Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Computer wird langsamer nach Download von doc-to-pdf-Tool

Computer wird langsamer nach Download von doc-to-pdf-Tool


Log-Analyse und Auswertung: Computer wird langsamer nach Download von doc-to-pdf-Tool

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.02.2014, 12:23   #1
kurtzweil
 
Computer wird langsamer nach Download von doc-to-pdf-Tool - Standard

Computer wird langsamer nach Download von doc-to-pdf-Tool


Guten Tag!
Ich bin neu hier in dem Forum und habe leider auch nicht so viel Ahnung von Computern. Bitte entschuldigt daher, wenn ich etwas nachfragen muss.
Weil mein Word beim Konvertieren zu pdf plötzlich Wasserzeichen über die Seiten gedruckt hat, hab ich (blöderweise) ein Tool zum Konvertieren von .doc zu .pdf heruntergeladen (PDF Creator). Seitdem wird mein Computer immer langsamer, mein Virenprogramm findet aber leider nichts. Die logfiles sehen bei mir so aus:

defogger_disable:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:13 on 16/02/2014 (Hanna)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by Hanna (administrator) on KASIMIR on 16-02-2014 10:14:11
Running from C:\Users\Hanna\Desktop
Microsoft Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe
(AMD) C:\windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Andrea Electronics Corporation) C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Dropbox, Inc.) C:\Users\Hanna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVM Berlin) C:\Users\Hanna\AppData\Local\Apps\2.0\MMYD67T3.2QW\YOTZPTH7.41P\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Microsoft Corporation) C:\windows\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [288312 2009-07-28] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-06-18] (PDF Complete Inc)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [458844 2009-07-14] (IDT, Inc.)
HKLM\...\Run: [SpybotSnD] - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [5365592 2009-01-26] (Safer Networking Limited)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\runonceex: [ContentMerger] - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-13] (Sonic Solutions)
HKU\S-1-5-21-1069123905-1725157069-2146362146-1001\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-1069123905-1725157069-2146362146-1001\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1069123905-1725157069-2146362146-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-1069123905-1725157069-2146362146-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\Hanna\AppData\Local\Apps\2.0\MMYD67T3.2QW\YOTZPTH7.41P\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-19] (AVM Berlin)
HKU\S-1-5-21-1069123905-1725157069-2146362146-1001\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1069123905-1725157069-2146362146-1001\...\RunOnce: [FlashPlayerUpdate] - C:\windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2013-12-24] (Adobe Systems Incorporated)
Startup: C:\Users\Hanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hanna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Hanna\AppData\Roaming\Mozilla\Firefox\Profiles\zhc4yj4i.default
FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_784af7f6ec51467aae43b3af3f8ac6bb_39_1007_20131115_DE_ff_nt_
FF DefaultSearchEngine: Znout (de)
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: Znout (de)
FF Homepage: about:home
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_784af7f6ec51467aae43b3af3f8ac6bb_39_1007_20131115_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
FF SearchPlugin: C:\Users\Hanna\AppData\Roaming\Mozilla\Firefox\Profiles\zhc4yj4i.default\searchplugins\SearchOnMe.xml
FF SearchPlugin: C:\Users\Hanna\AppData\Roaming\Mozilla\Firefox\Profiles\zhc4yj4i.default\searchplugins\znout-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Hanna\AppData\Roaming\Mozilla\Firefox\Profiles\zhc4yj4i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-21]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-07-27] (LSI Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe [221266 2009-07-14] (IDT, Inc.)
S2 AviraUpgradeService; "C:\windows\TEMP\AVSETUP_50940d4d\avupgsvc.exe" /TEMPSTART:""C:\windows\TEMP\AVSETUP_50940d4d\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE"

