Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Websiten werden von mehreren Browsern nicht geladen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.08.2013, 15:29   #1
Morphisto
 
Websiten werden von mehreren Browsern nicht geladen. - Standard

Websiten werden von mehreren Browsern nicht geladen.



Bei allen drei Brosern ist es das gleiche ob Chrome, Firefox oder IE.
Ich habe eine stabile Verbindung, andere Geräte bestätigen das.
Websiten brauchen um geladen zu werden ca. 30 Minuten und mehrfaches neuladen.
Alleine die Google Sucheergebnisse kommen wie gewohnt schnell, will ich auf einen der externen Seiten habe ich wieder das Alte Problem.
Ich würde sehr gerne klären ob es sich um eine Infektion oder anderes Problem handelt bevor ich mit weiteren Schritten fortfahre.
MfG Thore

Hier die Logfiles:

HijackThis:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:59, on 24.08.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Thore\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Qualcomm Atheros Killer Network Manager.lnk = C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9573 bytes
         
FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-08-2013
Ran by Thore (administrator) on 26-08-2013 15:34:44
Running from C:\Users\Thore\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7016520 2013-02-05] (Realtek Semiconductor)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKLM-x32\...\Run: [StereoLinksInstall] - "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1 [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 05 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 06 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 17 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 17 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Thore\AppData\Roaming\Mozilla\Firefox\Profiles\o3jwodo8.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Extension: (Google Docs) - C:\Users\Thore\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Thore\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Thore\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Thore\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\Thore\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob\0.3.3_0
CHR Extension: (Gmail) - C:\Users\Thore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [497664 2013-02-19] ()

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-05] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-05] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-02-19] (Qualcomm Atheros, Inc.)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-02-19] (Qualcomm Atheros, Inc.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 MSICDSetup; \??\E:\CDriver64.sys [x]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-26 15:34 - 2013-08-26 15:34 - 00000000 ____D C:\FRST
2013-08-26 15:34 - 2013-08-26 15:34 - 00000000 _____ C:\Users\Thore\defogger_reenable
2013-08-26 15:33 - 2013-08-26 15:33 - 00377856 _____ C:\Users\Thore\Downloads\gmer_2.1.19163.exe
2013-08-26 15:32 - 2013-08-26 15:32 - 01577068 _____ (Farbar) C:\Users\Thore\Downloads\FRST64.exe
2013-08-26 15:32 - 2013-08-26 15:32 - 00050477 _____ C:\Users\Thore\Downloads\Defogger.exe
2013-08-26 15:09 - 2013-08-26 15:09 - 00001616 _____ C:\Users\Thore\Desktop\OUTLOOK.lnk
2013-08-25 20:57 - 2013-08-26 14:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 20:57 - 2013-08-25 20:57 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-25 20:57 - 2013-08-25 20:57 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-25 20:57 - 2013-08-25 20:57 - 00000000 ____D C:\Users\Thore\AppData\Roaming\Macromedia
2013-08-25 20:57 - 2013-08-25 20:57 - 00000000 ____D C:\Users\Thore\AppData\Local\Macromedia
2013-08-25 20:56 - 2013-08-25 20:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-25 20:56 - 2013-08-25 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-08-25 20:56 - 2013-08-25 20:56 - 00000000 ____D C:\Windows\system32\Macromed
2013-08-24 19:59 - 2013-08-24 19:59 - 00009574 _____ C:\Users\Thore\Downloads\hijackthis.log
2013-08-24 19:57 - 2013-08-24 19:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\Thore\Downloads\HiJackThis204.exe
2013-08-24 19:57 - 2013-08-24 19:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\Thore\Downloads\HiJackThis204 (1).exe
2013-08-24 19:41 - 2013-08-24 19:41 - 00000000 ____D C:\Users\Thore\AppData\Roaming\Mozilla
2013-08-24 19:41 - 2013-08-24 19:41 - 00000000 ____D C:\Users\Thore\AppData\Local\Mozilla
2013-08-24 19:40 - 2013-08-24 19:40 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-24 19:40 - 2013-08-24 19:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-24 19:40 - 2013-08-24 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 10:00 - 2013-08-22 10:00 - 00000000 ____D C:\Users\Thore\Documents\Benutzerdefinierte Office-Vorlagen
2013-08-21 23:07 - 2013-08-21 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2013-08-21 23:05 - 2013-08-24 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-21 23:05 - 2013-08-21 23:05 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-08-21 23:05 - 2013-08-21 23:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-08-21 22:05 - 2013-08-21 22:05 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-08-21 22:04 - 2013-08-21 22:04 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-08-21 22:04 - 2013-08-21 22:04 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-08-21 22:03 - 2013-08-21 22:04 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-08-21 22:03 - 2013-08-21 22:03 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-21 22:01 - 2013-08-21 23:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-21 22:01 - 2013-08-21 22:03 - 00000000 ____D C:\Program Files\Microsoft Office
2013-08-21 22:01 - 2013-08-21 22:01 - 00000000 ____D C:\Users\Thore\AppData\Local\Microsoft Help
2013-08-21 22:01 - 2013-08-21 22:01 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-08-21 22:01 - 2013-08-21 22:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
         
