Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Wiederholtes Piepen, dann Absturz

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.09.2013, 19:58   #1
uupiak
 
Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



Das problem, das ich beschreibe, wurde zwar schon in einem anderen beitrag beschrieben, aber vielleicht gibt es ja noch andere wege um es zu lösen.
Was passiert, um es abzukürzen, ist, dass mein laptop (windows 7) neuerdings nach dem hochfahren, nach einem zeitraum von 2-15 minuten, irgendwann anfängt zu piepen, und dann nach ca. 20 sekunden abstürzt.
Das problem hab ich erst seitdem ich zum ersten mal in dieses öffentliche netzwerk gegangen bin, deshalb würde es mich nicht wundern, wenn es durch einen virus hervorgerrufen wird. Ausserdem kommt keine error meldung oder ähnliches, die das erklärt, deshalb glaub ich mal nicht, das das so sein sollte.
Auffällig ist ausserdem, das im takt mit dem piepen plötzlich die capslock und die numpad lämpchen an der seite blinken, ohne das ich darauf einfluss nehmen kann. Das piepen an sich ist eigentlich ein sich wiederholender, ziemlich lauter nerviger ton, der sich allerdings durch die normalen lauter/ leiser tasten einstellen lässt.
Ich hab mein virenschutzprogramm durchlaufen lassen, und wenn es mal nicht durch das abstürzen unterbrochen wurde, findet es nichts, aber ich gehe nicht davon aus, das das irgendwas bedeutet. Das die hardware schuld ist, glaube ich auch nicht, abgesehen davon, das die lüftung neuerdings nicht mehr arbeitet (?), ansonsten ist der laptop neu und hat bis zuvor prima funktioniert.
Es währ wirklich toll wenn mir irgendjemand helfen könnte.

Alt 20.09.2013, 20:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.09.2013, 20:52   #3
uupiak
 
Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 02
Ran by Marat (administrator) on KAIPUU on 12-09-2013 18:07:53
Running from C:\Users\Marat\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() c:\Program Files (x86)\Hotkey\PowerBiosServer.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Chicony) C:\Program Files (x86)\ChiconyCam\CECAPLF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
() C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020064 2012-02-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-13] (Atheros Commnucations)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2862928 2012-08-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CECAPLF] - C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [121456 2011-07-06] (Chicony)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [OscarEditor] - C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKCU\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2012-12-26] (NEXON Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_7275CEBAC9C3C4C0ADBEBAE3CBDA4C5C] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [829392 2013-09-02] (Google Inc.)
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {6b5ed6c4-5e78-11e2-b0dc-0090f5d50f96} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {a9d61508-6302-11e2-bfb5-0090f5d50f96} - G:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-11-07] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-10] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2254768 2012-11-19] (LogMeIn Inc.)
HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2314416 2013-08-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [260928 2012-02-23] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.claro-search.com/?affID=114508&tt=4612_8&babsrc=HP_clro&mntrId=80ade2ab000000000000844bf516a9f3
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = 
SearchScopes: HKLM - DefaultScope {E45FE5AE-C88A-46E4-9C55-5EF4B5932A34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {E45FE5AE-C88A-46E4-9C55-5EF4B5932A34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {E45FE5AE-C88A-46E4-9C55-5EF4B5932A34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {E45FE5AE-C88A-46E4-9C55-5EF4B5932A34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4612_8&babsrc=SP_clro&mntrId=80ade2ab000000000000844bf516a9f3
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4612_8&babsrc=SP_clro&mntrId=80ade2ab000000000000844bf516a9f3
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Savings Sidekick - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps)
BHO-x32: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 -  No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 -  No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 05 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 06 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 17 %SYSTEMROOT%\system32\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 17 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8

