-10 09:17 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-12-10 09:17 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-12-10 09:17 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-12-10 09:17 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-12-10 09:17 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-12-10 09:17 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-12-10 09:17 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-12-10 09:17 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-12-10 09:17 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-12-10 09:17 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-12-10 09:17 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-12-10 09:17 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-12-10 09:17 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-12-10 09:17 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-12-10 09:17 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-12-10 09:17 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-12-10 09:17 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-12-10 09:17 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-12-10 09:17 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-12-10 09:16 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-12-10 09:16 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\System32\charmap.exe
2014-12-10 09:16 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2014-12-10 09:16 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-10 09:16 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll
2014-12-10 09:16 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll
2014-12-10 09:16 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe
2014-12-09 13:27 - 2014-12-09 13:27 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (37).vpx
2014-12-09 11:12 - 2014-12-09 11:12 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (36).vpx
2014-12-09 11:12 - 2014-12-09 11:12 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (35).vpx
2014-12-09 10:22 - 2014-12-09 10:22 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (8).cab
2014-12-09 10:22 - 2014-12-09 10:22 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (7).cab
2014-12-09 07:28 - 2014-12-09 07:28 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (34).vpx
2014-12-08 23:35 - 2014-12-08 23:35 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (33).vpx
2014-12-08 23:35 - 2014-12-08 23:35 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (32).vpx
2014-12-08 21:20 - 2014-12-08 21:20 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (57).vpx
2014-12-08 17:31 - 2014-12-08 17:31 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (56).vpx
2014-12-08 15:58 - 2014-12-08 15:58 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (6).cab
2014-12-08 15:58 - 2014-12-08 15:58 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (5).cab
2014-12-08 08:07 - 2014-12-08 08:07 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (55).vpx
2014-12-08 08:07 - 2014-12-08 08:07 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (54).vpx
2014-12-07 19:00 - 2014-12-07 19:01 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (4).cab
2014-12-07 15:14 - 2014-12-07 15:14 - 00002343 _____ () C:\Users\Karin und -\Downloads\servers.def (31).vpx
2014-12-07 13:40 - 2014-12-07 13:40 - 04546599 _____ () C:\Users\Karin und -\Documents\1207134021DVB-TWDR Bielefeld.mpg
2014-12-07 08:37 - 2014-12-07 08:37 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (53).vpx
2014-12-06 23:16 - 2014-12-06 23:16 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (3).cab
2014-12-06 17:40 - 2014-12-06 17:40 - 00000588 _____ () C:\Users\Karin und -\Downloads\MicWinHarComPCA_2010-11-01.crl
2014-12-06 14:59 - 2014-12-07 14:25 - 00002049 _____ () C:\Users\Public\Desktop\TVCenter.lnk
2014-12-06 14:59 - 2014-12-06 14:59 - 00000000 ____D () C:\Program Files\PCTV Systems
2014-12-06 14:59 - 2014-12-06 14:59 - 00000000 ____D () C:\Program Files\Common Files\PCTV Systems
2014-12-06 14:56 - 2014-12-06 15:03 - 00000000 ____D () C:\ProgramData\PCTV Systems
2014-12-06 14:54 - 2014-12-07 14:23 - 00000000 ____D () C:\Users\Karin und -\Downloads\TVCenter Installation
2014-12-06 14:47 - 2014-12-06 14:53 - 590141104 _____ (PCTV Systems) C:\Users\Karin und -\Downloads\PCTVSystems_TVCenter_Setup_6.4.9.1033.exe
2014-12-06 11:08 - 2014-12-06 11:08 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (52).vpx
2014-12-05 15:08 - 2014-12-05 15:08 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (51).vpx
2014-12-05 15:08 - 2014-12-05 15:08 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (50).vpx
2014-12-05 08:18 - 2014-12-05 08:18 - 00006408 _____ () C:\Users\Karin und -\Downloads\disallowedcertstl (1).cab
2014-12-04 20:41 - 2014-12-04 20:41 - 00000550 _____ () C:\Users\Karin und -\Downloads\MicrosoftTimeStampPCA (5).crl
2014-12-04 08:09 - 2014-12-04 08:09 - 00000573 _____ () C:\Users\Karin und -\Downloads\Microsoft Windows Hardware Compatibility PCA(1).crl
2014-12-03 16:57 - 2014-12-03 16:57 - 00002298 _____ () C:\Users\Karin und -\Downloads\servers.def (30).vpx