Adition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-08-2013
Ran by Thore at 2013-08-26 15:35:50
Running from C:\Users\Thore\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x32)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Google Chrome (x32 Version: 28.0.1500.95)
Google Update Helper (x32 Version: 1.3.21.153)
itech Webcam Software Driver Package (Version: 12.10.1110)
Logitech Vid (x32 Version: 1.10.1009)
Logitech Webcam Software (Version: 12.10.1113)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
NVIDIA Control Panel 320.49 (Version: 320.49)
NVIDIA Graphics Driver 320.49 (Version: 320.49)
NVIDIA HD Audio Driver 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.543)
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.543)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6839)
Skype™ 6.7 (x32 Version: 6.7.102)
StarCraft II (x32 Version: 2.0.10.26585)
TeamSpeak 3 Client (x32 Version: 3.0.11.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition
Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition
VLC media player 2.0.8 (x32 Version: 2.0.8)

==================== Restore Points  =========================

15-08-2013 14:39:04 Windows Update
15-08-2013 20:30:36 Logitech Webcam Software v12.10.1110
20-08-2013 13:37:02 Windows Update
21-08-2013 20:00:39 Installed Microsoft Office Professional Plus 2013
21-08-2013 20:00:54 PROPLUS
21-08-2013 21:03:08 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1D99C18F-A746-45D6-B05F-46265CDBB4DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {543BF0C3-F52B-4D6F-9FEC-283A9169032C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {99438484-0BD0-453B-B542-1AD6AA895249} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-25] (Adobe Systems Incorporated)
Task: {C6F27CDC-20FC-45C2-8F3B-D21ABEF1638E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {D3732246-54C2-47F5-B37F-4219F5BA874C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {DF257A2B-A834-4DD7-84AC-174428BE4572} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {EAA513A5-74CE-4EB5-9BDB-1D15548B50FA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {F9FF543F-CFC5-497D-8C4C-6F61609F2815} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


==================== Faulty Device Manager Devices =============

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2013 03:00:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/17/2013 01:34:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2013 10:28:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2013 10:28:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2013 10:28:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2013 04:19:12 PM) (Source: ESENT) (User: )
Description: WinMail (2980) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/09/2013 04:19:05 PM) (Source: ESENT) (User: )
Description: WinMail (2948) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/05/2013 10:01:56 PM) (Source: Application Hang) (User: )
Description: The program TeamSpeak3-Client-win32-3.0.11.exe version 3.0.11.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9c0

Start Time: 01ce9212b84169f3

Termination Time: 1

Application Path: C:\Users\Thore\Downloads\TeamSpeak3-Client-win32-3.0.11.exe

Report Id:

Error: (08/05/2013 09:39:07 PM) (Source: MsiInstaller) (User: Thore-PC)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.1",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {AE56AAF5-F3C0-3D4B-8859-A1E50A3E27BF}


System errors:
=============
Error: (08/26/2013 02:47:18 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (08/26/2013 02:46:49 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
         