Chrome: 
=======
CHR HomePage: hxxp://isearch.avg.com/?cid={83F3B2E4-CBB2-4C67-9C80-F0B5D5E7EA79}&mid=8ac85864acb947d39e31d1d9b331e665-16892e012357a4bd2f2ebe462618a9b18170c40f&lang=de&ds=tc011&pr=sa&d=2013-02-19 16:38:31&v=15.3.0.11&pid=avg&sg=0&sap=hp
CHR RestoreOnStartup: "hxxp://isearch.avg.com/?cid={83F3B2E4-CBB2-4C67-9C80-F0B5D5E7EA79}&mid=8ac85864acb947d39e31d1d9b331e665-16892e012357a4bd2f2ebe462618a9b18170c40f&lang=de&ds=tc011&pr=sa&d=2013-02-19 16:38:31&v=15.3.0.11&pid=avg&sg=0&sap=hp"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (hxxp://www.facebook.com/) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.11.7.30856_0
CHR Extension: (DealPly) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.5.3.0_0
CHR Extension: (AdBlock) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0
CHR Extension: (SearchPreview) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo\3.0_0
CHR Extension: (Virtual Keyboard) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (AVG Secure Search) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.5.0.2_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Marat\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Marat\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-11-07] (Kaspersky Lab ZAO)
R2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe [2847696 2013-07-26] ()
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [852264 2013-08-16] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-08-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-08-16] ()
R2 PowerBiosServer; c:\Program Files (x86)\Hotkey\PowerBiosServer.exe [33792 2011-02-15] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [490496 2012-07-23] ()
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-04-30] ()
R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-16] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [3364720 2012-07-23] (Qualcomm Atheros, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-16] (AVG Technologies)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2012-07-23] (Qualcomm Atheros, Inc.)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-08-13] (AnchorFree Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-11-07] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-02-13] (Atheros)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-12 18:04 - 2013-09-12 18:03 - 01949642 _____ (Farbar) C:\Users\Marat\Desktop\FRST64.exe
2013-09-12 18:03 - 2013-09-12 18:03 - 01949642 _____ (Farbar) C:\Users\Marat\Downloads\FRST64.exe
2013-09-09 14:37 - 2013-09-09 14:37 - 00017920 ___SH C:\Users\Marat\Downloads\Thumbs.db
2013-09-09 13:20 - 2013-09-09 13:20 - 00001780 _____ C:\Users\Marat\Desktop\Sicherer Browser.lnk
2013-09-08 20:12 - 2013-09-08 20:12 - 00001550 _____ C:\Users\Marat\Desktop\FUNGW - Verknüpfung.lnk
2013-09-07 16:06 - 2013-09-07 16:06 - 00001993 _____ C:\Users\asdafe\Desktop\Joe Bonamassa   Blues Deluxe - Verknüpfung.lnk
2013-09-03 21:06 - 2013-09-11 22:03 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-31 13:43 - 2013-09-11 22:03 - 00003434 _____ C:\Windows\System32\Tasks\Browser Manager
2013-08-28 13:59 - 2013-08-28 13:59 - 00000713 _____ C:\Users\Public\Desktop\C2-FWF.lnk
2013-08-28 13:59 - 2013-08-28 13:59 - 00000000 ____D C:\Users\Marat\AppData\Roaming\C2-FWF
2013-08-28 13:16 - 2013-08-28 13:54 - 343566450 _____ C:\Users\Marat\Downloads\allgrey_c2-fwf_5.3_en.zip
2013-08-24 18:09 - 2013-08-24 18:09 - 00000189 _____ C:\Users\Marat\Downloads\Download (1)
2013-08-24 13:14 - 2013-08-13 01:07 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2013-08-23 18:38 - 2013-08-23 18:38 - 00698656 _____ () C:\Users\Marat\Downloads\Winrar32Bit401_SoftangoDownloader.exe
2013-08-23 18:35 - 2013-08-23 18:35 - 00698656 _____ () C:\Users\Marat\Downloads\Zip_SoftangoDownloader.exe
2013-08-23 18:10 - 2013-08-23 18:32 - 207275597 _____ C:\Users\Marat\Downloads\Berlin(1).rar
2013-08-23 18:09 - 2013-08-23 18:10 - 10583611 _____ C:\Users\Marat\Downloads\Joe-Bonamassa.zip
2013-08-16 12:51 - 2013-08-16 12:51 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-08-16 12:50 - 2013-08-16 12:50 - 07876512 _____ (Adobe Systems Inc.) C:\Users\asdafe\Downloads\Shockwave_Installer_Slim.exe
2013-08-16 12:50 - 2013-08-16 12:50 - 07876512 _____ (Adobe Systems Inc.) C:\Users\asdafe\Desktop\Shockwave_Installer_Slim.exe
2013-08-15 14:25 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 14:25 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 14:25 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 14:25 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 14:25 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 14:25 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 14:25 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 14:25 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 14:25 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 14:25 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 14:25 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 14:25 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 14:25 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 14:25 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 10:51 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 10:51 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 10:51 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 10:51 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 10:51 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 10:51 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 10:51 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 10:51 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 10:51 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 10:51 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 10:51 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 10:44 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 10:44 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 10:43 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 10:43 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 10:43 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 10:43 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 10:43 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 10:43 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 10:43 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 10:43 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 10:43 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 10:43 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 10:43 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 10:43 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 10:42 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 10:42 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 14:17 - 2013-08-13 14:17 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2013-08-13 14:17 - 2013-08-13 14:17 - 00000000 ____D C:\Users\Marat\AppData\Roaming\Opera Software
2013-08-13 14:17 - 2013-08-13 14:17 - 00000000 ____D C:\Users\Marat\AppData\Local\Opera Software
2013-08-13 14:17 - 2013-08-13 14:17 - 00000000 ____D C:\Program Files (x86)\Opera
2013-08-13 14:13 - 2013-08-13 14:16 - 31026832 _____ (Opera Software ASA) C:\Users\Marat\Downloads\Opera_15.0.1147.153_Setup.exe
2013-08-13 14:06 - 2013-08-13 14:06 - 00000000 ____D C:\Users\Marat\AppData\Roaming\Unity
2013-08-13 13:56 - 2013-08-13 13:56 - 00000000 ____D C:\Users\Marat\AppData\Local\Unity
2013-08-13 13:55 - 2013-08-13 13:55 - 00648144 _____ (Unity Technologies ApS) C:\Users\Marat\Downloads\UnityWebPlayer.exe