2014-12-03 16:57 - 2014-12-03 16:57 - 00002298 _____ () C:\Users\Karin und -\Downloads\servers.def (29).vpx
2014-12-03 07:28 - 2014-12-03 07:28 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (49).vpx
2014-12-03 00:02 - 2014-12-03 00:02 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (2).cab
2014-12-03 00:02 - 2014-12-03 00:02 - 00023603 _____ () C:\Users\Karin und -\Downloads\v6-win7sp1-wuredir (1).cab
2014-12-02 04:48 - 2014-12-02 04:48 - 00000550 _____ () C:\Users\Karin und -\Downloads\MicrosoftTimeStampPCA (4).crl
2014-12-01 08:39 - 2014-12-01 08:39 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (48).vpx
2014-12-01 03:56 - 2014-12-01 03:56 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (47).vpx
2014-11-30 22:00 - 2014-11-30 22:00 - 00000550 _____ () C:\Users\Karin und -\Downloads\MicrosoftTimeStampPCA (3).crl
2014-11-30 22:00 - 2014-11-30 22:00 - 00000550 _____ () C:\Users\Karin und -\Downloads\MicrosoftTimeStampPCA (2).crl
2014-11-30 18:20 - 2014-11-30 18:20 - 00002322 _____ () C:\Users\Karin und -\Downloads\servers.def (28).vpx
2014-11-30 18:20 - 2014-11-30 18:20 - 00002322 _____ () C:\Users\Karin und -\Downloads\servers.def (27).vpx
2014-11-30 14:40 - 2014-11-30 14:40 - 00000550 _____ () C:\Users\Karin und -\Downloads\MicrosoftTimeStampPCA (1).crl
2014-11-30 08:42 - 2014-11-30 08:42 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (46).vpx
2014-11-29 21:05 - 2014-11-29 21:05 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (45).vpx
2014-11-29 06:58 - 2014-11-29 06:58 - 00002322 _____ () C:\Users\Karin und -\Downloads\servers.def (26).vpx
2014-11-29 04:02 - 2014-11-29 04:02 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (44).vpx
2014-11-28 05:28 - 2014-11-28 05:28 - 00002322 _____ () C:\Users\Karin und -\Downloads\servers.def (25).vpx
2014-11-27 20:24 - 2014-11-27 20:24 - 00002322 _____ () C:\Users\Karin und -\Downloads\servers.def (24).vpx
2014-11-27 13:06 - 2014-11-27 13:06 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (43).vpx
2014-11-27 06:13 - 2014-11-27 06:13 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (42).vpx
2014-11-26 08:14 - 2014-11-26 08:14 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (41).vpx
2014-11-26 08:14 - 2014-11-26 08:14 - 00000359 _____ () C:\Users\Karin und -\Downloads\prod-ais (40).vpx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 20:49 - 2014-05-08 19:27 - 04457535 _____ () C:\Windows\setupact.log
2014-12-22 18:19 - 2013-03-22 14:34 - 00262926 _____ () C:\Windows\PFRO.log
2014-12-22 17:25 - 2013-03-22 15:23 - 01130956 _____ () C:\Windows\WindowsUpdate.log
2014-12-22 17:04 - 2013-03-22 13:59 - 00023824 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 17:04 - 2013-03-22 13:59 - 00023824 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 16:58 - 2014-07-12 13:08 - 00002049 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-12-22 16:58 - 2013-06-21 21:26 - 00414392 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-12-22 16:58 - 2013-06-21 21:25 - 00779536 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsnx.sys
2014-12-22 16:46 - 2013-05-18 10:04 - 00000000 ____D () C:\users\Karin und -
2014-12-22 16:46 - 2013-03-22 14:02 - 00000000 ____D () C:\users\Admin
2014-12-22 16:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\wfp
2014-12-22 16:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-12-22 16:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-12-22 16:27 - 2013-05-18 10:04 - 00020580 _____ () C:\Users\Karin und -\AppData\Roaming\nvModes.001
2014-12-21 15:41 - 2014-05-16 06:00 - 00000000 ____D () C:\Users\Karin und -\Desktop\Bewerbungsunterlagen-1
2014-12-18 08:54 - 2014-11-13 19:48 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-12-17 13:58 - 2013-07-02 18:13 - 00000000 ____D () C:\Users\Karin und -\Desktop\Karin und Jasmin
2014-12-17 11:25 - 2013-03-22 15:32 - 01619284 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-12-11 19:04 - 2013-03-21 15:07 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-12-11 19:04 - 2013-03-21 15:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-12-11 08:06 - 2013-05-18 10:04 - 00000000 ____D () C:\Users\Karin und -\AppData\Local\Microsoft Help
2014-12-10 11:29 - 2014-05-08 02:27 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-12-10 11:29 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\de-DE
2014-12-10 11:29 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 11:27 - 2007-06-27 15:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 11:25 - 2013-10-03 09:59 - 00000000 ____D () C:\Windows\System32\MRT
2014-12-10 11:17 - 2013-03-22 22:51 - 109818608 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-12-08 11:39 - 2014-06-16 08:16 - 00000000 ____D () C:\Users\Karin und -\Desktop\Hausarbeit
2014-12-07 14:43 - 2014-11-15 09:26 - 00000000 ____D () C:\Users\Karin und -\Documents\AVerTV
2014-11-27 20:14 - 2013-08-08 17:10 - 00000000 ____D () C:\Users\Karin und -\Documents\Calibre-Bibliothek
2014-11-27 08:49 - 2014-06-17 15:18 - 00000000 ____D () C:\Users\Karin und -\Documents\My Publications