GMER:
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-26 15:42:47
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31000528AS rev.CC38 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Thore\AppData\Local\Temp\ugloipob.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 544                                                                       fffff800031ac000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 590                                                                       fffff800031ac02e 17 bytes [01, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Windows\system32\wininit.exe[676] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\system32\services.exe[744] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[880] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\system32\nvvsvc.exe[960] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                000000007774eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1004] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Windows\system32\winlogon.exe[132] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Windows\System32\svchost.exe[368] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\System32\svchost.exe[464] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[580] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[812] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\system32\AUDIODG.EXE[1112] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1264] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1360] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                     000000007774eecd 1 byte [62]
.text     C:\Windows\system32\nvvsvc.exe[1368] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               000000007774eecd 1 byte [62]
.text     C:\Windows\Explorer.EXE[1588] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                      000000007774eecd 1 byte [62]
.text     C:\Windows\System32\spoolsv.exe[1752] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Windows\system32\taskhost.exe[1764] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                             000000007774eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1816] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1980] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                 00000000762ea30a 1 byte [62]
.text     C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[1404] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                   000000007774eecd 1 byte [62]
.text     C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe[1036] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189      000000007774eecd 1 byte [62]
.text     C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe[1668] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112             00000000762ea30a 1 byte [62]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                         00000000762ea30a 1 byte [62]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35                               00000000749311a8 2 bytes [93, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 385                              0000000074931306 2 bytes CALL ac2d40 C:\Windows\TEMP\logishrd\LVPrcInj01.dll
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21                         00000000749313a8 2 bytes [93, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21                             0000000074931422 2 bytes [93, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19                      0000000074931498 2 bytes [93, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195           0000000074331b41 2 bytes [33, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362           0000000074331be8 2 bytes [33, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418           0000000074331c20 2 bytes [33, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596           0000000074331cd2 2 bytes [33, 74]
.text     C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe[2452] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628           0000000074331cf2 2 bytes [33, 74]
.text     C:\Program Files\AVAST Software\Avast\AvastUI.exe[2684] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                            00000000762ea30a 1 byte [62]
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3044] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                       000000007774eecd 1 byte [62]
.text     C:\Windows\system32\SearchIndexer.exe[2940] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                        000000007774eecd 1 byte [62]
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory     0000000077b0fac0 5 bytes JMP 0000000100030600
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory         0000000077b0fb58 5 bytes JMP 0000000100030804
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess          0000000077b0fcb0 5 bytes JMP 0000000100030c0c
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory      0000000077b10038 5 bytes JMP 0000000100030a08
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread          0000000077b11920 5 bytes JMP 0000000100030e10
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                  0000000077b2c4dd 5 bytes JMP 00000001000301f8
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                0000000077b31287 5 bytes JMP 00000001000303fc
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112     00000000762ea30a 1 byte [62]
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000077381465 2 bytes [38, 77]
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000773814bb 2 bytes [38, 77]
.text     ...                                                                                                                                      * 2
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\USER32.dll!SetWinEventHook            00000000755dee09 5 bytes JMP 00000001000901f8
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\USER32.dll!UnhookWinEvent             00000000755e3982 5 bytes JMP 00000001000903fc
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW          00000000755e7603 5 bytes JMP 0000000100090804
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA          00000000755e835c 5 bytes JMP 0000000100090600
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx        00000000755ff52b 5 bytes JMP 0000000100090a08
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity  0000000075ad5181 5 bytes JMP 00000001000a1014
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA      0000000075ad5254 5 bytes JMP 00000001000a0804
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigW      0000000075ad53d5 5 bytes JMP 00000001000a0a08
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2A     0000000075ad54c2 5 bytes JMP 00000001000a0c0c
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W     0000000075ad55e2 5 bytes JMP 00000001000a0e10
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!CreateServiceA            0000000075ad567c 5 bytes JMP 00000001000a01f8
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!CreateServiceW            0000000075ad589f 5 bytes JMP 00000001000a03fc
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4816] C:\Windows\SysWOW64\sechost.dll!DeleteService             0000000075ad5a22 5 bytes JMP 00000001000a0600
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll                                                         0000000077933b10 5 bytes JMP 000000010037075c
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                                                           0000000077937ac0 5 bytes JMP 00000001003703a4
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory                                              0000000077961430 5 bytes JMP 0000000100370b14
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory                                                  0000000077961490 5 bytes JMP 0000000100370ecc
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess                                                   0000000077961570 5 bytes JMP 000000010037163c
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory                                               00000000779617b0 5 bytes JMP 0000000100371284
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                   00000000779627e0 5 bytes JMP 00000001003719f4
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189                                              000000007774eecd 1 byte [62]
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity                                           000007fefe0a6e00 5 bytes JMP 000007ff7e0c1dac
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                                               000007fefe0a6f2c 5 bytes JMP 000007ff7e0c0ecc
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                                               000007fefe0a7220 5 bytes JMP 000007ff7e0c1284
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                                              000007fefe0a739c 5 bytes JMP 000007ff7e0c163c
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                                              000007fefe0a7538 5 bytes JMP 000007ff7e0c19f4
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                                                     000007fefe0a75e8 5 bytes JMP 000007ff7e0c03a4
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                                                     000007fefe0a790c 5 bytes JMP 000007ff7e0c075c
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\SYSTEM32\sechost.dll!DeleteService                                                      000007fefe0a7ab4 5 bytes JMP 000007ff7e0c0b14
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\system32\USER32.dll!UnhookWinEvent                                                      0000000077818550 5 bytes JMP 000000010064075c
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\system32\USER32.dll!UnhookWindowsHookEx                                                 000000007781d440 5 bytes JMP 0000000100641284
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\system32\USER32.dll!SetWindowsHookExW                                                   000000007781f874 5 bytes JMP 0000000100640ecc
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\system32\USER32.dll!SetWinEventHook                                                     0000000077824d4c 5 bytes JMP 00000001006403a4
.text     C:\Windows\System32\svchost.exe[1492] C:\Windows\system32\USER32.dll!SetWindowsHookExA                                                   0000000077838c20 5 bytes JMP 0000000100640b14
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll                    0000000077933b10 5 bytes JMP 00000001002a075c
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                      0000000077937ac0 5 bytes JMP 00000001002a03a4
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory         0000000077961430 5 bytes JMP 00000001002a0b14
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory             0000000077961490 5 bytes JMP 00000001002a0ecc
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess              0000000077961570 5 bytes JMP 00000001002a163c
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory          00000000779617b0 5 bytes JMP 00000001002a1284
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread              00000000779627e0 5 bytes JMP 00000001002a19f4
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189         000000007774eecd 1 byte [62]
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity      000007fefe0a6e00 5 bytes JMP 000007ff7e0c1dac
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA          000007fefe0a6f2c 5 bytes JMP 000007ff7e0c0ecc
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW          000007fefe0a7220 5 bytes JMP 000007ff7e0c1284
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A         000007fefe0a739c 5 bytes JMP 000007ff7e0c163c
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W         000007fefe0a7538 5 bytes JMP 000007ff7e0c19f4
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                000007fefe0a75e8 5 bytes JMP 000007ff7e0c03a4
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                000007fefe0a790c 5 bytes JMP 000007ff7e0c075c
.text     C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE[2504] C:\Windows\SYSTEM32\sechost.dll!DeleteService                 000007fefe0a7ab4 5 bytes JMP 000007ff7e0c0b14
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity                                           000007fefe0a6e00 5 bytes JMP 000007ff7e0c1dac
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                                               000007fefe0a6f2c 5 bytes JMP 000007ff7e0c0ecc
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                                               000007fefe0a7220 5 bytes JMP 000007ff7e0c1284
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                                              000007fefe0a739c 5 bytes JMP 000007ff7e0c163c
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                                              000007fefe0a7538 5 bytes JMP 000007ff7e0c19f4
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                                                     000007fefe0a75e8 5 bytes JMP 000007ff7e0c03a4
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                                                     000007fefe0a790c 5 bytes JMP 000007ff7e0c075c
.text     C:\Windows\System32\svchost.exe[2200] C:\Windows\SYSTEM32\sechost.dll!DeleteService                                                      000007fefe0a7ab4 5 bytes JMP 000007ff7e0c0b14
.text     C:\Users\Thore\Downloads\gmer_2.1.19163.exe[5116] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  00000000762ea30a 1 byte [62]

