Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 28.01.2014, 19:02   #1
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Guten Abend zusammen,

ich habe seit ca. 1 Woche Probleme mit meiner Internetverbindung.
Unabhängig von Tages- oder Nachtzeit, sowie kabelgebunden oder -ungebunden habe ich zum Teil Downloadraten von 0,1 MBit und weniger bei DSL6000. Das Kuriose: Mache ich den gleichen Check eine Weile später kommt es vor, dass die volle Bandbreite vorhanden ist.

Die Kundebetreuung hat die Leitungen gecheckt und mir mitgeteilt, dass alles in Ordnung ist. Der Router zeigt in den Konfigurationen auch keine Auffälligkeiten. Ich habe zur Prüfung auch mal meinen Laptop an den Router gehängt, da hatte ich anfangs eine sehr gute Bandbreite, dann hat sie nach und nach abgebaut.
Auch wenn ich es mir nicht wirklich vorstellen kann, könnte es vielleicht sein, dass sich da ein unerwünschter Begleiter in mein System gezeckt hat?
Ein Virenscan mit avast! war negativ. Gerne kann ich diesen aber nochmal durchführen.

Die Tests und dazugehörigen Logfiles habe ich wie in der Anleitung beschrieben durchgeführt und mit angehängt.
Es wäre super, wenn einer von Euch einen Blick drauf werfen und mir vielleicht helfen kann.

Beste Grüße und herzlichen Dank im Voraus,

Cleeer

Alt 28.01.2014, 21:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 29.01.2014, 08:04   #3
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Sorry dafür - ich probiers

defrogger

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:22 on 28/01/2014 (Marco)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02
Ran by xxx at 2014-01-28 19:24:52
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Box Sync (Version: 4.0.4212.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.3956.0 - Box Inc.) Hidden
Brother HL-2035 (x32 Version: 1.00 - Brother)
Call of Duty: Black Ops II - Multiplayer (x32 Version:  - )
Call of Duty: Black Ops II - Zombies (x32 Version:  - )
Call of Duty: Black Ops II (x32 Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version:  - Infinity Ward)
Cisco AnyConnect Diagnostics and Reporting Tool (x32 Version: 3.1.04063 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.04063 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (x32 Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.0.13 - Cisco Systems, Inc.)
Citavi 4 (x32 Version: 4.2.0.11 - Swiss Academic Software)
CPUID CPU-Z 1.66.1 (Version:  - )
CyberLink Power2Go 8 (x32 Version: 8.0.0.3215 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3215 - CyberLink Corp.) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hauppauge German Help Files and Resources (x32 Version:  - )
Hauppauge WinTV (x32 Version:  - )
Hauppauge WinTV Diversity Tool (x32 Version:  - )
Hauppauge WinTV DVB-T EPG Service (x32 Version:  - )
Hauppauge WinTV Infrared Remote (x32 Version:  - )
Hauppauge WinTV Scheduler (x32 Version:  - )
Hauppauge WinTV TV Services (x32 Version:  - )
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
InterVideo FilterSDK for Hauppauge (x32 Version:  - InterVideo Inc.)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 6.61 (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
NVIDIA 3D Vision Controller Driver (x32 Version: 267.67 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 267.85 (Version: 267.85 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.23 (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Samsung Magician (x32 Version: 4.2.1 - Samsung Electronics)
StarCraft II (x32 Version:  - Blizzard Entertainment)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TL-WN321G-Drahtlos-Tool (x32 Version: 1.0.3.0 - TP-LINK)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

14-01-2014 07:35:18 Windows Update
15-01-2014 08:51:28 Windows Update
21-01-2014 16:57:34 Windows Update
28-01-2014 15:48:07 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0F47EEA0-E50C-4CC6-9BF2-6ED342579939} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-21] (Adobe Systems Incorporated)
Task: {3EB46AE6-81ED-426F-AA60-F672B79B954D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {562D8E5D-F1A7-46A3-8B37-36EE43EC9CD8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {63A9AC50-4CC7-45BE-91EC-C4A747B05D38} - System32\Tasks\ASUS\i-Setup203445 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {73DCE74B-A3E7-49AB-8524-B4B73961D820} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {B1ADFE29-7ACC-4AD7-AD7A-45614AF15A72} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {B2BBC6D5-9079-466A-8B67-A840FB297E72} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-04] (AVAST Software)
Task: {FEC6206C-E990-4EED-A32C-BB8348D62DA3} - System32\Tasks\ASUS\i-Setup203519 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-28 18:13 - 2014-01-28 18:13 - 00471552 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_hashlib.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00128512 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32api.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00137728 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\pywintypes27.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00503808 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\pythoncom27.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00111616 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_ctypes.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00689664 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\unicodedata.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00046080 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_socket.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 01167360 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_ssl.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00003584 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\clr.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00103424 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Python.Runtime.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00041984 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_psutil_mswindows.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00010752 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\select.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00166912 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_elementtree.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00164352 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\pyexpat.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00027136 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\ujson.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00136192 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32security.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00438784 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32com.shell.shell.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00023040 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32event.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00149504 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32file.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00058368 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_sqlite3.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00535040 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\sqlite3.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00030720 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32cred.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00030208 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Cipher._AES.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00008192 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Util.strxor.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00010752 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Random.OSRNG.winrandom.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00011264 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\Crypto.Util._counter.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00031744 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_multiprocessing.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00044032 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32process.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00020992 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\_yappi.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00009728 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\SyncContextMenuService.dll
2014-01-28 18:13 - 2014-01-28 18:13 - 00021504 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\win32clipboard.pyd
2014-01-28 18:13 - 2014-01-28 18:13 - 00068096 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI14602\SystemWrapper.dll
2013-07-19 22:29 - 2013-07-19 22:29 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-01-28 16:44 - 2014-01-28 10:06 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012800\algo.dll
2014-01-28 18:13 - 2014-01-28 17:44 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012801\algo.dll
2013-10-05 19:39 - 2014-01-28 18:13 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2013-10-05 19:39 - 2013-05-07 08:45 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-01-08 08:04 - 2013-12-12 23:19 - 00142848 _____ () E:\Spiele\Steam\libavresample-1.dll
2014-01-08 08:04 - 2013-11-05 02:12 - 00890592 _____ () E:\Spiele\Steam\libavutil-52.dll
2013-08-21 13:18 - 2013-12-12 23:04 - 00716800 _____ () E:\Spiele\Steam\SDL2.dll
2013-09-21 09:35 - 2014-01-07 22:00 - 01138088 _____ () E:\Spiele\Steam\bin\chromehtml.DLL
2013-09-10 13:20 - 2013-12-12 23:04 - 20625832 _____ () E:\Spiele\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () E:\Spiele\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () E:\Spiele\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () E:\Spiele\Steam\bin\avformat-53.dll
2013-12-06 21:31 - 2013-12-06 21:31 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Marco\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-05 19:37 - 2013-03-12 12:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-12-12 09:18 - 2013-12-12 09:18 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-04 14:47 - 2013-07-17 23:56 - 00430080 _____ () C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\FirefoxPickerCommunication.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2014 01:08:49 PM) (Source: Application Hang) (User: )
Description: Programm WinTV.exe, Version 6.0.26080.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2830