==================== One Month Modified Files and Folders =======

2013-09-12 18:04 - 2013-09-12 18:04 - 00000000 ____D C:\FRST
2013-09-12 18:03 - 2013-09-12 18:04 - 01949642 _____ (Farbar) C:\Users\Marat\Desktop\FRST64.exe
2013-09-12 18:03 - 2013-09-12 18:03 - 01949642 _____ (Farbar) C:\Users\Marat\Downloads\FRST64.exe
2013-09-12 18:01 - 2012-11-07 12:28 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-12 18:00 - 2012-11-07 12:06 - 01524254 _____ C:\Windows\WindowsUpdate.log
2013-09-12 18:00 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-12 18:00 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-12 18:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-12 17:59 - 2012-11-07 12:22 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-11 22:08 - 2011-04-12 09:43 - 00726454 _____ C:\Windows\system32\perfh007.dat
2013-09-11 22:08 - 2011-04-12 09:43 - 00157606 _____ C:\Windows\system32\perfc007.dat
2013-09-11 22:08 - 2009-07-14 07:13 - 01670444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 22:03 - 2013-09-03 21:06 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-11 22:03 - 2013-08-31 13:43 - 00003434 _____ C:\Windows\System32\Tasks\Browser Manager
2013-09-11 22:03 - 2012-11-20 22:33 - 00000000 ____D C:\Users\Marat\AppData\Local\LogMeIn Hamachi
2013-09-11 22:03 - 2012-11-07 12:22 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-11 22:03 - 2012-10-18 10:48 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2013-09-11 22:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-11 22:03 - 2009-07-14 06:51 - 00172926 _____ C:\Windows\setupact.log
2013-09-11 18:47 - 2012-12-26 02:03 - 00000000 ____D C:\Users\Marat\AppData\Roaming\vlc
2013-09-11 18:46 - 2012-12-26 02:05 - 00000000 ____D C:\Users\Marat\AppData\Roaming\dvdcss
2013-09-10 20:21 - 2013-05-07 16:36 - 00007621 _____ C:\Users\Marat\AppData\Local\Resmon.ResmonCfg
2013-09-09 15:01 - 2012-11-19 23:36 - 00000000 ____D C:\Users\Marat\Desktop\Dokumente
2013-09-09 14:37 - 2013-09-09 14:37 - 00017920 ___SH C:\Users\Marat\Downloads\Thumbs.db
2013-09-09 14:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-09 13:20 - 2013-09-09 13:20 - 00001780 _____ C:\Users\Marat\Desktop\Sicherer Browser.lnk
2013-09-08 21:43 - 2012-11-21 00:54 - 00000000 ____D C:\Users\asdafe\AppData\Local\LogMeIn Hamachi
2013-09-08 20:12 - 2013-09-08 20:12 - 00001550 _____ C:\Users\Marat\Desktop\FUNGW - Verknüpfung.lnk
2013-09-07 22:29 - 2012-11-14 00:38 - 00000000 ____D C:\Users\Marat\.gimp-2.8
2013-09-07 21:03 - 2005-03-13 18:17 - 01048576 _____ C:\Users\Marat\Desktop\Pokemon Rot (D).gb
2013-09-07 20:53 - 2012-11-14 20:50 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-09-07 16:17 - 2013-07-01 23:23 - 00000000 ____D C:\Users\asdafe\AppData\Roaming\vlc
2013-09-07 16:06 - 2013-09-07 16:06 - 00001993 _____ C:\Users\asdafe\Desktop\Joe Bonamassa   Blues Deluxe - Verknüpfung.lnk
2013-09-06 21:40 - 2012-12-14 18:03 - 00004146 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-09-06 21:40 - 2012-12-14 17:59 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-09-06 18:17 - 2012-11-07 19:21 - 00000000 ____D C:\Users\Marat\Documents\TubeBox
2013-09-05 19:28 - 2012-11-22 21:43 - 00000000 ____D C:\Users\Marat\AppData\Roaming\.minecraft
2013-09-01 21:48 - 2012-11-16 21:04 - 00000000 ____D C:\Users\Marat\Desktop\Programme
2013-09-01 21:47 - 2012-11-07 12:35 - 00000000 ____D C:\Users\Marat\Desktop\Softwaremüll
2013-08-28 14:01 - 2012-11-08 23:20 - 00000000 ____D C:\Users\Marat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-28 13:59 - 2013-08-28 13:59 - 00000713 _____ C:\Users\Public\Desktop\C2-FWF.lnk
2013-08-28 13:59 - 2013-08-28 13:59 - 00000000 ____D C:\Users\Marat\AppData\Roaming\C2-FWF
2013-08-28 13:54 - 2013-08-28 13:16 - 343566450 _____ C:\Users\Marat\Downloads\allgrey_c2-fwf_5.3_en.zip
2013-08-24 18:09 - 2013-08-24 18:09 - 00000189 _____ C:\Users\Marat\Downloads\Download (1)
2013-08-24 13:14 - 2013-06-28 17:58 - 00001054 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2013-08-24 13:14 - 2013-01-10 22:16 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-08-23 18:38 - 2013-08-23 18:38 - 00698656 _____ () C:\Users\Marat\Downloads\Winrar32Bit401_SoftangoDownloader.exe
2013-08-23 18:35 - 2013-08-23 18:35 - 00698656 _____ () C:\Users\Marat\Downloads\Zip_SoftangoDownloader.exe
2013-08-23 18:32 - 2013-08-23 18:10 - 207275597 _____ C:\Users\Marat\Downloads\Berlin(1).rar
2013-08-23 18:10 - 2013-08-23 18:09 - 10583611 _____ C:\Users\Marat\Downloads\Joe-Bonamassa.zip
2013-08-18 13:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 13:22 - 2012-11-25 18:03 - 00000000 __RHD C:\Users\asdafe\Desktop\,
2013-08-16 12:51 - 2013-08-16 12:51 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-08-16 12:50 - 2013-08-16 12:50 - 07876512 _____ (Adobe Systems Inc.) C:\Users\asdafe\Downloads\Shockwave_Installer_Slim.exe
2013-08-16 12:50 - 2013-08-16 12:50 - 07876512 _____ (Adobe Systems Inc.) C:\Users\asdafe\Desktop\Shockwave_Installer_Slim.exe
2013-08-16 12:48 - 2013-02-19 17:38 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-08-16 12:48 - 2013-02-19 17:38 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2013-08-15 14:14 - 2013-08-08 22:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 14:13 - 2012-11-26 17:27 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 14:17 - 2013-08-13 14:17 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2013-08-13 14:17 - 2013-08-13 14:17 - 00000000 ____D C:\Users\Marat\AppData\Roaming\Opera Software
2013-08-13 14:17 - 2013-08-13 14:17 - 00000000 ____D C:\Users\Marat\AppData\Local\Opera Software
2013-08-13 14:17 - 2013-08-13 14:17 - 00000000 ____D C:\Program Files (x86)\Opera
2013-08-13 14:16 - 2013-08-13 14:13 - 31026832 _____ (Opera Software ASA) C:\Users\Marat\Downloads\Opera_15.0.1147.153_Setup.exe
2013-08-13 14:06 - 2013-08-13 14:06 - 00000000 ____D C:\Users\Marat\AppData\Roaming\Unity
2013-08-13 13:56 - 2013-08-13 13:56 - 00000000 ____D C:\Users\Marat\AppData\Local\Unity
2013-08-13 13:55 - 2013-08-13 13:55 - 00648144 _____ (Unity Technologies ApS) C:\Users\Marat\Downloads\UnityWebPlayer.exe
2013-08-13 01:07 - 2013-08-24 13:14 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys

Files to move or delete:
====================
C:\Users\asdafe\AppData\Local\Temp\iql1pqob.dll
C:\Users\asdafe\AppData\Local\Temp\jwizansw.dll
C:\Users\Marat\AppData\Local\Temp\AskSLib.dll
C:\Users\Marat\AppData\Local\Temp\AutoRun.exe
C:\Users\Marat\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Marat\AppData\Local\Temp\avguidx.dll
C:\Users\Marat\AppData\Local\Temp\EAInstall.dll
C:\Users\Marat\AppData\Local\Temp\eauninstall.exe
C:\Users\Marat\AppData\Local\Temp\i4jdel0.exe
C:\Users\Marat\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Marat\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Marat\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Marat\AppData\Local\Temp\NGMDll.dll
C:\Users\Marat\AppData\Local\Temp\NGMResource.dll
C:\Users\Marat\AppData\Local\Temp\oi_{3E810D57-FD79-4727-B214-3BB2C8A73E75}.exe
C:\Users\Marat\AppData\Local\Temp\ose00000.exe
C:\Users\Marat\AppData\Local\Temp\ping.exe
C:\Users\Marat\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Marat\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\Marat\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Marat\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marat\AppData\Local\Temp\Softango  Downloader213706.exe
C:\Users\Marat\AppData\Local\Temp\TubeBox-4.1.0.0.exe
C:\Users\Marat\AppData\Local\Temp\unicows.dll
C:\Users\Marat\AppData\Local\Temp\wajam_download.exe
C:\Users\Marat\AppData\Local\Temp\wajam_install.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-04 13:43

==================== End Of Log ============================
         
--- --- ---

--- --- ---


und hier addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 02
Ran by Marat at 2013-09-12 18:08:57
Running from C:\Users\Marat\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

