Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Schlechtes Internet seit einigen Tagen-Log's

Schlechtes Internet seit einigen Tagen-Log's


Log-Analyse und Auswertung: Schlechtes Internet seit einigen Tagen-Log's

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 17.08.2014, 21:19   #1
Neko88
 
Schlechtes Internet seit einigen Tagen-Log's - Standard

Schlechtes Internet seit einigen Tagen-Log's


Hi

Es handelt sich um diesen Theard: http://www.trojaner-board.de/157721-...ml#post1346143

Defogger :

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:50 on 17/08/2014 (Nico)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

( Es kam keine Fehlermeldung einfach nur auf Ok danach kam nichts mehr)

FRST:




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Nico (administrator) on NICO-PC on 17-08-2014 21:41:11
Running from C:\Users\Nico\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Nico\Downloads\Defogger.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6342688 2008-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-935688326-224242284-775663105-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-935688326-224242284-775663105-1000\...\MountPoints2: {4a62342d-25de-11e4-9ae3-000ffe725fba} - E:\pushinst.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D891BEABDB4CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\4lvwu4yt.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\4lvwu4yt.default\Extensions\ich@maltegoetz.de [2014-07-11]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\4lvwu4yt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-11]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-13]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-10] (AVAST Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2014-08-10] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [329968 2014-08-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-07-19] (Sony Mobile Communications)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 21:41 - 2014-08-17 21:41 - 00008950 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-08-17 21:41 - 2014-08-17 21:41 - 00000000 ____D () C:\FRST
2014-08-17 21:39 - 2014-08-17 21:40 - 02101760 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-08-17 21:38 - 2014-08-17 21:40 - 00000470 _____ () C:\Users\Nico\Downloads\defogger_disable.log
2014-08-17 21:38 - 2014-08-17 21:38 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2014-08-17 21:38 - 2014-08-17 21:38 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2014-08-17 13:23 - 2014-08-17 13:23 - 00001902 _____ () C:\Users\Nico\Desktop\Kaspersky Internet Security 2014 - CHIP Downloader.lnk
2014-08-17 13:19 - 2014-08-17 13:20 - 01101648 _____ () C:\Users\Nico\Downloads\Kaspersky Internet Security 2014 - CHIP-Installer.exe
2014-08-17 12:46 - 2014-08-17 13:14 - 01101648 _____ () C:\Users\Nico\Downloads\HijackThis - CHIP-Installer.exe
2014-08-17 09:43 - 2014-08-17 09:43 - 00000000 ____D () C:\Users\Nico\AVM_Driver
2014-08-16 15:35 - 2014-08-16 15:35 - 00000000 ____D () C:\Users\Nico\aTubeCatcher
2014-08-16 15:31 - 2014-08-17 12:13 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-08-16 15:31 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2014-08-16 15:28 - 2014-08-16 15:30 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher(1).exe
2014-08-16 15:25 - 2014-08-16 15:27 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher.exe
2014-08-13 15:50 - 2014-06-27 00:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 15:50 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 15:50 - 2014-06-27 00:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 15:50 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 15:50 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 15:50 - 2014-06-27 00:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 15:50 - 2014-06-06 06:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 15:50 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-12 20:37 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-12 20:37 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-12 20:37 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-12 20:37 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-12 20:37 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-12 20:37 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-12 20:37 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-12 20:37 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-12 20:37 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-12 20:37 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-12 20:37 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-12 20:37 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-12 20:37 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-12 20:37 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-12 20:37 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-12 20:37 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-12 20:37 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-12 20:37 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-12 20:37 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-12 20:37 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-12 20:37 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-12 20:37 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-12 20:37 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-12 20:37 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-12 20:37 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-12 20:37 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-12 20:36 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-12 20:36 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-12 20:36 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-12 20:36 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-12 20:36 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-12 