Startzeit: 01cf18fc0f045be0

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\WinTV\WinTV.exe

Berichts-ID: 1d2cb20b-84f0-11e3-a842-74d02b93250e

Error: (01/15/2014 04:01:52 PM) (Source: Application Hang) (User: )
Description: Programm WinTV.exe, Version 6.0.26080.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dd8

Startzeit: 01cf1202741f38fd

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\WinTV\WinTV.exe

Berichts-ID: cc41e538-7df5-11e3-ac08-74d02b93250e

Error: (01/15/2014 03:36:18 PM) (Source: MsiInstaller) (User: Marco-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011006}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/08/2014 08:34:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iw4mp.exe, Version: 0.0.0.0, Zeitstempel: 0x4c119a5c
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 9.18.13.2723, Zeitstempel: 0x52314d4c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0060bb67
ID des fehlerhaften Prozesses: 0x1e94
Startzeit der fehlerhaften Anwendung: 0xiw4mp.exe0
Pfad der fehlerhaften Anwendung: iw4mp.exe1
Pfad des fehlerhaften Moduls: iw4mp.exe2
Berichtskennung: iw4mp.exe3

Error: (01/07/2014 09:36:16 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="*",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="*",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/21/2013 11:37:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WinTV.exe, Version: 6.0.26080.0, Zeitstempel: 0x47e29719
Name des fehlerhaften Moduls: WindowsCodecs.dll, Version: 6.2.9200.16492, Zeitstempel: 0x50f30e59
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006746c
ID des fehlerhaften Prozesses: 0xb90
Startzeit der fehlerhaften Anwendung: 0xWinTV.exe0
Pfad der fehlerhaften Anwendung: WinTV.exe1
Pfad des fehlerhaften Moduls: WinTV.exe2
Berichtskennung: WinTV.exe3

Error: (11/06/2013 01:22:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BoxSync.exe, Version: 3.4.25.0, Zeitstempel: 0x51b2b112
Name des fehlerhaften Moduls: python27.DLL, Version: 2.7.3150.1013, Zeitstempel: 0x4f84a51f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c48fc
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xBoxSync.exe0
Pfad der fehlerhaften Anwendung: BoxSync.exe1
Pfad des fehlerhaften Moduls: BoxSync.exe2
Berichtskennung: BoxSync.exe3

Error: (11/04/2013 04:20:22 PM) (Source: Application Hang) (User: )
Description: Programm t6sp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1654

Startzeit: 01ced968ff1f658e

Endzeit: 300

Anwendungspfad: E:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe

Berichts-ID:

Error: (11/04/2013 04:19:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: t6sp.exe, Version: 1.0.0.1, Zeitstempel: 0x50c7e945
Name des fehlerhaften Moduls: t6sp.exe, Version: 1.0.0.1, Zeitstempel: 0x50c7e945
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002dcf77
ID des fehlerhaften Prozesses: 0x1654
Startzeit der fehlerhaften Anwendung: 0xt6sp.exe0
Pfad der fehlerhaften Anwendung: t6sp.exe1
Pfad des fehlerhaften Moduls: t6sp.exe2
Berichtskennung: t6sp.exe3

Error: (11/03/2013 05:25:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.0.0, Zeitstempel: 0x52432b75
Name des fehlerhaften Moduls: vlc.exe, Version: 2.1.0.0, Zeitstempel: 0x52432b75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000019b4
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3


System errors:
=============
Error: (01/28/2014 06:13:35 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/28/2014 04:44:42 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/28/2014 07:16:11 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/27/2014 05:12:56 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/27/2014 07:16:15 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/26/2014 10:52:50 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/25/2014 11:28:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/24/2014 02:50:33 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (01/24/2014 02:50:31 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎24.‎01.‎2014 um 14:44:30 unerwartet heruntergefahren.

Error: (01/24/2014 01:10:07 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (01/24/2014 01:08:49 PM) (Source: Application Hang)(User: )
Description: WinTV.exe6.0.26080.0283001cf18fc0f045be060000C:\Program Files (x86)\WinTV\WinTV.exe1d2cb20b-84f0-11e3-a842-74d02b93250e

Error: (01/15/2014 04:01:52 PM) (Source: Application Hang)(User: )
Description: WinTV.exe6.0.26080.0dd801cf1202741f38fd60000C:\Program Files (x86)\WinTV\WinTV.execc41e538-7df5-11e3-ac08-74d02b93250e

Error: (01/15/2014 03:36:18 PM) (Source: MsiInstaller)(User: Marco-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011006}1625(NULL)(NULL)(NULL)

Error: (01/08/2014 08:34:29 PM) (Source: Application Error)(User: )
Description: iw4mp.exe0.0.0.04c119a5cnvd3dum.dll9.18.13.272352314d4cc00000050060bb671e9401cf0ca889f044e2E:\Spiele\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exeC:\Windows\system32\nvd3dum.dlle3c4c626-789b-11e3-bade-74d02b93250e

Error: (01/07/2014 09:36:16 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="*",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Box Sync\BoxSync.exe

Error: (12/21/2013 11:37:54 AM) (Source: Application Error)(User: )
Description: WinTV.exe6.0.26080.047e29719WindowsCodecs.dll6.2.9200.1649250f30e59c00000050006746cb9001cefe358530a3eeC:\Program Files (x86)\WinTV\WinTV.exeC:\Windows\system32\WindowsCodecs.dllf2a5fbca-6a2b-11e3-adda-74d02b93250e

Error: (11/06/2013 01:22:40 PM) (Source: Application Error)(User: )
Description: BoxSync.exe3.4.25.051b2b112python27.DLL2.7.3150.10134f84a51fc000000500000000000c48fc

Error: (11/04/2013 04:20:22 PM) (Source: Application Hang)(User: )
Description: t6sp.exe1.0.0.1165401ced968ff1f658e300E:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe

Error: (11/04/2013 04:19:32 PM) (Source: Application Error)(User: )
Description: t6sp.exe1.0.0.150c7e945t6sp.exe1.0.0.150c7e945c0000005002dcf77165401ced968ff1f658eE:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exeE:\Spiele\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe8132578a-4564-11e3-9185-74d02b93250e

Error: (11/03/2013 05:25:55 PM) (Source: Application Error)(User: )
Description: vlc.exe2.1.0.052432b75vlc.exe2.1.0.052432b75c000000500000000000019b416e801ced8b15625276eC:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\vlc.exe9c71ad9b-44a4-11e3-bd2f-74d02b93250e