«Conquest 2 - Frontier Wars Forever ™» v.5.3 (x32 Version: v.5.3)
Adobe Flash Player 11 ActiveX (x32 Version: 11.5.502.110)
Adobe Flash Player 11 Plugin (x32 Version: 11.5.502.110)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Apple Application Support (x32 Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Bluetooth Suite (64) (Version: 7.4.0.122)
Audiosurf Beta (x32)
AVG Security Toolbar (x32 Version: 15.5.0.2)
Babylon Chrome Toolbar (x32 Version: 2.0.0.4)
Babylon toolbar  (x32)
BisonCam (x32 Version: )
Bonjour (Version: 3.0.0.10)
bProtector for Windows (x32)
Cheat Engine 6.2 (x32)
ChiconyCam (x32 Version: 1.0.54.0521)
Commander Keen - Keen Dreams (x32)
Crysis® 2 (x32 Version: 1.0.0.0)
D3DX10 (x32 Version: 15.4.2368.0902)
DealPly (HKCU)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Die Schlacht um Mittelerde(tm) (x32)
Die Schlacht um Mittelerde™ II (x32)
EA Download Manager (x32 Version: 7.2.0.32)
ETDWare PS/2-X64 11.10.2.2_WHQL (Version: 11.10.2.2)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free YouTube to MP3 Converter version 3.11.35.1031 (x32 Version: 3.11.35.1031)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (x32 Version: 29.0.1547.66)
Google Update Helper (x32 Version: 1.3.21.153)
Hotkey 3.3043 (x32 Version: 3.3043)
Hotspot Shield 3.13 (x32 Version: 3.13)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2712)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004)
iTunes (Version: 10.7.0.21)
Java 7 Update 15 (x32 Version: 7.0.150)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.0)
jose (x32 Version: 1.3)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374)
LogMeIn Hamachi (x32 Version: 2.1.0.284)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
My Mix (x32)
Nexon Game Manager (x32)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA Systemsteuerung 295.93 (Version: 295.93)
Opera Stable 15.0.1147.153 (x32 Version: 15.0.1147.153)
Origin (x32 Version: 9.0.15.65)
OSCAR Editor (x32 Version: 12.03.0004)
Photo Gallery (x32 Version: 16.4.3505.0912)
Photo! Editor 1.1 (x32)
PhotoScape (x32)
Python 2.7.2 (x32 Version: 2.7.2150)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.395)
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.395)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Rotation Pilot Free 1.0.4 (x32 Version: 1.0.4)
Savings Sidekick (x32 Version: 1.24.151.151)
Skype™ 6.1 (x32 Version: 6.1.129)
Steam (x32 Version: 1.0.0.0)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007)
SweetPacks bundle uninstaller (x32 Version: 1.0.0000)
swMSM (x32 Version: 12.0.0.1)
TeamViewer 8 (x32 Version: 8.0.16642)
TubeBox (x32 Version: 4.1.1.0)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008)
VLC media player 2.0.0-rc1 (x32 Version: 2.0.0-rc1)
VLC media player 2.1.0-git (Version: 2.1.0-git)
Wajam (x32 Version: 1.50)
WebCam Installer (x32 Version: 4.041)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinHTTrack Website Copier 3.46-1 (x32 Version: 3.46.1)
X7 Oscar Editor (x32 Version: 12.03.0004)