20:36 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-12 20:36 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-12 20:36 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-12 20:35 - 2014-07-25 06:27 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-12 20:35 - 2014-07-25 06:18 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-12 20:35 - 2014-07-25 05:15 - 02781696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-12 20:35 - 2014-06-14 02:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-12 20:35 - 2014-06-14 02:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-12 20:28 - 2014-07-08 03:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-12 20:28 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-12 20:28 - 2014-06-02 23:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-12 20:28 - 2014-06-02 23:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-12 20:28 - 2014-06-02 23:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-12 20:28 - 2014-06-02 23:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-12 20:28 - 2014-06-02 22:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-12 20:28 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-12 20:28 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-12 20:28 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-10 14:41 - 2014-08-10 14:41 - 366111132 _____ () C:\Windows\MEMORY.DMP
2014-08-10 14:41 - 2014-08-10 14:41 - 00270376 _____ () C:\Windows\Minidump\Mini081014-01.dmp
2014-08-10 14:41 - 2014-08-10 14:41 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 13:01 - 2014-08-10 13:01 - 00001835 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-10 13:00 - 2014-08-10 12:59 - 00329968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-08-10 13:00 - 2014-08-10 12:59 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-10 12:59 - 2014-08-10 12:59 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-07-31 17:25 - 2014-07-31 17:25 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000888 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 17:16 - 2014-07-29 18:40 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\.minecraft
2014-07-25 17:13 - 2014-07-25 19:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-25 17:13 - 2014-07-25 17:13 - 00000000 ____D () C:\ProgramData\Sun
2014-07-25 00:29 - 2014-08-17 19:01 - 00003584 _____ () C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-23 15:50 - 2014-07-31 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 18:06 - 2014-07-21 18:06 - 00000000 ____D () C:\Program Files (x86)\Hama
2014-07-21 18:06 - 2009-02-05 02:49 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-07-19 17:19 - 2014-07-19 17:19 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-07-19 17:19 - 2014-07-19 17:19 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2014-07-19 17:19 - 2014-07-19 17:19 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-07-19 17:17 - 2014-07-20 18:46 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-07-19 17:17 - 2014-07-20 18:46 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-07-19 17:10 - 2014-07-19 18:35 - 00207970 _____ () C:\Windows\DPINST.LOG
2014-07-18 15:55 - 2014-07-18 16:02 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 21:41 - 2014-08-17 21:41 - 00008950 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-08-17 21:41 - 2014-08-17 21:41 - 00000000 ____D () C:\FRST
2014-08-17 21:40 - 2014-08-17 21:39 - 02101760 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-08-17 21:40 - 2014-08-17 21:38 - 00000470 _____ () C:\Users\Nico\Downloads\defogger_disable.log
2014-08-17 21:38 - 2014-08-17 21:38 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2014-08-17 21:38 - 2014-08-17 21:38 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2014-08-17 21:38 - 2014-07-11 03:02 - 00000000 ____D () C:\Users\Nico
2014-08-17 21:32 - 2014-07-11 03:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 20:42 - 2006-11-02 17:22 - 00005616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 20:42 - 2006-11-02 17:22 - 00005616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 20:07 - 2014-07-11 03:23 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Skype
2014-08-17 19:46 - 2006-11-02 17:27 - 01999120 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 19:41 - 2014-07-15 14:16 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\TS3Client
2014-08-17 19:01 - 2014-07-25 00:29 - 00003584 _____ () C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-17 18:48 - 2014-07-11 03:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-17 18:48 - 2006-11-02 20:56 - 00673264 _____ () C:\Windows\system32\perfh007.dat
2014-08-17 18:48 - 2006-11-02 20:56 - 00145082 _____ () C:\Windows\system32\perfc007.dat
2014-08-17 18:48 - 2006-11-02 14:46 - 01564930 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 18:46 - 2014-07-11 03:39 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-17 18:46 - 2014-07-11 03:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-17 18:46 - 2014-07-11 03:39 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-17 18:42 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 18:39 - 2006-11-02 17:42 - 00028090 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-17 13:23 - 2014-08-17 13:23 - 00001902 _____ () C:\Users\Nico\Desktop\Kaspersky Internet Security 2014 - CHIP Downloader.lnk
2014-08-17 13:20 - 2014-08-17 13:19 - 01101648 _____ () C:\Users\Nico\Downloads\Kaspersky Internet Security 2014 - CHIP-Installer.exe
2014-08-17 13:14 - 2014-08-17 12:46 - 01101648 _____ () C:\Users\Nico\Downloads\HijackThis - CHIP-Installer.exe
2014-08-17 12:13 - 2014-08-16 15:31 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-08-17 09:43 - 2014-08-17 09:43 - 00000000 ____D () C:\Users\Nico\AVM_Driver
2014-08-16 15:35 - 2014-08-16 15:35 - 00000000 ____D () C:\Users\Nico\aTubeCatcher