CodeIntegrity Errors:
===================================
  Date: 2014-01-28 18:43:40.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 18:13:39.231
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 18:11:00.562
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 16:50:49.051
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 16:44:44.886
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 07:33:36.350
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 07:16:14.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-27 17:18:34.993
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-27 17:12:57.905
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-27 07:39:44.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 8131.84 MB
Available physical RAM: 5784.24 MB
Total Pagefile: 16261.87 MB
Available Pagefile: 13725.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:69.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (x) (Fixed) (Total:195.31 GB) (Free:42.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (x) (Fixed) (Total:931.51 GB) (Free:394.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (x) (Fixed) (Total:270.45 GB) (Free:1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: C9389B84)
Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 806091D7)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: AE4FE21F)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Marco (administrator) on MARCO-PC on 28-01-2014 19:24:43
Running from C:\Users\Marco\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [BoxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [12920496 2014-01-14] (Box, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [EPGServiceTool] - C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Steam] - E:\Spiele\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DD8983906C2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-11-04]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [919552 2008-04-17] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [47232 2008-04-17] (Hauppauge Computer Works, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 19:24 - 2014-01-28 19:24 - 00013719 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Downloads\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-01-28 19:19 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 17:34 - 2014-01-28 17:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 18:09 - 2014-01-22 18:11 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:59 - 2014-01-23 22:57 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 17:59 - 2014-01-22 18:15 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 17:59 - 2014-01-22 18:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 17:48 - 2014-01-22 17:57 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-15 08:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 13:50 - 2014-01-07 13:51 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-28 18:56 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

==================== One Month Modified Files and Folders =======

2014-01-28 19:24 - 2014-01-28 19:24 - 00013719 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:24 - 2013-10-05 23:05 - 00000000 ____D C:\Program Files (x86)\WinTV
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Downloads\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:22 - 2013-10-05 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 19:22 - 2013-10-05 19:21 - 00000000 ____D C:\Users\Marco
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:19 - 2014-01-28 19:18 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 19:18 - 2013-10-05 21:05 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26B70CC-B586-48AA-82B2-A9DBCCF0E556}
2014-01-28 18:56 - 2014-01-07 09:55 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-28 18:40 - 2013-10-05 21:19 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 18:20 - 2009-07-14 18:58 - 00698688 _____ C:\Windows\system32\perfh007.dat
2014-01-28 18:20 - 2009-07-14 18:58 - 00148828 _____ C:\Windows\system32\perfc007.dat
2014-01-28 18:20 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 18:20 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 18:20 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 18:16 - 2013-10-05 19:21 - 01580976 _____ C:\Windows\WindowsUpdate.log
2014-01-28 18:13 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Dropbox
2014-01-28 18:13 - 2013-10-05 22:29 - 00112426 _____ C:\Windows\PFRO.log
2014-01-28 18:13 - 2013-10-05 21:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 18:13 - 2013-10-05 21:19 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-28 18:13 - 2013-10-05 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-28 18:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-28 18:13 - 2009-07-14 05:51 - 00042547 _____ C:\Windows\setupact.log
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:35 - 2014-01-28 17:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-23 22:57 - 2014-01-22 17:59 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-22 18:15 - 2014-01-22 17:59 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 18:15 - 2014-01-22 17:59 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 18:11 - 2014-01-22 18:09 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:57 - 2014-01-22 17:48 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-21 07:54 - 2013-10-05 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-21 07:54 - 2013-10-05 21:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-21 07:54 - 2013-10-05 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-21 07:53 - 2013-10-05 23:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2014-01-17 08:17 - 2013-10-25 10:39 - 00000979 _____ C:\Users\Marco\Desktop\Dropbox.lnk
2014-01-17 08:17 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 08:17 - 2013-10-05 19:21 - 00000000 ___RD C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 15:34 - 2009-07-14 05:45 - 00446264 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:52 - 2013-10-05 21:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 09:51 - 2013-10-05 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:56 - 2013-11-04 14:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-11 17:21 - 2013-10-10 13:26 - 00000000 ____D C:\Users\Marco\AppData\Roaming\vlc
2014-01-07 16:13 - 2013-11-03 17:35 - 00000000 ____D C:\Users\Marco\Documents\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-07 13:51 - 2014-01-07 13:50 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 13:50 - 2013-10-06 15:19 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-07 09:10 - 2013-10-10 13:26 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 17:31 - 2013-10-06 11:30 - 00000000 ____D C:\Windows\System32\Tasks\Games
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-04 14:19 - 2013-10-05 21:19 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-04 14:19 - 2013-10-05 21:19 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\COMAP.EXE
C:\Users\Marco\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Marco\AppData\Local\Temp\log4net.dll
C:\Users\Marco\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Marco\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\Marco\AppData\Local\Temp\SyncRestarter.exe
C:\Users\Marco\AppData\Local\Temp\sync_upgrader.exe
C:\Users\Marco\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Marco\AppData\Local\Temp\_is141C.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 21:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Gmer ist zu groß - ich müsste den Text in 4 Codes aufteilen und da ist die Gefahr groß, dass was fehlt... Ist das trotzdem gewünscht?
__________________

Alt 29.01.2014, 16:17   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Zitat:
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Call of Duty: Black Ops II - Zombies (x32 Version: - )
Call of Duty: Black Ops II (x32 Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version: - Infinity Ward)
yeah

aber da fehlt Ghosts

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.01.2014, 10:34   #5
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Jaaa das wars mir dann doch nicht wert, als ich die miesen Rezensionen gelesen hatte...

ComboFix habe ich laufen lassen. Hier die Logfile:

Code:
ATTFilter
ComboFix 14-01-29.01 - Marco 30.01.2014  11:18:31.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8132.6326 [GMT 1:00]
ausgeführt von:: c:\users\Marco\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marco\AppData\Local\Temp\_MEI39442\_ctypes.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_elementtree.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_hashlib.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_multiprocessing.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_psutil_mswindows.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_socket.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_sqlite3.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_ssl.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\_yappi.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\BoxSyncWindowsUI.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\clr.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Cipher._AES.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Random.OSRNG.winrandom.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Util._counter.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Crypto.Util.strxor.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\IconLogic.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\pyexpat.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\Python.Runtime.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\python27.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\pythoncom27.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\pywintypes27.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\select.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\SQLite.Interop.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\sqlite3.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SyncContextMenuService.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SyncIconOverlayService.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\System.Data.SQLite.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SystemInterface.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\SystemWrapper.dll
c:\users\Marco\AppData\Local\Temp\_MEI39442\ujson.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\unicodedata.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32api.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32clipboard.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32com.shell.shell.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32cred.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32event.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32file.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32process.pyd
c:\users\Marco\AppData\Local\Temp\_MEI39442\win32security.pyd
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\mpir.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\msvcp100.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\msvcr100.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\wmpnetwk.dll
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Recent\wmpnetwk.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-28 bis 2014-01-30  ))))))))))))))))))))))))))))))
.
.
2014-01-28 18:24 . 2014-01-28 18:24	--------	d-----w-	C:\FRST
2014-01-28 16:36 . 2014-01-28 16:36	--------	d-----w-	c:\users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 16:36 . 2014-01-28 16:36	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-28 16:36 . 2014-01-28 16:36	--------	d-----w-	c:\programdata\Malwarebytes
2014-01-28 16:36 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-01-28 15:48 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{26C98A53-9E7A-4D15-8F35-F7684443315E}\mpengine.dll
2014-01-22 19:29 . 2014-01-22 19:29	--------	d-----w-	c:\users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 16:59 . 2014-01-22 17:15	--------	d-----w-	c:\programdata\Blizzard Entertainment
2014-01-22 16:59 . 2014-01-22 17:15	--------	d-----w-	c:\program files (x86)\Common Files\Blizzard Entertainment
2014-01-22 16:48 . 2014-01-22 16:57	--------	d-----w-	c:\programdata\Battle.net
2014-01-15 07:37 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 07:37 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 07:37 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 07:37 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 07:37 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 07:37 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 07:37 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 07:37 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-07 08:55 . 2014-01-30 10:12	--------	d-----w-	c:\users\Marco\AppData\Local\Box Sync
2014-01-07 08:55 . 2014-01-07 08:55	--------	d-----w-	c:\program files\Box
2014-01-07 08:55 . 2014-01-07 08:55	--------	d-----w-	c:\programdata\Package Cache
2014-01-04 13:19 . 2014-01-04 13:19	79672	----a-w-	c:\windows\system32\drivers\aswstm.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-21 06:54 . 2013-10-05 20:30	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-21 06:54 . 2013-10-05 20:30	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 08:51 . 2013-10-05 20:56	86054176	----a-w-	c:\windows\system32\MRT.exe
2014-01-15 07:52 . 2013-11-04 13:25	566480	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-01-04 13:19 . 2013-10-05 20:19	422216	----a-w-	c:\windows\system32\drivers\aswSP.sys
2014-01-04 13:19 . 2013-10-05 20:19	207904	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-01-04 13:19 . 2013-10-05 20:19	1034464	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-01-04 13:19 . 2013-10-05 20:19	78648	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-01-04 13:19 . 2013-10-05 20:19	334136	----a-w-	c:\windows\system32\aswBoot.exe
2014-01-04 13:19 . 2013-10-05 20:19	43152	----a-w-	c:\windows\avastSS.scr
2013-12-18 05:13 . 2013-10-05 19:56	270496	------w-	c:\windows\system32\MpSigStub.exe
2013-12-06 20:31 . 2013-10-05 20:19	92544	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-12-06 20:31 . 2013-10-05 20:19	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-12-04 21:33 . 2013-12-04 21:33	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 21:33 . 2013-12-04 21:33	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-12-04 21:33 . 2013-12-04 21:33	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-12-04 21:33 . 2013-12-04 21:33	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 21:33 . 2013-12-04 21:33	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-12-04 21:33 . 2013-12-04 21:33	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 21:33 . 2013-12-04 21:33	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-12-04 21:33 . 2013-12-04 21:33	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-12-04 21:33 . 2013-12-04 21:33	81408	----a-w-	c:\windows\system32\icardie.dll
2013-12-04 21:33 . 2013-12-04 21:33	774144	----a-w-	c:\windows\system32\jscript.dll
2013-12-04 21:33 . 2013-12-04 21:33	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-12-04 21:33 . 2013-12-04 21:33	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 21:33 . 2013-12-04 21:33	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 21:33 . 2013-12-04 21:33	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-12-04 21:33 . 2013-12-04 21:33	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-12-04 21:33 . 2013-12-04 21:33	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-12-04 21:33 . 2013-12-04 21:33	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-12-04 21:33 . 2013-12-04 21:33	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 21:33 . 2013-12-04 21:33	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-12-04 21:33 . 2013-12-04 21:33	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-12-04 21:33 . 2013-12-04 21:33	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-12-04 21:33 . 2013-12-04 21:33	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-12-04 21:33 . 2013-12-04 21:33	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-12-04 21:33 . 2013-12-04 21:33	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-12-04 21:33 . 2013-12-04 21:33	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-12-04 21:33 . 2013-12-04 21:33	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-12-04 21:33 . 2013-12-04 21:33	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-12-04 21:33 . 2013-12-04 21:33	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-12-04 21:33 . 2013-12-04 21:33	413696	----a-w-	c:\windows\system32\html.iec
2013-12-04 21:33 . 2013-12-04 21:33	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 21:33 . 2013-12-04 21:33	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-12-04 21:33 . 2013-12-04 21:33	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 21:33 . 2013-12-04 21:33	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-12-04 21:33 . 2013-12-04 21:33	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-12-04 21:33 . 2013-12-04 21:33	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-12-04 21:33 . 2013-12-04 21:33	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-12-04 21:33 . 2013-12-04 21:33	247808	----a-w-	c:\windows\system32\msls31.dll
2013-12-04 21:33 . 2013-12-04 21:33	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-12-04 21:33 . 2013-12-04 21:33	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-12-04 21:33 . 2013-12-04 21:33	235520	----a-w-	c:\windows\system32\url.dll
2013-12-04 21:33 . 2013-12-04 21:33	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-12-04 21:33 . 2013-12-04 21:33	195584	----a-w-	c:\windows\system32\msrating.dll
2013-12-04 21:33 . 2013-12-04 21:33	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-12-04 21:33 . 2013-12-04 21:33	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-12-04 21:33 . 2013-12-04 21:33	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-12-04 21:33 . 2013-12-04 21:33	147968	----a-w-	c:\windows\system32\occache.dll
2013-12-04 21:33 . 2013-12-04 21:33	143872	----a-w-	c:\windows\system32\wextract.exe
2013-12-04 21:33 . 2013-12-04 21:33	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-12-04 21:33 . 2013-12-04 21:33	13824	----a-w-	c:\windows\system32\mshta.exe
2013-12-04 21:33 . 2013-12-04 21:33	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-12-04 21:33 . 2013-12-04 21:33	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-12-04 21:33 . 2013-12-04 21:33	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-12-04 21:33 . 2013-12-04 21:33	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-12-04 21:33 . 2013-12-04 21:33	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-12-04 21:33 . 2013-12-04 21:33	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-12-04 21:33 . 2013-12-04 21:33	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 21:33 . 2013-12-04 21:33	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-12-04 21:33 . 2013-12-04 21:33	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 21:33 . 2013-12-04 21:33	101376	----a-w-	c:\windows\system32\inseng.dll
2013-12-04 21:33 . 2013-12-04 21:33	878080	----a-w-	c:\windows\system32\advapi32.dll
2013-12-04 21:33 . 2013-12-04 21:33	859648	----a-w-	c:\windows\system32\tdh.dll
2013-12-04 21:33 . 2013-12-04 21:33	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-12-04 21:33 . 2013-12-04 21:33	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2013-12-04 21:33 . 2013-12-04 21:33	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2013-12-04 21:33 . 2013-12-04 21:33	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-12-04 21:33 . 2013-12-04 21:33	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-12-04 21:33 . 2013-12-04 21:33	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-12-04 21:33 . 2013-12-04 21:33	3969472	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-12-04 21:33 . 2013-12-04 21:33	3914176	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-12-04 21:33 . 2013-12-04 21:33	362496	----a-w-	c:\windows\system32\wow64win.dll
2013-12-04 21:33 . 2013-12-04 21:33	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-12-04 21:33 . 2013-12-04 21:33	243712	----a-w-	c:\windows\system32\wow64.dll
2013-12-04 21:33 . 2013-12-04 21:33	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-12-04 21:33 . 2013-12-04 21:33	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-12-04 21:33 . 2013-12-04 21:33	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2013-12-04 21:33 . 2013-12-04 21:33	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-12-04 21:33 . 2013-12-04 21:33	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2013-12-04 21:33 . 2013-12-04 21:33	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-12-04 21:33 . 2013-12-04 21:33	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-12-04 21:33 . 2013-12-04 21:33	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-12-04 21:33 . 2013-12-04 21:33	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-11-26 11:54 . 2013-12-11 06:43	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 06:43	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 06:43	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 06:43	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 06:43	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 06:43	2764288	----a-w-	c:\windows\system32\iertutil.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-04 13:36	222712	----a-w-	c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-04 13:36	222712	----a-w-	c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-04 13:36	222712	----a-w-	c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\spiele\Steam\Steam.exe" [2014-01-27 1815976]
"Akamai NetSession Interface"="c:\users\Marco\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"EPGServiceTool"="c:\progra~2\WinTV\EPG Services\System\EPGClient.exe" [2008-05-15 688128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-04 3764024]
.
c:\users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files (x86)\WinTV\Ir.exe /QUIET [2013-10-5 110647]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BoxSyncUpdateService;Box Sync Update Service;c:\program files\Box\Box Sync\SyncUpdaterService.exe;c:\program files\Box\Box Sync\SyncUpdaterService.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 EPGService;EPGService;c:\progra~2\WinTV\EPG Services\System\EPGService.exe;c:\progra~2\WinTV\EPG Services\System\EPGService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys;c:\windows\SYSNATIVE\Drivers\hcw95bda.sys [x]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys;c:\windows\SYSNATIVE\DRIVERS\hcw95rc.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-05 06:54]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05 20:19]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-05 20:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-04 13:36	261624	----a-w-	c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-04 13:36	261624	----a-w-	c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-04 13:36	261624	----a-w-	c:\users\Marco\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-15 07:54	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-15 07:54	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-15 07:54	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncFileLocked]
@="{1b9c95e1-ce36-3737-81c8-1ec9807f03c1}"
[HKEY_CLASSES_ROOT\CLSID\{1b9c95e1-ce36-3737-81c8-1ec9807f03c1}]
2010-11-04 15:57	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncNotSynced]
@="{e22ccf16-2db6-3de8-9a2c-acb66b571b69}"
[HKEY_CLASSES_ROOT\CLSID\{e22ccf16-2db6-3de8-9a2c-acb66b571b69}]
2010-11-04 15:57	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncProblem]
@="{84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc}"
[HKEY_CLASSES_ROOT\CLSID\{84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc}]
2010-11-04 15:57	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncSynced]
@="{01fcd170-7f0a-3b6a-b992-66a7a20289b5}"
[HKEY_CLASSES_ROOT\CLSID\{01fcd170-7f0a-3b6a-b992-66a7a20289b5}]
2010-11-04 15:57	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-04 13:19	287280	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-06-24 7191768]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-06-05 1311304]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]
"BoxSync"="c:\program files\Box\Box Sync\BoxSync.exe" [2014-01-14 12920496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Hauppauge WinTV DVB-T EPG Service - c:\windows\System32\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Chipset\AsusSetup.exe
c:\windows\Chipset\AsusSetup.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-30  11:22:23 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-01-30 10:22
.
Vor Suchlauf: 9 Verzeichnis(se), 73.015.812.096 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 76.067.098.624 Bytes frei
.
- - End Of File - - B3509986D8B84EE2DA0962893C75EF7B
A36C5E4F47E84449FF07ED3517B43A31
         