==================== Restore Points  =========================

27-08-2013 09:31:12 Windows Update
30-08-2013 09:33:40 Windows Update
01-09-2013 19:55:28 Windows-Sicherung
03-09-2013 12:15:50 Windows Update
08-09-2013 17:30:39 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {193B62EF-DAAC-4237-ADC6-6AB70006FA9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {199D5F0F-B7C0-4F7B-8EB7-5DA184AE1854} - System32\Tasks\DealPly => C:\Users\Marat\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-03-10] ()
Task: {2BAB40B4-8679-49C0-B27C-E8A1D0B1AB2A} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: {336E678E-546E-4CAE-84B7-8CED7F77F715} - System32\Tasks\{8210576A-9A61-46C4-8D66-B854C16D0AB7} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar
Task: {442937F9-3ADB-48C1-BA9C-2F58837D38DE} - System32\Tasks\DealPlyUpdate => C:\Program Files (x86)\DealPly\DealPlyUpdate.exe [2012-10-21] (DealPly)
Task: {4A21DE04-E95F-4839-81D6-460756B7DD90} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {5E666A4A-F431-4B08-8916-962AD403D65D} - System32\Tasks\Updater5060.exe => C:\Users\Marat\AppData\Local\Updater5060\Updater5060.exe [2013-01-17] (FileProperties_CompanyName)
Task: {5E89DDC6-D7CC-4173-9C43-B238154005BA} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-23] ()
Task: {68B87ADF-0FBA-4B03-9D0C-39059910D126} - \AdobeFlashPlayerUpdate No Task File
Task: {AE3D20CF-6828-4851-A4E2-2ACE000E7AEA} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {B78110D8-0235-411D-9231-FBD4247E3A72} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B8B155A3-8947-4BB2-8662-EE17E7FBD798} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-09-03] ()
Task: {D64BA322-CF19-4F6E-8D66-C9F4A4B8ED65} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {E71C5F9C-A0DA-4F24-A638-AE0E5EF69516} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {EEF7A4B3-B221-4EB7-A4C6-B2682750D460} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)
Task: {F6AE5C33-9E49-4C19-B364-DB71C68E120C} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1681562818-1790632305-1859931045-1003 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)
Task: {F895FF28-3F97-4EE8-B547-236A65611DC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {FAB90BA2-A75A-4975-A91E-E932A96ECBAF} - System32\Tasks\{72463820-C0E0-4DFA-9190-AFD930FC4ECC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.120/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {FC71B8E3-87F6-40F2-B1DD-A9094888A2F2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1681562818-1790632305-1859931045-1001
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-31 13:07 - 2012-02-23 11:24 - 00260928 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00261624 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00661448 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\MSVCP110.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00828872 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\MSVCR110.dll
2012-05-02 08:31 - 2012-03-26 17:40 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-05-02 08:31 - 2012-03-26 17:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2012-07-23 16:36 - 2012-07-23 16:36 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2012-07-23 16:37 - 2012-07-23 16:37 - 00216064 _____ (Bigfoot Networks, Inc.) C:\Windows\system32\BfLLR.dll
2012-10-04 17:34 - 2012-10-04 17:34 - 00026968 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00222712 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00534480 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\MSVCP110.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00862664 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\MSVCR110.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00542712 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\Telemetry.dll
2012-11-21 00:00 - 2012-11-21 00:00 - 00039432 _____ (Microsoft Corporation) C:\Users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\logging.dll
2011-03-23 10:52 - 2011-03-23 10:52 - 00218112 _____ (TODO: <公司名稱>) C:\Program Files (x86)\Hotkey\GetProductdll.dll
2009-06-06 15:50 - 2009-06-06 15:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2010-06-21 11:10 - 2010-06-21 11:10 - 00204288 _____ (TODO: <公司名稱>) C:\Program Files (x86)\Hotkey\wlandll.dll
2011-06-01 15:44 - 2011-06-01 15:44 - 00221696 _____ (TODO: <公司名稱>) C:\Program Files (x86)\Hotkey\powerlife.dll
2011-10-13 21:41 - 2011-10-13 21:41 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll
2011-04-25 00:12 - 2011-04-25 00:12 - 00012688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll
2011-10-13 21:41 - 2012-11-07 13:08 - 00455096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00147856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll
2011-04-25 00:13 - 2012-11-07 13:09 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll
2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\DumpWriter.dll
2011-04-25 00:12 - 2011-04-25 00:12 - 00019856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CLLDR.DLL
2011-04-25 00:13 - 2011-04-25 00:13 - 00270736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll
2011-04-25 00:14 - 2011-04-25 00:14 - 00115088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 00021392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl
2011-04-25 00:14 - 2011-04-25 00:14 - 00038288 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl
2011-04-25 00:13 - 2013-09-04 15:08 - 00274624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll
2011-04-25 00:13 - 2013-09-04 15:08 - 00979136 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00315792 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll
2011-10-13 21:41 - 2012-11-07 13:12 - 00042896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl
2011-10-13 21:41 - 2013-09-04 15:09 - 01118400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl
2011-10-13 21:41 - 2013-09-04 15:09 - 04460736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpgui.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-10-13 21:41 - 2012-11-07 13:11 - 02154936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\basegui.ppl
2011-04-25 00:14 - 2011-04-25 00:14 - 00041360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00582032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\localization_manager.dll
2011-04-20 20:56 - 2011-04-20 20:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2011-04-25 00:14 - 2011-04-25 00:14 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\propmap.ppl
2012-08-27 22:33 - 2012-08-27 22:33 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2012-10-04 17:35 - 2012-10-04 17:35 - 00299352 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll
2012-10-04 17:35 - 2012-10-04 17:35 - 00098648 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll
2012-10-04 17:34 - 2012-10-04 17:34 - 00516440 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll
2012-10-04 17:34 - 2012-10-04 17:34 - 00036696 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll
2012-10-04 17:34 - 2012-10-04 17:34 - 00168280 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll
2012-10-04 17:35 - 2012-10-04 17:35 - 00074072 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll
2012-10-04 17:34 - 2012-10-04 17:34 - 00065880 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll
2012-08-15 20:08 - 2012-08-15 20:08 - 00650584 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll
2012-08-15 20:08 - 2012-08-15 20:08 - 00061272 _____ (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll
2012-08-15 20:08 - 2012-08-15 20:08 - 00041304 _____ (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll
2012-08-15 20:08 - 2012-08-15 20:08 - 00071512 _____ (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll
2013-08-16 12:48 - 2013-08-16 12:48 - 00521904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\log4cplusU.dll
2013-08-16 12:48 - 2013-08-16 12:48 - 00144560 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\SiteSafety.dll
2013-09-04 19:22 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 19:22 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 19:22 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 19:22 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 19:22 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2012-11-08 21:16 - 2012-11-08 21:16 - 00109704 _____ (DVDVideoSoft Ltd.) C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\np_dvs_plugin.dll
2012-11-07 13:48 - 2012-11-07 13:48 - 00266640 _____ (Kaspersky Lab ZAO) C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin\npUrlAdvisor.dll
2011-10-13 21:41 - 2011-10-13 21:41 - 00209296 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblc.dll
2011-04-25 00:13 - 2012-11-07 13:09 - 00238008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\kltbar.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00070032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbcl.dll
2012-11-07 13:48 - 2012-11-07 13:48 - 00098704 _____ (Kaspersky Lab ZAO) C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin\npVKPlugin.dll
2012-11-07 12:35 - 2012-11-07 12:35 - 00078224 _____ (Kaspersky Lab ZAO) C:\Users\Marat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin\npABPlugin.dll
2013-08-15 14:38 - 2013-08-15 14:38 - 00489472 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\591b99d5681c59ed6c5e9544d7def0ea\IAStorUtil.ni.dll
2013-07-24 14:07 - 2013-07-24 14:07 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\45581138b36fd338c87813390775b65f\IAStorCommon.ni.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sbhook.dll
2013-08-16 23:39 - 2013-08-16 23:39 - 00764200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-08-13 00:16 - 2013-08-13 00:16 - 00075264 _____ (Zlib) C:\Program Files (x86)\Hotspot Shield\bin\zlib1.dll
2011-10-13 21:41 - 2012-11-07 13:10 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00030096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klscav.dll
2013-09-04 19:22 - 2013-09-02 22:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2013 06:00:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (09/12/2013 06:00:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (09/12/2013 06:00:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/11/2013 10:03:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 09:05:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 06:46:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 02:05:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 02:02:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2013 08:24:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2013 08:17:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013


