Hallo Matthias!
Vielen Dank für deine schnelle Antwort :-)
Hier der Log von Combofix:
Code:
Alles auswählen Aufklappen ATTFilter
Combofix Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 14-12-07.01 - Reni 07.12.2014 12:56:46.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4017.1595 [GMT 1:00]
ausgeführt von:: c:\users\Reni\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\600440862
c:\programdata\600440862\BIT9377.tmp
c:\programdata\OrangeRuby
c:\programdata\OrangeRuby\OrangeRuby.exe
c:\users\Reni\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-11-07 bis 2014-12-07 ))))))))))))))))))))))))))))))
.
.
2014-12-07 09:49 . 2014-12-07 09:49 -------- d-----w- c:\programdata\YellowIncs
2014-12-07 09:49 . 2014-12-07 09:49 -------- d-----w- c:\users\Reni\AppData\Roaming\Optimizer Pro
2014-12-07 09:48 . 2014-12-07 09:49 -------- d-----w- c:\program files (x86)\Optimizer Pro 3.11
2014-12-07 00:55 . 2014-09-18 15:24 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C4E9A4EF-7ED4-4852-B6DF-0B023C692945}\gapaengine.dll
2014-12-07 00:54 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A04F43F-A0A7-469C-AE16-60BD193520BA}\mpengine.dll
2014-12-07 00:35 . 2014-12-07 00:37 -------- d-----w- C:\AdwCleaner
2014-12-06 18:12 . 2014-12-06 18:12 -------- d-----w- c:\program files (x86)\ESET
2014-12-06 17:23 . 2014-12-06 17:23 -------- d-----w- c:\windows\ERUNT
2014-12-06 16:29 . 2014-12-07 01:21 -------- d-----w- C:\FRST
2014-12-06 13:50 . 2014-12-06 17:44 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-06 13:49 . 2014-12-06 18:05 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-12-06 13:49 . 2014-12-06 13:49 -------- d-----w- c:\programdata\Malwarebytes
2014-12-06 13:49 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-06 13:49 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-06 13:49 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-05 21:48 . 2014-12-05 21:48 -------- d-----w- c:\programdata\OrangeRubyDat
2014-12-05 21:10 . 2014-12-05 21:10 -------- d-----w- c:\users\Reni\.thumbnails
2014-12-05 20:47 . 2014-12-05 21:10 -------- d-----w- c:\users\Reni\AppData\Local\gtk-2.0
2014-12-05 19:34 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-05 19:26 . 2014-12-05 19:26 -------- d-----w- c:\users\Reni\AppData\Local\fontconfig
2014-12-05 19:25 . 2014-12-05 21:10 -------- d-----w- c:\users\Reni\.gimp-2.8
2014-12-05 19:25 . 2014-12-05 19:25 -------- d-----w- c:\users\Reni\AppData\Local\gegl-0.2
2014-12-05 09:57 . 2014-12-05 09:58 -------- d-----w- c:\program files\GIMP 2
2014-12-05 09:47 . 2014-12-02 14:23 332584 ----a-w- c:\windows\SysWow64\ColorMedia.dll
2014-12-05 09:47 . 2014-12-02 14:23 378472 ----a-w- c:\windows\system32\ColorMedia64.dll
2014-12-05 09:47 . 2014-12-05 09:47 -------- d-----w- c:\programdata\RfndNSIS
2014-11-27 12:43 . 2014-09-25 13:56 -------- d-----w- C:\eclipse
2014-11-27 12:35 . 2014-11-27 12:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-11-27 12:35 . 2014-11-27 12:34 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-11-27 12:31 . 2014-11-27 12:33 -------- d-----w- c:\program files\Java
2014-11-21 12:33 . 2014-11-21 12:33 -------- d-----w- c:\windows\SysWow64\Wat
2014-11-21 12:33 . 2014-11-21 12:33 -------- d-----w- c:\windows\system32\Wat
2014-11-19 09:37 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 09:37 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 09:37 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 09:37 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-12 11:48 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-13 00:20 . 2014-01-02 14:02 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-30 11:25 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-18 11:36 . 2014-10-18 11:36 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-09 09:48 . 2013-12-30 22:19 43064 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-10-09 09:48 . 2013-12-30 22:19 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-10-09 09:48 . 2013-12-30 22:19 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-09-25 02:08 . 2014-10-02 08:47 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-02 08:47 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-18 15:24 . 2014-01-23 08:44 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-09 22:11 . 2014-09-25 08:44 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-25 08:44 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Line"="c:\program files (x86)\Naver\LINE\Line.exe" [2014-11-10 3985256]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-11-27 30524520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-08-13 490480]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-04 702768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"LiveUpdate 5"="c:\program files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe" [2014-03-05 322544]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-10-10 707984]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2013-12-29 72040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 051cdb72;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NTIOLIB_1_0_3
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 09:43 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29 17:31]
.
2014-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29 17:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-24 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-24 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-24 769520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about --- --- ---
A36C5E4F47E84449FF07ED3517B43A31
Liebe Grüße,
Reni
Hallo Matthias,
mein Laptop geht jetzt leider gar nicht mehr :-(
Ich habe nichts mehr an ihm verändert, nur Optimizer Pro geschlossen, wenn es sich nach dem Start gemeldet hat. Heute morgen ist er auch noch normal gestartet, aber dann hatte ich ihn im Standby und jetzt geht er nicht mehr an, sondern piepst nur noch in regelmäßigen Abständen.
LG Reni
08.12.2014, 10:25
Baum-Darstellung