Leider bekomme ich beim Neustart nun zwei Meldungen vom ASUS Setup:

C/Users/Marco/AppData/Local/Temp/203519Log.iniis lost
C/Users/Marco/AppData/Local/Temp/203445Log.iniis lost

Was soll das sein?


Alt 31.01.2014, 07:37   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



ach die labern alle nur, ich find es geil und hab schon 16 Tage Spielzeit


Das sind nur Temp Dateien, machen wir im Anschluss.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet

Alt 31.01.2014, 12:13   #7
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



16 Tage die hab ich glaub nicht mal bei mw2 zusammen...
dann denk ich vielleicht nochmal drüber nach

hab alles scan durchgeführt. Hier die logs.

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.28.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Marco :: MARCO-PC [Administrator]

31.01.2014 11:28:13
mbam-log-2014-01-31 (11-28-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 530073
Laufzeit: 32 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
adw [RO]

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 12:48:50
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Marco - MARCO-PC
# Gestartet von : C:\Users\Marco\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [744 octets] - [31/01/2014 12:48:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [803 octets] ##########
         



und adw [SO]

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 12:50:25
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Marco - MARCO-PC
# Gestartet von : C:\Users\Marco\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [886 octets] - [31/01/2014 12:48:50]
AdwCleaner[S0].txt - [762 octets] - [31/01/2014 12:50:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [821 octets] ##########
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Marco on 31.01.2014 at 12:55:38,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\cx6vxi10.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2014 at 12:56:42,46
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Marco (administrator) on MARCO-PC on 31-01-2014 12:58:04
Running from C:\Users\Marco\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [BoxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [12920496 2014-01-14] (Box, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [EPGServiceTool] - C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Steam] - E:\Spiele\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DD8983906C2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-11-04]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [919552 2008-04-17] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [47232 2008-04-17] (Hauppauge Computer Works, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 12:58 - 2014-01-31 12:58 - 00013510 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:48 - 2014-01-31 12:50 - 00000000 ____D C:\AdwCleaner
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-30 14:26 - 2014-01-30 14:28 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:23 - 2014-01-30 12:34 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ C:\ComboFix.txt
2014-01-30 11:17 - 2014-01-30 11:22 - 00000000 ____D C:\Qoobox
2014-01-30 11:17 - 2014-01-30 11:21 - 00000000 ____D C:\Windows\erdnt
2014-01-30 11:17 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-30 11:17 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-30 11:17 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-30 10:08 - 2014-01-30 10:10 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:42 - 2014-01-28 19:42 - 00487387 _____ C:\Users\Marco\Desktop\Gmer.txt
2014-01-28 19:24 - 2014-01-28 19:27 - 00029457 _____ C:\Users\Marco\Desktop\Addition.txt
2014-01-28 19:24 - 2014-01-28 19:25 - 00026124 _____ C:\Users\Marco\Desktop\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Desktop\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-01-28 19:19 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 17:34 - 2014-01-28 17:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 18:09 - 2014-01-22 18:11 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:59 - 2014-01-23 22:57 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 17:59 - 2014-01-22 18:15 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 17:59 - 2014-01-22 18:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 17:48 - 2014-01-22 17:57 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-15 08:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 13:50 - 2014-01-07 13:51 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-31 12:55 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