Some content of TEMP:
====================
C:\Users\Karin und -\AppData\Local\Temp\{2461E6EB-7A9A-4C36-820B-80E8C8BF8B74}-39.0.2171.95_39.0.2171.71_chrome_updater.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2014-10-15 06:42] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2014-12-22 16:56:01

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 2046.43 MB
Available physical RAM: 1630.98 MB
Total Pagefile: 2046.43 MB
Available Pagefile: 1633.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.53 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:102.48 GB) (Free:22.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:9.31 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:7.43 GB) (Free:7.42 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 49EB8221)
Partition 1: (Not Active) - (Size=9.3 GB) - (Type=27)
Partition 2: (Active) - (Size=102.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.4 GB) - (Type=0C)


LastRegBack: 2014-12-05 09:03

==================== End Of Log ============================
--- --- ---

schrauber 26.12.2014 22:11
hi,

Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-12] ()
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Schnubbtator 28.12.2014 12:27
Getan:

Zitat:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-12-2014
Ran by SYSTEM at 2014-12-28 12:24:30 Run:1
Running from F:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X] S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-12] ()
*****************

avast! Firewall => Service deleted successfully.

==== End of Fixlog 12:24:34 ====

schrauber 28.12.2014 19:31
In meinem Fix oben standen 2 Zeilen, nicht nur eine. Bitte wiederholen, dann schauen ob der Rechner bootet. :)

Schnubbtator 28.12.2014 20:08
Läuft leider immer noch nicht.. :/

Zitat:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-12-2014
Ran by SYSTEM at 2014-12-28 20:01:40 Run:2
Running from F:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-12] ()
*****************

avast! Firewall => Service not found.
aswRvrt => Service deleted successfully.

==== End of Fixlog 20:01:41 ====

schrauber 29.12.2014 16:54
Und Du kommst ganz sicher, zu 100%, nicht in irgend einen der 3 Safe Modes?


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27