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [105728 2012-12-19] (AVM Berlin)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1765168 2009-07-02] ()
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 10:14 - 2014-02-16 10:15 - 00016328 _____ () C:\Users\Hanna\Desktop\FRST.txt
2014-02-16 10:13 - 2014-02-16 10:14 - 00000000 ____D () C:\FRST
2014-02-16 10:12 - 2014-02-16 10:12 - 01141248 _____ (Farbar) C:\Users\Hanna\Desktop\FRST.exe
2014-02-16 10:09 - 2014-02-16 10:09 - 00000472 _____ () C:\Users\Hanna\Desktop\defogger_disable.log
2014-02-16 10:09 - 2014-02-16 10:09 - 00000000 _____ () C:\Users\Hanna\defogger_reenable
2014-02-16 10:06 - 2014-02-16 10:06 - 00050477 _____ () C:\Users\Hanna\Desktop\Defogger.exe
2014-01-31 22:52 - 2014-02-09 15:29 - 00000000 ____D () C:\Users\Hanna\Desktop\Steuer 2013

==================== One Month Modified Files and Folders =======

2014-02-16 10:15 - 2014-02-16 10:14 - 00016328 _____ () C:\Users\Hanna\Desktop\FRST.txt
2014-02-16 10:14 - 2014-02-16 10:13 - 00000000 ____D () C:\FRST
2014-02-16 10:12 - 2014-02-16 10:12 - 01141248 _____ (Farbar) C:\Users\Hanna\Desktop\FRST.exe
2014-02-16 10:09 - 2014-02-16 10:09 - 00000472 _____ () C:\Users\Hanna\Desktop\defogger_disable.log
2014-02-16 10:09 - 2014-02-16 10:09 - 00000000 _____ () C:\Users\Hanna\defogger_reenable
2014-02-16 10:09 - 2011-01-20 22:05 - 00000000 ____D () C:\Users\Hanna
2014-02-16 10:06 - 2014-02-16 10:06 - 00050477 _____ () C:\Users\Hanna\Desktop\Defogger.exe
2014-02-16 10:01 - 2011-01-21 06:52 - 01351034 _____ () C:\windows\WindowsUpdate.log
2014-02-15 19:34 - 2011-01-22 13:05 - 00045147 _____ () C:\windows\setupact.log
2014-02-15 10:48 - 2013-12-21 11:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 17:48 - 2010-01-06 00:28 - 01535366 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-14 06:17 - 2010-01-06 00:32 - 00000000 ____D () C:\ProgramData\PDFC
2014-02-12 20:23 - 2011-01-26 20:32 - 00000052 _____ () C:\windows\system32\DOErrors.log
2014-02-12 20:22 - 2012-06-07 17:54 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-09 15:29 - 2014-01-31 22:52 - 00000000 ____D () C:\Users\Hanna\Desktop\Steuer 2013
2014-02-05 16:55 - 2013-06-08 10:58 - 00000000 ____D () C:\Users\Hanna\Recht
2014-01-31 22:52 - 2014-01-05 16:30 - 00000000 ____D () C:\Users\Hanna\Desktop\Patientenverfügung
2014-01-19 15:44 - 2013-10-20 17:28 - 00000000 ____D () C:\Users\Hanna\AppData\Roaming\Dropbox
2014-01-18 18:59 - 2013-02-10 15:53 - 00000000 ____D () C:\Users\Hanna\Documents\Wohnung Werrastr

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2728.dll


Some content of TEMP:
====================
C:\Users\Hanna\AppData\Local\Temp\avgnt.exe
C:\Users\Hanna\AppData\Local\Temp\ose00000.exe
C:\Users\Hanna\AppData\Local\Temp\_is22C0.exe
C:\Users\Hanna\AppData\Local\Temp\_isB205.exe