System errors:
=============
Error: (09/11/2013 10:03:44 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (09/11/2013 10:03:44 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (09/11/2013 10:03:44 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (09/11/2013 10:03:44 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (09/11/2013 10:03:27 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎11.‎09.‎2013 um 22:02:03 unerwartet heruntergefahren.

Error: (09/11/2013 09:05:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (09/11/2013 09:05:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (09/11/2013 09:05:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (09/11/2013 09:05:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (09/11/2013 09:05:24 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎11.‎09.‎2013 um 18:54:29 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/12/2013 06:00:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (09/12/2013 06:00:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (09/12/2013 06:00:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/11/2013 10:03:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 09:05:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 06:46:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 02:05:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 02:02:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2013 08:24:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2013 08:17:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013


==================== Memory info =========================== 

Percentage of memory in use: 19%
Total physical RAM: 16276.23 MB
Available physical RAM: 13173.61 MB
Total Pagefile: 32550.64 MB
Available Pagefile: 28850.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:160 GB) (Free:51.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data1) (Fixed) (Total:238.47 GB) (Free:127.27 GB) NTFS
Drive e: (Data) (Fixed) (Total:78.47 GB) (Free:10.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 7023C91D)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 7023C933)
Partition 1: (Not Active) - (Size=238 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 26.09.2013, 09:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.09.2013, 15:26   #5
uupiak
 
Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



Code:
ATTFilter
ComboFix 13-09-28.02 - Marat 29.09.2013  16:08:23.3.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16276.14058 [GMT 2:00]
ausgeführt von:: c:\users\Marat\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marat\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-08-28 bis 2013-09-29  ))))))))))))))))))))))))))))))
.
.
2013-09-29 14:13 . 2013-09-29 14:13	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2013-09-29 14:13 . 2013-09-29 14:13	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-09-29 14:13 . 2013-09-29 14:13	--------	d-----w-	c:\users\asdafe\AppData\Local\temp
2013-09-29 12:27 . 2013-09-05 05:32	9694160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1F1EE2D-A475-4F2F-AAEF-3DB6C308B794}\mpengine.dll
2013-09-22 22:58 . 2013-09-17 20:31	46792	----a-w-	c:\windows\system32\drivers\hssdrv6.sys
2013-09-12 19:01 . 2013-08-05 02:25	155584	----a-w-	c:\windows\system32\drivers\ataport.sys
2013-09-12 18:18 . 2013-07-26 02:24	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-09-12 18:18 . 2013-07-26 02:24	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-09-12 16:04 . 2013-09-12 16:04	--------	d-----w-	C:\FRST
2013-09-09 12:22 . 2013-09-09 12:22	--------	d-----w-	c:\users\Marat\AppData\Local\ElevatedDiagnostics
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 08:51 . 2012-11-26 15:27	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-08-16 10:48 . 2013-02-19 15:38	45856	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-08-07 02:22 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-12 18:19	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-15 08:42	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-15 08:42	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-15 08:51	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-15 08:51	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-15 08:51	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-15 08:44	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-15 08:51	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-15 08:51	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-15 08:51	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-15 08:44	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-15 08:51	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-15 08:51	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 08:51	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-15 08:51	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-15 08:51	1910208	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}]
c:\program files (x86)\Savings Sidekick\Savings Sidekick.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 14:03	1310040	----a-r-	c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-20 22:00	222712	----a-w-	c:\users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-20 22:00	222712	----a-w-	c:\users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-20 22:00	222712	----a-w-	c:\users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2012-03-20 3340288]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-12-26 438272]
"GoogleChromeAutoLaunch_7275CEBAC9C3C4C0ADBEBAE3CBDA4C5C"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-09-02 829392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2012-11-07 206448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-08-16 2314416]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hotkey.lnk - c:\program files (x86)\Hotkey\Hotkey.exe [2011-8-25 3080192]
Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized [2012-7-23 553984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys;c:\windows\SYSNATIVE\drivers\leath_hid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe;c:\programdata\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe;c:\program files (x86)\Hotkey\PowerBiosServer.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [x]
S3 Ak27x64;Killer Wireless-N 1102 device driver;c:\windows\system32\DRIVERS\Ak27x64.sys;c:\windows\SYSNATIVE\DRIVERS\Ak27x64.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 17:21	1177552	----a-w-	c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 10:22]
.
2013-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 10:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-20 22:00	261624	----a-w-	c:\users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-20 22:00	261624	----a-w-	c:\users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-20 22:00	261624	----a-w-	c:\users\Marat\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-30 439064]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-13 1020064]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-13 800416]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"CECAPLF"="c:\program files (x86)\ChiconyCam\CECAPLF.exe" [2011-07-06 121456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Marat\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\BfLLR.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-Locked - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-Locked - (no file)
AddRemove-Audiosurf_is1 - e:\neuer ordner\Audiosurf\unins000.exe
AddRemove-EADM - c:\program files (x86)\Electronic Arts\EADM\EADMUninstall.exe
AddRemove-My Mix - c:\windows\unvise32.exe
AddRemove-Savings Sidekick - c:\program files (x86)\Savings Sidekick\Uninstall.exe
AddRemove-WinHTTrack Website Copier_is1 - e:\neuer ordner\WinHTTrack\unins000.exe
AddRemove-«Conquest 2 - Frontier Wars Forever ™» v.5.3 - e:\conquest\C2-FWF\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-09-29  16:15:20
ComboFix-quarantined-files.txt  2013-09-29 14:15
.
Vor Suchlauf: 19 Verzeichnis(se), 60.170.874.880 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 59.863.109.632 Bytes frei
.
- - End Of File - - 9BDE3A5A45D4AA38F23D173559C501A8
         