==================== One Month Modified Files and Folders =======

2014-01-31 12:58 - 2014-01-31 12:58 - 00013510 _____ C:\Users\Marco\Downloads\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:55 - 2014-01-07 09:55 - 00000000 ____D C:\Users\Marco\AppData\Local\Box Sync
2014-01-31 12:55 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Dropbox
2014-01-31 12:55 - 2013-10-05 21:19 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 12:55 - 2013-10-05 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-31 12:55 - 2013-10-05 19:21 - 01698900 _____ C:\Windows\WindowsUpdate.log
2014-01-31 12:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 12:55 - 2009-07-14 05:51 - 00044899 _____ C:\Windows\setupact.log
2014-01-31 12:55 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 12:55 - 2009-07-14 05:45 - 00017568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 12:54 - 2013-10-05 21:05 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26B70CC-B586-48AA-82B2-A9DBCCF0E556}
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:50 - 2014-01-31 12:48 - 00000000 ____D C:\AdwCleaner
2014-01-31 12:40 - 2013-10-05 21:19 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 12:22 - 2013-10-05 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-31 10:56 - 2009-07-14 18:58 - 00698688 _____ C:\Windows\system32\perfh007.dat
2014-01-31 10:56 - 2009-07-14 18:58 - 00148828 _____ C:\Windows\system32\perfc007.dat
2014-01-31 10:56 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-31 00:45 - 2013-10-05 23:05 - 00000000 ____D C:\Program Files (x86)\WinTV
2014-01-30 14:44 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-30 14:28 - 2014-01-30 14:26 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:34 - 2014-01-30 12:23 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ C:\ComboFix.txt
2014-01-30 11:22 - 2014-01-30 11:17 - 00000000 ____D C:\Qoobox
2014-01-30 11:21 - 2014-01-30 11:17 - 00000000 ____D C:\Windows\erdnt
2014-01-30 11:21 - 2013-10-05 22:29 - 00112978 _____ C:\Windows\PFRO.log
2014-01-30 11:21 - 2009-07-14 03:34 - 66846720 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 21495808 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-30 10:14 - 2013-10-05 21:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-30 10:10 - 2014-01-30 10:08 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 21:41 - 2013-10-10 13:26 - 00000000 ____D C:\Users\Marco\AppData\Roaming\vlc
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:42 - 2014-01-28 19:42 - 00487387 _____ C:\Users\Marco\Desktop\Gmer.txt
2014-01-28 19:27 - 2014-01-28 19:24 - 00029457 _____ C:\Users\Marco\Desktop\Addition.txt
2014-01-28 19:25 - 2014-01-28 19:24 - 00026124 _____ C:\Users\Marco\Desktop\FRST.txt
2014-01-28 19:24 - 2014-01-28 19:24 - 00000000 ____D C:\FRST
2014-01-28 19:22 - 2014-01-28 19:22 - 00000472 _____ C:\Users\Marco\Desktop\defogger_disable.log
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ C:\Users\Marco\defogger_reenable
2014-01-28 19:22 - 2013-10-05 19:21 - 00000000 ____D C:\Users\Marco
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:19 - 2014-01-28 19:18 - 02079232 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:35 - 2014-01-28 17:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D C:\Users\Marco\Downloads\antimal ware
2014-01-23 22:57 - 2014-01-22 17:59 - 00000000 ____D C:\Users\Marco\Documents\StarCraft II
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-22 18:15 - 2014-01-22 17:59 - 00000845 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 18:15 - 2014-01-22 17:59 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2014-01-22 18:11 - 2014-01-22 18:09 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:57 - 2014-01-22 17:48 - 00000000 ____D C:\ProgramData\Battle.net
2014-01-21 07:54 - 2013-10-05 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-21 07:54 - 2013-10-05 21:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-21 07:54 - 2013-10-05 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-21 07:53 - 2013-10-05 23:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2014-01-17 08:17 - 2013-10-25 10:39 - 00000979 _____ C:\Users\Marco\Desktop\Dropbox.lnk
2014-01-17 08:17 - 2013-10-25 10:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 08:17 - 2013-10-05 19:21 - 00000000 ___RD C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 15:34 - 2009-07-14 05:45 - 00446264 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:52 - 2013-10-05 21:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 09:51 - 2013-10-05 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:56 - 2013-11-04 14:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-07 16:13 - 2013-11-03 17:35 - 00000000 ____D C:\Users\Marco\Documents\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-07 13:51 - 2014-01-07 13:50 - 00005604 _____ C:\Windows\system32\lvcoinst.log
2014-01-07 13:50 - 2013-10-06 15:19 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D C:\Users\Marco\Documents\My Box Files
2014-01-07 09:10 - 2013-10-10 13:26 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 17:31 - 2013-10-06 11:30 - 00000000 ____D C:\Windows\System32\Tasks\Games
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-04 14:19 - 2013-10-05 21:19 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-04 14:19 - 2013-10-05 21:19 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 19:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

btw: meine tae-doese wurde gestern gewechselt -ohne nennenswerten Erfolg

Ich kann das Problem mittlerweile aber etwas spezifizieren: Der Rechner braucht ne gewisse Zeit bis die Leitung steht - soll heißen: Sobald ich einen Neustart mache, hab ich ne miese Bandbreite. Wenn ich dann ne Stunde oder auch zwei warte und auch mal ein video streame, steht die Leitung und ich hab die volle Bandbreite.

Alt 01.02.2014, 10:00   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Andere Rechner in deinem Netz haben keine Probleme?


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2014, 11:47   #9
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



mein laptop hat die ähnlichen probleme - der Rechner vom techniker hatte gar keine probleme..

ESET Log

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=552eb596b2fd9942b58279814462e05b
# engine=16895
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-01 11:36:23
# local_time=2014-02-01 12:36:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 77 2397516 2416618 0 0
# compatibility_mode=5893 16776573 100 94 91780 142884433 0 0
# scanned=317309
# found=0
# cleaned=0
# scan_time=4140
         
security check

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
 Mozilla Thunderbird (24.2.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRSTlog


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 03
Ran by Marco (administrator) on MARCO-PC on 01-02-2014 12:46:48
Running from C:\Users\Marco\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\WinTV.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [BoxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [13059912 2014-01-24] (Box, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [EPGServiceTool] - C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3454655378-3721952221-3468027484-1000\...\Run: [Steam] - E:\Spiele\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-3454655378-3721952221-3468027484-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DD8983906C2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\cx6vxi10.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-11-04]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [919552 2008-04-17] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [47232 2008-04-17] (Hauppauge Computer Works, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-01 12:46 - 2014-02-01 12:46 - 00000000 ____D () C:\Users\Marco\Downloads\FRST-OlderVersion
2014-02-01 12:44 - 2014-02-01 12:44 - 00000856 _____ () C:\Users\Marco\Desktop\checkup.txt
2014-02-01 11:24 - 2014-02-01 11:24 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-01 11:22 - 2014-02-01 11:22 - 00987425 _____ () C:\Users\Marco\Downloads\SecurityCheck.exe
2014-02-01 11:21 - 2014-02-01 11:21 - 02347384 _____ (ESET) C:\Users\Marco\Downloads\esetsmartinstaller_enu.exe
2014-01-31 12:58 - 2014-02-01 12:46 - 00013610 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ () C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ () C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ () C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:48 - 2014-01-31 12:50 - 00000000 ____D () C:\AdwCleaner
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ () C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-30 14:26 - 2014-01-30 14:28 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:23 - 2014-01-30 12:34 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ () C:\ComboFix.txt
2014-01-30 11:17 - 2014-01-30 11:22 - 00000000 ____D () C:\Qoobox
2014-01-30 11:17 - 2014-01-30 11:21 - 00000000 ____D () C:\Windows\erdnt
2014-01-30 11:17 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-30 11:17 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-30 11:17 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-30 11:17 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-30 10:08 - 2014-01-30 10:10 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ () C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:24 - 2014-02-01 12:46 - 00000000 ____D () C:\FRST
2014-01-28 19:24 - 2014-01-31 12:58 - 00029801 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ () C:\Users\Marco\defogger_reenable
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ () C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-02-01 12:46 - 02080256 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ () C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 17:34 - 2014-01-28 17:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D () C:\Users\Marco\Downloads\antimal ware
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 18:09 - 2014-01-22 18:11 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:59 - 2014-01-23 22:57 - 00000000 ____D () C:\Users\Marco\Documents\StarCraft II
2014-01-22 17:59 - 2014-01-22 18:15 - 00000845 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 17:59 - 2014-01-22 18:15 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-01-22 17:48 - 2014-01-22 17:57 - 00000000 ____D () C:\ProgramData\Battle.net
2014-01-15 08:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 13:50 - 2014-01-07 13:51 - 00005604 _____ () C:\Windows\system32\lvcoinst.log
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ () C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-02-01 10:36 - 00000000 ____D () C:\Users\Marco\AppData\Local\Box Sync
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D () C:\Users\Marco\Documents\My Box Files
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