2014-08-16 15:33 - 2014-07-11 03:03 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-08-16 15:30 - 2014-08-16 15:28 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher(1).exe
2014-08-16 15:27 - 2014-08-16 15:25 - 16806776 _____ (DsNET Corp ) C:\Users\Nico\Downloads\aTube7973_Catcher.exe
2014-08-15 14:50 - 2014-07-11 14:01 - 00008750 _____ () C:\Windows\PFRO.log
2014-08-15 14:14 - 2014-07-11 14:09 - 00003880 _____ () C:\Windows\system32\spsys.log
2014-08-13 17:40 - 2014-07-11 12:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-13 16:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-08-13 16:33 - 2006-11-02 17:21 - 00228600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 16:08 - 2014-07-11 15:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 16:06 - 2006-11-02 14:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-11 17:15 - 2014-07-11 03:23 - 00000000 ____D () C:\ProgramData\Skype
2014-08-10 14:41 - 2014-08-10 14:41 - 366111132 _____ () C:\Windows\MEMORY.DMP
2014-08-10 14:41 - 2014-08-10 14:41 - 00270376 _____ () C:\Windows\Minidump\Mini081014-01.dmp
2014-08-10 14:41 - 2014-08-10 14:41 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 13:01 - 2014-08-10 13:01 - 00001835 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-10 13:01 - 2014-07-11 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-10 12:59 - 2014-08-10 13:00 - 00329968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-08-10 12:59 - 2014-08-10 13:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-10 12:59 - 2014-08-10 12:59 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-07-31 17:25 - 2014-07-31 17:25 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000888 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-31 17:25 - 2014-07-31 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 17:25 - 2014-07-23 15:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:40 - 2014-07-25 17:16 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\.minecraft
2014-07-26 00:07 - 2014-07-11 04:07 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-25 19:56 - 2014-07-25 17:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-25 18:53 - 2014-07-15 14:28 - 00000097 _____ () C:\Users\Nico\AppData\Roaming\LauncherSettings_live.cfg
2014-07-25 17:13 - 2014-07-25 17:13 - 00000000 ____D () C:\ProgramData\Sun
2014-07-25 06:27 - 2014-08-12 20:35 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-25 06:18 - 2014-08-12 20:35 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 05:15 - 2014-08-12 20:35 - 02781696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-24 21:28 - 2014-08-12 20:37 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 21:12 - 2014-08-12 20:37 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 21:10 - 2014-08-12 20:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 21:07 - 2014-08-12 20:37 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 21:06 - 2014-08-12 20:37 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 21:05 - 2014-08-12 20:37 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 21:05 - 2014-08-12 20:37 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 21:05 - 2014-08-12 20:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 21:04 - 2014-08-12 20:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 21:04 - 2014-08-12 20:36 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 21:03 - 2014-08-12 20:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 21:03 - 2014-08-12 20:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 21:03 - 2014-08-12 20:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 21:02 - 2014-08-12 20:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 20:07 - 2014-08-12 20:37 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-24 19:58 - 2014-08-12 20:37 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-24 19:57 - 2014-08-12 20:36 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-24 19:52 - 2014-08-12 20:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 19:51 - 2014-08-12 20:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-24 19:51 - 2014-08-12 20:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-24 19:50 - 2014-08-12 20:37 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-24 19:50 - 2014-08-12 20:37 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-24 19:49 - 2014-08-12 20:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-24 19:49 - 2014-08-12 20:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-24 19:49 - 2014-08-12 20:36 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-24 19:49 - 2014-08-12 20:36 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-24 19:49 - 2014-08-12 20:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-24 19:48 - 2014-08-12 20:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-24 19:48 - 2014-08-12 20:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-12 20:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-24 19:48 - 2014-08-12 20:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-24 19:47 - 2014-08-12 20:37 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-21 18:06 - 2014-07-21 18:06 - 00000000 ____D () C:\Program Files (x86)\Hama
2014-07-21 18:06 - 2014-07-11 22:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-20 18:46 - 2014-07-19 17:17 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-07-20 18:46 - 2014-07-19 17:17 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-07-19 18:35 - 2014-07-19 17:10 - 00207970 _____ () C:\Windows\DPINST.LOG
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2014-07-19 18:21 - 2014-07-19 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-07-19 17:19 - 2014-07-19 17:19 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-07-19 17:19 - 2014-07-19 17:19 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2014-07-19 17:19 - 2014-07-19 17:19 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-07-18 16:02 - 2014-07-18 15:55 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 18:47