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Type                                                                                     2
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Start                                                                                    2
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@ErrorControl                                                                             1
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DisplayName                                                                              aswFsBlk
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Group                                                                                    FSFilter Activity Monitor
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DependOnService                                                                          FltMgr?
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Description                                                                              avast! mini-filter driver (aswFsBlk)
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Tag                                                                                      2
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances                                                                                
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances@DefaultInstance                                                                aswFsBlk Instance
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance                                                              
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude                                                     388400
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Flags                                                        0
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk                                                                                          
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Type                                                                                    2
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Start                                                                                   2
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ErrorControl                                                                            1
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ImagePath                                                                               \??\C:\Windows\system32\drivers\aswMonFlt.sys
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DisplayName                                                                             aswMonFlt
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Group                                                                                   FSFilter Anti-Virus
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DependOnService                                                                         FltMgr?
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Description                                                                             avast! mini-filter driver (aswMonFlt)
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances                                                                               
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances@DefaultInstance                                                               aswMonFlt Instance
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance                                                            
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude                                                   320700
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Flags                                                      0
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt                                                                                         
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ImagePath                                                                                  \SystemRoot\System32\Drivers\aswrdr2.sys
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Type                                                                                       1
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Start                                                                                      1
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ErrorControl                                                                               1
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DisplayName                                                                                aswRdr
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Group                                                                                      PNP_TDI
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DependOnService                                                                            tcpip?
Reg       HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Description
         