==================== One Month Modified Files and Folders =======

2014-02-01 12:46 - 2014-02-01 12:46 - 00000000 ____D () C:\Users\Marco\Downloads\FRST-OlderVersion
2014-02-01 12:46 - 2014-01-31 12:58 - 00013610 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-02-01 12:46 - 2014-01-28 19:24 - 00000000 ____D () C:\FRST
2014-02-01 12:46 - 2014-01-28 19:18 - 02080256 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-02-01 12:45 - 2013-10-05 23:08 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-02-01 12:45 - 2013-10-05 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-01 12:45 - 2013-10-05 21:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-01 12:45 - 2013-10-05 21:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-01 12:45 - 2013-10-05 21:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-01 12:45 - 2013-10-05 21:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26B70CC-B586-48AA-82B2-A9DBCCF0E556}
2014-02-01 12:44 - 2014-02-01 12:44 - 00000856 _____ () C:\Users\Marco\Desktop\checkup.txt
2014-02-01 12:40 - 2013-10-05 21:19 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-01 12:21 - 2013-10-05 23:05 - 00000000 ____D () C:\Program Files (x86)\WinTV
2014-02-01 11:25 - 2013-10-05 19:21 - 01723196 _____ () C:\Windows\WindowsUpdate.log
2014-02-01 11:25 - 2009-07-14 18:58 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-02-01 11:25 - 2009-07-14 18:58 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-02-01 11:25 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-01 11:24 - 2014-02-01 11:24 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-01 11:22 - 2014-02-01 11:22 - 00987425 _____ () C:\Users\Marco\Downloads\SecurityCheck.exe
2014-02-01 11:21 - 2014-02-01 11:21 - 02347384 _____ (ESET) C:\Users\Marco\Downloads\esetsmartinstaller_enu.exe
2014-02-01 10:36 - 2014-01-07 09:55 - 00000000 ____D () C:\Users\Marco\AppData\Local\Box Sync
2014-02-01 10:01 - 2009-07-14 05:45 - 00017568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-01 10:01 - 2009-07-14 05:45 - 00017568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-01 09:54 - 2013-10-25 10:37 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dropbox
2014-02-01 09:54 - 2013-10-05 21:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-01 09:54 - 2013-10-05 21:19 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-01 09:54 - 2013-10-05 21:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-01 09:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-01 09:54 - 2009-07-14 05:51 - 00045515 _____ () C:\Windows\setupact.log
2014-01-31 12:58 - 2014-01-28 19:24 - 00029801 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-01-31 12:56 - 2014-01-31 12:56 - 00000867 _____ () C:\Users\Marco\Desktop\JRT.txt
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 12:51 - 2014-01-31 12:51 - 00000900 _____ () C:\Users\Marco\Desktop\AdwCleaner[S0].txt
2014-01-31 12:50 - 2014-01-31 12:50 - 00000886 _____ () C:\Users\Marco\Desktop\AdwCleaner[R0].txt
2014-01-31 12:50 - 2014-01-31 12:48 - 00000000 ____D () C:\AdwCleaner
2014-01-31 11:25 - 2014-01-31 11:25 - 01166132 _____ () C:\Users\Marco\Downloads\adwcleaner.exe
2014-01-31 11:25 - 2014-01-31 11:25 - 01037068 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-01-30 14:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-30 14:28 - 2014-01-30 14:26 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE(1).exe
2014-01-30 12:34 - 2014-01-30 12:23 - 90578216 _____ (AVAST Software) C:\Users\Marco\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-01-30 11:22 - 2014-01-30 11:22 - 00035932 _____ () C:\ComboFix.txt
2014-01-30 11:22 - 2014-01-30 11:17 - 00000000 ____D () C:\Qoobox
2014-01-30 11:21 - 2014-01-30 11:17 - 00000000 ____D () C:\Windows\erdnt
2014-01-30 11:21 - 2013-10-05 22:29 - 00112978 _____ () C:\Windows\PFRO.log
2014-01-30 11:21 - 2009-07-14 03:34 - 66846720 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 21495808 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-01-30 11:21 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-30 10:10 - 2014-01-30 10:08 - 05177551 ____R (Swearware) C:\Users\Marco\Downloads\ComboFix.exe
2014-01-28 21:41 - 2013-10-10 13:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\vlc
2014-01-28 19:58 - 2014-01-28 19:58 - 00029720 _____ () C:\Users\Marco\Desktop\Logfiles.zip
2014-01-28 19:22 - 2014-01-28 19:22 - 00000000 _____ () C:\Users\Marco\defogger_reenable
2014-01-28 19:22 - 2013-10-05 19:21 - 00000000 ____D () C:\Users\Marco
2014-01-28 19:19 - 2014-01-28 19:19 - 00370971 _____ () C:\Users\Marco\Downloads\gmer_2.1.19355.zip
2014-01-28 19:18 - 2014-01-28 19:18 - 00050477 _____ () C:\Users\Marco\Downloads\Defogger.exe
2014-01-28 17:51 - 2014-01-28 17:51 - 30796712 _____ (Oracle Corporation) C:\Users\Marco\Downloads\jre-7u51-windows-x64.exe
2014-01-28 17:44 - 2014-01-28 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marco\Downloads\HijackThis.exe
2014-01-28 17:36 - 2014-01-28 17:36 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-28 17:36 - 2014-01-28 17:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 17:35 - 2014-01-28 17:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marco\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 17:34 - 2014-01-28 17:34 - 00000000 ____D () C:\Users\Marco\Downloads\antimal ware
2014-01-23 22:57 - 2014-01-22 17:59 - 00000000 ____D () C:\Users\Marco\Documents\StarCraft II
2014-01-22 20:29 - 2014-01-22 20:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Blizzard Entertainment
2014-01-22 19:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-22 18:15 - 2014-01-22 17:59 - 00000845 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-01-22 18:15 - 2014-01-22 17:59 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-01-22 18:11 - 2014-01-22 18:09 - 54085656 _____ (Blizzard Entertainment) C:\Users\Marco\Downloads\StarCraft-II-Setup-deDE.exe
2014-01-22 17:57 - 2014-01-22 17:48 - 00000000 ____D () C:\ProgramData\Battle.net
2014-01-17 08:17 - 2013-10-25 10:39 - 00000979 _____ () C:\Users\Marco\Desktop\Dropbox.lnk
2014-01-17 08:17 - 2013-10-25 10:37 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 08:17 - 2013-10-05 19:21 - 00000000 ___RD () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 15:34 - 2009-07-14 05:45 - 00446264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:52 - 2013-10-05 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 09:51 - 2013-10-05 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:56 - 2013-11-04 14:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-07 16:13 - 2013-11-03 17:35 - 00000000 ____D () C:\Users\Marco\Documents\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-07 16:13 - 2013-10-06 13:29 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-01-07 13:51 - 2014-01-07 13:50 - 00005604 _____ () C:\Windows\system32\lvcoinst.log
2014-01-07 13:50 - 2013-10-06 15:19 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-01-07 10:00 - 2014-01-07 10:00 - 00001299 _____ () C:\Users\Marco\Desktop\Box Sync.lnk
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-07 09:55 - 2014-01-07 09:55 - 00000000 ____D () C:\Program Files\Box
2014-01-07 09:44 - 2014-01-07 09:44 - 00000000 ____D () C:\Users\Marco\Documents\My Box Files
2014-01-07 09:10 - 2013-10-10 13:26 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 17:31 - 2013-10-06 11:30 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-01-04 14:19 - 2014-01-04 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-04 14:19 - 2013-10-05 21:19 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-04 14:19 - 2013-10-05 21:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-04 14:19 - 2013-10-05 21:19 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\log4net.dll
C:\Users\Marco\AppData\Local\Temp\Quarantine.exe
C:\Users\Marco\AppData\Local\Temp\SyncRestarter.exe
C:\Users\Marco\AppData\Local\Temp\sync_upgrader.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 19:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 02.02.2014, 05:43   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Zitat:
mein laptop hat die ähnlichen probleme
Das ist dann aber schon ein anderer REchner als der hier im Thread? Also haben 2 Rechner dieses Problem?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2014, 09:18   #11
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