==================== End Of Log ============================
--- --- ---


Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Nico at 2014-08-17 21:42:39
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
ATI AVIVO64 Codecs (Version: 11.1.0.50406 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{9009C23D-3A54-DA44-4524-5E2250CE152F}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0406.2133.36843 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help English (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help French (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help German (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0406.2132.36843 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0406.2133.36843 - ATI) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5645 - Realtek Semiconductor Corp.)
Skins (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-07-2014 11:57:12 Windows Update
19-07-2014 15:10:09 Sony PC Companion
19-07-2014 15:18:53 Installed Sony Mobile Drivers
19-07-2014 16:33:59 Sony PC Companion
20-07-2014 19:11:43 Geplanter Prüfpunkt
21-07-2014 15:17:40 Geplanter Prüfpunkt
21-07-2014 16:06:35 Installiert Hama Wireless LAN Adapter
21-07-2014 18:35:22 Installiert Hama Wireless LAN Adapter
22-07-2014 10:29:06 Geplanter Prüfpunkt
22-07-2014 12:48:21 Windows Update
25-07-2014 15:10:31 Installed Java 7 Update 65
25-07-2014 15:17:07 Removed Java 7 Update 65
25-07-2014 17:53:47 Installed Java 7 Update 65
27-07-2014 13:16:42 Geplanter Prüfpunkt
28-07-2014 20:54:29 Geplanter Prüfpunkt
29-07-2014 08:38:15 Windows Update
30-07-2014 18:09:14 Geplanter Prüfpunkt
31-07-2014 15:08:41 Removed Java 7 Update 65
31-07-2014 15:10:30 Removed Java 7 Update 65
01-08-2014 12:57:48 Windows Update
04-08-2014 15:09:58 Geplanter Prüfpunkt
05-08-2014 13:33:20 Windows Update
06-08-2014 15:41:25 Geplanter Prüfpunkt
10-08-2014 10:54:07 avast! antivirus system restore point
10-08-2014 11:00:30 Gerätetreiber-Paketinstallation: ALWIL Software Netzwerkdienst
12-08-2014 18:18:10 Windows Update
13-08-2014 13:46:44 Windows Update
15-08-2014 12:57:28 Installiert Hama Wireless LAN Adapter
15-08-2014 13:04:57 Windows Update
16-08-2014 09:24:16 Geplanter Prüfpunkt
17-08-2014 08:21:43 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01930737-A65B-45E6-AF6D-9B9D2380949A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {14F21DCD-FDA1-48F5-BB0B-9E895AC3A17C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4E946E6C-49EC-4FD9-8F58-EB5AF1752C5D} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {5040BA28-B793-48BE-B106-7236CAC69250} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {604FB42A-ABB3-4255-AE0E-6E8B89547189} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {ABE1E530-7390-424C-8C0F-282F6A02AA75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {FF7B43F9-E7FC-4592-B99A-B8BA876E0AB1} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Loaded Modules (whitelisted) =============

2014-07-11 14:25 - 2010-04-07 09:22 - 00026112 _____ () C:\Windows\system32\atitmp64.dll
2010-01-08 14:15 - 2010-01-08 14:15 - 01552384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-07-11 14:32 - 2014-07-11 14:32 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-17 21:38 - 2014-08-17 21:38 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2014-07-11 12:47 - 2014-07-11 12:47 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-17 09:17 - 2014-08-17 09:17 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081700\algo.dll
2014-08-17 21:41 - 2014-08-17 21:41 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081701\algo.dll
2014-07-11 12:47 - 2014-07-11 12:47 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-11 03:47 - 2014-08-14 00:31 - 02144448 _____ () C:\Program Files (x86)\Steam\video.dll
2014-07-11 03:47 - 2014-08-04 21:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-07-11 03:47 - 2014-07-31 05:47 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-07-11 03:47 - 2014-08-14 00:30 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.dll
2014-07-11 03:47 - 2014-08-13 08:27 - 34587328 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 17:08 - 2014-08-13 08:27 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-07-31 17:25 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-17 18:46 - 2014-08-17 18:46 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2014 05:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 31.0.0.5310, Zeitstempel 0x53c75e91, fehlerhaftes Modul mozalloc.dll, Version 31.0.0.5310, Zeitstempel 0x53c72e91, Ausnahmecode 0x80000003, Fehleroffset 0x0000141b,
Prozess-ID 0x1ec, Anwendungsstartzeit plugin-container.exe0.

Error: (08/17/2014 05:18:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 12f0
Anfangszeit: 01cfba2e30827bc4
Zeitpunkt der Beendigung: 19

Error: (08/16/2014 10:42:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 173c
Anfangszeit: 01cfb98c234b8e35
Zeitpunkt der Beendigung: 45


System errors:
=============
Error: (08/17/2014 00:52:53 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "TOBI",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{5C34AC46-597A-4E4D-A765-23057A77A24E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/16/2014 11:39:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU

Error: (08/16/2014 10:24:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU

Error: (08/15/2014 05:10:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Steam Client Service%%1053

Error: (08/15/2014 05:10:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Steam Client Service

Error: (08/15/2014 02:58:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Realtek11nSU