Alt 26.08.2013, 15:38   #2
markusg
/// Malware-holic
 
Websiten werden von mehreren Browsern nicht geladen. - Standard

Websiten werden von mehreren Browsern nicht geladen.



Hi,
es sind 2 Logs zu erstellen, bitte gleichzeitig posten.
1.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


2.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Antwort

Themen zu Websiten werden von mehreren Browsern nicht geladen.
acrobat update, adobe, alert, antivirus, avast, bho, browser, defender, desktop, failed, farbar, farbar recovery scan tool, firefox, firefox 23.0.1, flash player, google, hkus\s-1-5-18, installation, internet, internet explorer, ladezeiten, monitor, mozilla, msiinstaller, ntdll.dll, office 2013, outlook 2013, realtek, registry, required, security, senden, services.exe, software, svchost.exe, taskhost.exe, windows, word 2013



Ähnliche Themen: Websiten werden von mehreren Browsern nicht geladen.


  1. Problem bei Flashplayer Installation und Websiten werden nicht mehr richtig angezeigt
    Log-Analyse und Auswertung - 10.07.2014 (9)
  2. Websites werden nicht geladen
    Log-Analyse und Auswertung - 14.11.2013 (22)
  3. Benutzerprofil kann nicht geladen werden
    Plagegeister aller Art und deren Bekämpfung - 23.08.2013 (2)
  4. Einige Seiten werden nicht geladen!
    Log-Analyse und Auswertung - 03.02.2013 (2)
  5. Seite konnte nicht geladen werden, Abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (2)
  6. Seite konnte nicht geladen werden, Abgesicherter Modus geht nicht
    Alles rund um Windows - 16.03.2012 (16)
  7. Firefox: google-geht nicht, Websiten werden umgeleiten! Virus?
    Plagegeister aller Art und deren Bekämpfung - 19.09.2011 (3)
  8. Websiten werden zufällig nicht geladen!
    Log-Analyse und Auswertung - 13.04.2011 (6)
  9. Falsche Internet Seiten werden geladen, Schlechte Performence, USB Sticks werden nicht erkannt
    Log-Analyse und Auswertung - 08.04.2011 (19)
  10. Windows XP - Benutzereinstellungen werden nicht geladen
    Alles rund um Windows - 30.01.2011 (1)
  11. Benutzerprofil kann nicht geladen werden
    Alles rund um Windows - 21.03.2010 (1)
  12. efcccyVN.dll konnte nicht geladen werden
    Plagegeister aller Art und deren Bekämpfung - 02.10.2008 (1)
  13. Internetseiten werden nicht geladen
    Log-Analyse und Auswertung - 03.06.2008 (1)
  14. Einzelne Websiten werden nicht geladen.
    Alles rund um Windows - 18.05.2008 (7)
  15. Bilder werden nicht geladen...
    Plagegeister aller Art und deren Bekämpfung - 06.02.2007 (5)
  16. Seiten werden nicht mehr geladen ..
    Log-Analyse und Auswertung - 13.01.2006 (10)
  17. Seiten werden nicht geladen XP2
    Alles rund um Windows - 11.06.2005 (5)

Zum Thema Websiten werden von mehreren Browsern nicht geladen. - Bei allen drei Brosern ist es das gleiche ob Chrome, Firefox oder IE. Ich habe eine stabile Verbindung, andere Geräte bestätigen das. Websiten brauchen um geladen zu werden ca. 30 - Websiten werden von mehreren Browsern nicht geladen....
Archiv
Du betrachtest: Websiten werden von mehreren Browsern nicht geladen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.