das ist so korrekt. ich werde den laptop aber die Tage nochmal eischalten und das überprüfen, ob auch dort die Verbindung schlecht ist.

Alt 03.02.2014, 09:40   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Ja bitte. Wenn 2 Rechner das Problem haben sind es definitiv nicht die Rechner.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2014, 18:48   #13
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



aaaalso: Laptop eingeschalten, erstmal updates installiert über wlan - lief wunderbar schnell -kabel angeschlossen, speedtest gemacht - volle bandbreite aufm Laptop während der rechner, der probleme macht 10 sekunden davor nict mal 0,5mbit download zusammengebracht hat. Speedtest aus Interesse aufm Laptop auch über wlan gemacht - alles super.
Dann: Kabel an Problem-Rechner angeschlossen: Ping 204ms, Down:3Mbps, Up: 0,37 Mbps
Laptop war noch an: vergleichsweise Speedcheck über wlan dort nochmal gemacht: Ping: 457ms, Down: 0,63Mbps, Up: 0,20Mbps

Nächster Speedcheck am Problemrechner obwohl Windows Updates gezogen hat: Ping: 69ms, Down: 4,64Mbps, Up: 0,58Mbps und beim Laptop ähnlich schnell.

Ich könnt die ganze Zeit so weitermachen... Als der Techniker hier war hat er seinen Rechner über LAN angeschlossen und die Verbindung war sofort mit voller Bandbreite vorhanden, wie es eigentlich auch sein sollte.
Wie gesagt: beim Problemrechner ist es am schlechtesten, wenn er neugestartet wird.

zu allem Überfluss gabs jetzt auch noch einen Bluescreen - bei Bedarf kann ich die Infos dazu mit BlueScreenViewer auslesen und hochladen.
Achja apropos Neustart: Die Bandbreite ist seitdem wieder unterirdisch: Ping 1055ms, Down:0,12Mbps, Up:0,15Mbps

Alt 04.02.2014, 12:44   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



Ja, Infos von Bluescreenview bitte posten.

WLAN intern oder extern am Problemrechner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.02.2014, 19:11   #15
Cleeer
 
Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Standard

Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet



hier ein screenshot von bluescreen viewer. Grafiktreiber habe ich danach aktualisiert, da ich bemerkt habe, dass es ein update gibt. alle anderen treiber sind aktuell. dachte dass es vielleicht am directx liegt.

wlan am problemrechner ist extern über einen usb-dongle. wlan am laptop ist intern.
Miniaturansicht angehängter Grafiken
-screenshot-bluescreen-view.jpg  

Antwort

Themen zu Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet
anleitung, avast, bandbreite, check, dsl, durchgeführt, gen, guten, herzlichen, internet, konfigurationen, lan, langsames internet, laptop, logfiles, probleme, prüfung, router, scan, super, system, virenscan, wirklich, wlan, woche, zusammen



Ähnliche Themen: Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet


  1. nur ein PC hat sehr langsames Internet - per LAN
    Netzwerk und Hardware - 14.07.2015 (9)
  2. Windows 8: sehr langsames Internet und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (15)
  3. Sehr langsames Internet
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (28)
  4. Windows 7/ Hoher Ping - Sehr langsames Internet
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (11)
  5. Sehr viel Werbung und langsames Internet?
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (8)
  6. win 7 home premium / massive boot probleme / cd dvd Laufwerk verschunden / sehr langsames internet
    Log-Analyse und Auswertung - 18.04.2013 (1)
  7. Internet weniger Bandbreite
    Alles rund um Windows - 06.11.2012 (22)
  8. Internet nur Zuhause sehr langsam - Arcor Starterbox - WLAN / Betriebssysteme - iOS, Vista, Win7
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (3)
  9. Firefox und Internet Explorer sehr langsam trotz guter wLan Verbindung
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (17)
  10. Lüfter läuft die ganze Zeit/ Schwankende CPU Leistung/Internet spinnt
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (36)
  11. Sehr langsames Internet Dsl lite leitung
    Log-Analyse und Auswertung - 22.07.2011 (1)
  12. Internet sehr langsam, Wlan schuld oder gar Befall ?
    Log-Analyse und Auswertung - 01.12.2010 (3)
  13. PC und Internet total langsam trotz voller Bandbreite
    Log-Analyse und Auswertung - 27.06.2009 (0)
  14. Sehr langsames Internet.
    Log-Analyse und Auswertung - 05.03.2009 (3)
  15. Sehr langsames Internet Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2009 (1)
  16. sehr langsames internet
    Log-Analyse und Auswertung - 01.01.2009 (10)
  17. Sehr langsames Internet, plötzlich aufgetreten
    Log-Analyse und Auswertung - 28.04.2006 (10)

Zum Thema Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet - Guten Abend zusammen, ich habe seit ca. 1 Woche Probleme mit meiner Internetverbindung. Unabhängig von Tages- oder Nachtzeit, sowie kabelgebunden oder -ungebunden habe ich zum Teil Downloadraten von 0,1 MBit - Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet...
Archiv
Du betrachtest: Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.