Error: (08/15/2014 02:16:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU

Error: (08/14/2014 08:14:45 PM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "NICO-PC        :20" konnte nicht auf der Schnittstelle mit IP-Adresse 0.0.0.0
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (08/14/2014 08:14:45 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{83ECF501-D64A-47C0-BC69-944950BDCA1E} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (08/14/2014 06:10:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek11nSU


Microsoft Office Sessions:
=========================
Error: (08/17/2014 05:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b1ec01cfba2e4005bc64

Error: (08/17/2014 05:18:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.531012f001cfba2e30827bc419

Error: (08/16/2014 10:42:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: csgo.exe0.0.0.0173c01cfb98c234b8e3545


CodeIntegrity Errors:
===================================
  Date: 2014-07-11 16:13:38.844
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Nico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.764
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Nico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.308
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-11 16:13:38.214
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.00GHz
Percentage of memory in use: 65%
Total physical RAM: 3062.5 MB
Available physical RAM: 1068.23 MB
Total Pagefile: 6345.28 MB
Available Pagefile: 3965.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:352.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 4BCE3C8A)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
HijackThis

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:50:28, on 17.08.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_14_0_0_145.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Nico\AppData\Local\Temp\DMR\Downloads\fc1 4996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fe e276ba88bb81\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6099 bytes
Gmer:

 

Themen zu Schlechtes Internet seit einigen Tagen-Log's
antivirus, branding, browser, desktop, error, firefox, flash player, hijack, hijackthis, home, homepage, iexplore.exe, installation, kaspersky, mozilla, programm, realtek, registry, scan, security, software, svchost.exe, system, teamspeak, vista, windows


« Win 8:(Popup) Werbung, blau unterstrichene Hypelinks und es öffnen sich ungefragt Tabs | Großes Problem - Antivirenprogramm »


Ähnliche Themen: Schlechtes Internet seit einigen Tagen-Log's


  1. Seit einigen Tagen werde ich beim anklicken von Links / Buttons ungewollt weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 08.09.2015 (14)
  2. T-Online Mailkonto seit einigen Tagen ständig SPAM Mail an mein Adressbuch u.a
    Log-Analyse und Auswertung - 24.08.2015 (9)
  3. Seit einigen Tagen zu jeder Urzeit Internetprobleme (Zu langsam)
    Netzwerk und Hardware - 30.06.2015 (6)
  4. Schlechtes Internet seit einigen Tagen
    Netzwerk und Hardware - 17.08.2014 (5)
  5. Seit einigen Tagen hohe Prozessorauslastung > 50 % im Leerlauf
    Log-Analyse und Auswertung - 29.06.2014 (3)
  6. explorer zeit seit einigen tagen diese http://www_getwindowinfo/ meldung an...
    Plagegeister aller Art und deren Bekämpfung - 27.04.2014 (11)
  7. Hi an alle! Habe seit einigen tagen das isearch.babylon.com/?affID=113131& problem...
    Log-Analyse und Auswertung - 06.03.2013 (29)
  8. Internet Extrem Lahm seit einigen Tagen
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (3)
  9. Win7 64Bit friert seit einigen Tagen ein, nur Systemstart hilft
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (0)
  10. achtung-aus-sicherheitsgrunden-wurde-ihr-windowssystem-blockiert Virus seit einigen tagen
    Antiviren-, Firewall- und andere Schutzprogramme - 04.01.2012 (2)
  11. Internet seit einigen Tagen recht langsam.
    Log-Analyse und Auswertung - 14.05.2011 (1)
  12. Internetverbindung langsam seit einigen Tagen
    Log-Analyse und Auswertung - 10.02.2011 (4)
  13. Seit Virus schlechtes Internet
    Plagegeister aller Art und deren Bekämpfung - 26.06.2009 (0)
  14. Pc sowie Internet lahmt seit einigen Tagen.
    Mülltonne - 09.10.2008 (0)
  15. mein Pc spinnt total seit einigen Tagen..
    Alles rund um Windows - 20.08.2008 (3)
  16. Rechner ruckelt seit einigen Tagen, bitte Log-File prüfen
    Log-Analyse und Auswertung - 30.07.2006 (10)
  17. PC seit einigen Tagen extrem langsam
    Log-Analyse und Auswertung - 29.01.2006 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Schlechtes Internet seit einigen Tagen-Log's - Hi Es handelt sich um diesen Theard: http://www.trojaner-board.de/157721-...ml#post1346143 Defogger : defogger_disable by jpshortstuff (23.02.10.1) Log created at 21:50 on 17/08/2014 (Nico) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values - Schlechtes Internet seit einigen Tagen-Log's...
Archiv
Du betrachtest: Schlechtes Internet seit einigen Tagen-Log's auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130