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-09 12:32

==================== End Of Log ============================



Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2014 01
Ran by Hanna at 2014-02-16 10:16:05
Running from C:\Users\Hanna\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
AAVUpdateManager (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe AIR (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.5.146 - Adobe Systems, Inc.)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 3 (Version: - ArcSoft)
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
AVM FRITZ!Box Druckeranschluss (Version: - AVM Berlin)
Brother MFL-Pro Suite MFC-J220 (Version: 1.0.3.0 - Brother Industries, Ltd.)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (Version: 3.10.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (Version: 2.10.0.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9 - Canon Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0804.1118.18368 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0804.1118.18368 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0804.1118.18368 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0804.1118.18368 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0804.1118.18368 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0804.1118.18368 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Czech (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Danish (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Dutch (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help English (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Finnish (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help French (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help German (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Greek (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Italian (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Japanese (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Korean (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Polish (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Russian (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Spanish (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Swedish (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Thai (Version: 2009.0804.1117.18368 - ATI) Hidden
CCC Help Turkish (Version: 2009.0804.1117.18368 - ATI) Hidden
ccc-core-static (Version: 2009.0804.1118.18368 - ATI) Hidden
ccc-utility (Version: 2009.0804.1118.18368 - ATI) Hidden
CCleaner (Version: 3.02 - Piriform)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001 - Microsoft Corporation)
CPQ Wallpaper (Version: 1.0.1.1 - Hewlett-Packard)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKCU Version: 2.4.10 - Dropbox, Inc.)
FaceFilter Studio Brother Edition (Version: 1.0 - )
Forte Free 2.0 (Version: - )
FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.0.2 - AVM Berlin)
gs_x86 (Version: 8.71 - MAY-Computer)
GSview 5.0 (Version: 5.0 - Ghostgum Software Pty Ltd)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Common Access Service Library (Version: 3.0.28.1 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (Version: 1.0.3.1 - Hewlett-Packard)
HP Quick Launch Buttons (Version: 6.50.4.2 - Hewlett-Packard)
HP Setup (Version: 1.2.3215.3078 - Hewlett-Packard)
HP Software Setup (Version: 1.0.0.15 - Hewlett-Packard)
HP Support Assistant (Version: 7.0.39.15 - Hewlett-Packard Company)
HP User Guides 0133 (Version: 1.02.0001 - Hewlett-Packard)
HP Web Camera (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Webcam (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (Version: 5.8.50008.0 - Sonix)
HP Wireless Assistant (Version: 3.50.9.1 - Hewlett-Packard)
IDT Audio (Version: 1.0.6222.0 - IDT)
Java 7 Update 17 (Version: 7.0.170 - Oracle)
Java 7 Update 7 (Version: 7.0.70 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
LightScribe System Software (Version: 1.18.6.1 - LightScribe)
LSI HDA Modem (Version: 2.1.94 - LSI Corporation)
Marvell Miniport Driver (Version: 10.70.5.3 - Marvell)
Messenger Plus! Live (Version: 4.90.0.392 - Yuna Software)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon FotoShare (Version: 1.0.1.0 - )
Nikon Message Center (Version: 0.91.000 - )
Opera 12.16 (Version: 12.16.1860 - Opera Software ASA)
PDF Complete Special Edition (Version: 3.5.108 - PDF Complete, Inc)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PictureProject (Version: 1.0 - )
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (Version: 7.74.80.86 - Apple Inc.)
REALTEK Wireless LAN Software (Version: 1.00.09.1021 - REALTEK Semiconductor Corp.)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Creator Audio (Version: 3.8.0 - Roxio) Hidden
Roxio Creator Business (Version: 10.3 - Roxio)
Roxio Creator Business v10 (Version: 3.8.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.8.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.8.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.8.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio MyDVD (Version: 10.3.349 - Roxio) Hidden
Skype Click to Call (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.3 (Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (Version: 1.6.2 - Safer Networking Limited)
Steuer-Spar-Erklärung 2013 (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 13.2.6.2 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Virtual DJ Home - Atomix Productions (Version: - )
Windows 7 Default Setting (Version: 1.0.1.4 - Hewlett-Packard Company)
Windows Live Anmelde-Assistent (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points =========================