Alt 29.09.2013, 18:36   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Wiederholtes Piepen, dann Absturz

Alt 07.10.2013, 17:21   #7
uupiak
 
Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



ok ich habs mal auf die defekte lüftung geschoben, und den laptop aufgeschraubt, ein bisschen dran gewackelt und wieder zugemacht. Läuft jetzt wieder prima, trotzdem danke.

Alt 08.10.2013, 08:13   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Wiederholtes Piepen, dann Absturz - Standard

Wiederholtes Piepen, dann Absturz



Supi, aber die Scans würd ich trotzdem machen um die Adware zu entfernen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Wiederholtes Piepen, dann Absturz
absturz, abstürze, abstürzen, anderen, arbeitet, bli, error, error meldung, hardware, hochfahren, laptop, lüftung, meldung, netzwerk, nicht mehr, nichts, piepen, plötzlich, prima, problem, schuld, seite, sekunden, virenschutzprogramm, virus, windows, windows 7, wirklich



Ähnliche Themen: Wiederholtes Piepen, dann Absturz


  1. Phase-6 gibt Fehlermeldung, startet dann den Internetexplorer und leitet dann auf diverse Seiten weiter
    Log-Analyse und Auswertung - 01.04.2015 (26)
  2. Wiederholtes Auftauchen von "PUP.Optional.Conduit.A"
    Log-Analyse und Auswertung - 01.11.2013 (15)
  3. Bluescreen beim Anmelden, dann Neustart, dann ist Avast deaktiviert
    Log-Analyse und Auswertung - 09.08.2013 (7)
  4. "Ungewöhnlicher Datenverkehr" (google) & wiederholtes Laden von Websites nötig
    Log-Analyse und Auswertung - 29.12.2012 (20)
  5. Piepen beim Starten des PCs
    Log-Analyse und Auswertung - 14.09.2011 (1)
  6. Zuerst unzählige Trojaner-Warnungen dann Festplatte nicht erkannt, dann schwarzer bildschirm
    Log-Analyse und Auswertung - 13.05.2011 (9)
  7. Piepen, Bluescreen, Virus?
    Plagegeister aller Art und deren Bekämpfung - 16.10.2010 (0)
  8. Rootkitscan mit Gmer, dann Absturz
    Plagegeister aller Art und deren Bekämpfung - 30.05.2010 (1)
  9. Erst TR/Crypt.ZPACK.Gen, dann 9 weitere, dann unklar (Teil 1)
    Plagegeister aller Art und deren Bekämpfung - 28.05.2010 (1)
  10. Was war das denn? prun.exe wurde beendet, dann Absturz und jetzt finde ich sie nicht
    Plagegeister aller Art und deren Bekämpfung - 12.04.2010 (19)
  11. Laues nervtötendes Piepen
    Plagegeister aller Art und deren Bekämpfung - 04.07.2009 (3)
  12. Erst WinXP-Absturz, dann AntiVir-Fund: ADSPY/Stud.D.9
    Plagegeister aller Art und deren Bekämpfung - 26.06.2009 (1)
  13. PC stürtzt ständig ab + piepen!
    Mülltonne - 10.11.2008 (3)
  14. Pc hängt und piepen über boxen
    Netzwerk und Hardware - 02.06.2008 (9)
  15. Tinitusartiges Piepen aus dem Computer
    Netzwerk und Hardware - 14.02.2008 (5)
  16. Erst Absturz, dann Neustart und jetzt alles etwas merkwürdig...
    Alles rund um Windows - 01.03.2005 (8)
  17. Absturz und dann Fehlermeldung
    Alles rund um Windows - 05.01.2004 (18)

Zum Thema Wiederholtes Piepen, dann Absturz - Das problem, das ich beschreibe, wurde zwar schon in einem anderen beitrag beschrieben, aber vielleicht gibt es ja noch andere wege um es zu lösen. Was passiert, um es abzukürzen, - Wiederholtes Piepen, dann Absturz...
Archiv
Du betrachtest: Wiederholtes Piepen, dann Absturz auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.