12-01-2014 20:29:44 Geplanter Prüfpunkt
24-01-2014 23:49:09 Geplanter Prüfpunkt
05-02-2014 16:37:26 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1A79FA7E-A3E6-427E-BD97-A043F855B06B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4773D1A4-89D9-4961-BD01-58C1C4F94A3B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {83B30F02-12AE-48A3-9A3A-248BFA3CA106} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {965A90B7-BFE6-44CF-8C83-3BDE807D20CE} - System32\Tasks\{3F9B8F14-9D46-4A61-B07B-08332B500380} => c:\program files\opera\opera.exe [2013-08-03] (Opera Software)
Task: {A15232C1-9E10-461F-A933-CF96BDF5C0DB} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {BC2758AA-9881-4BC3-A554-9414F0459509} - System32\Tasks\Registration => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {C253170E-0D7C-4F48-BCA9-31E1699F66BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {C891EECC-590E-44DF-903E-BB6A51A8F893} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-01-28] (Microsoft)

==================== Loaded Modules (whitelisted) =============

2011-01-22 13:01 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Hanna\AppData\Roaming\Dropbox\bin\libcef.dll
2008-12-19 00:03 - 2008-12-19 00:03 - 00020480 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-21 06:52 - 2011-01-21 06:52 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-02 00:44 - 2009-07-02 00:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2013-12-21 11:50 - 2013-12-21 11:50 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-24 06:53 - 2013-12-24 06:53 - 16242056 _____ () C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMPFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/10/2014 06:25:19 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "X:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (02/03/2014 06:30:22 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "X:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (01/26/2014 07:00:10 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "X:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (01/21/2014 05:54:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Audiosrv, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: stapo.dll, Version: 1.0.6222.0, Zeitstempel: 0x4a5ba25a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000bd271
ID des fehlerhaften Prozesses: 0x2334
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Audiosrv0
Pfad der fehlerhaften Anwendung: svchost.exe_Audiosrv1
Pfad des fehlerhaften Moduls: svchost.exe_Audiosrv2
Berichtskennung: svchost.exe_Audiosrv3

Error: (01/19/2014 07:18:41 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "X:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (01/12/2014 08:58:12 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "X:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (01/12/2014 08:29:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bccb3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x9a515f5d
ID des fehlerhaften Prozesses: 0x494
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (01/11/2014 08:19:33 AM) (Source: System Restore) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).

Error: (01/11/2014 08:19:33 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x81000101).

Error: (01/10/2014 09:23:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (02/16/2014 10:00:50 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (02/16/2014 10:00:47 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (02/15/2014 08:04:52 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (02/15/2014 08:04:49 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AntiVirSchedulerService erreicht.

Error: (02/15/2014 07:18:35 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (02/15/2014 09:52:15 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (02/15/2014 09:52:13 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (02/14/2014 08:47:29 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (02/14/2014 05:29:43 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (02/14/2014 06:16:26 AM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (07/03/2012 05:06:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18116 seconds with 720 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 79%
Total physical RAM: 1788.87 MB
Available physical RAM: 366.18 MB
Total Pagefile: 4070.28 MB
Available Pagefile: 844.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:131.75 GB) (Free:61.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E9E34362)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=132 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End Of Log ============================


GMER:

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-16 12:06:38
Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS725016A9A364 rev.PCBOC72E 149,05GB
Running: Gmer-19357.exe; Driver: C:\Users\Hanna\AppData\Local\Temp\axddqpod.sys


---- System - GMER 2.1 ----

SSDT 8EB082AE ZwCreateSection
SSDT 8EB082B8 ZwRequestWaitReplyPort
SSDT 8EB082B3 ZwSetContextThread
SSDT 8EB082BD ZwSetSecurityObject
SSDT 8EB082C2 ZwSystemDebugControl
SSDT 8EB0824F ZwTerminateProcess

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 82C885C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CAD092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 370 82CB49B0 4 Bytes [AE, 82, B0, 8E]
.text ntkrnlpa.exe!RtlSidHashLookup + 6CC 82CB4D0C 4 Bytes [B8, 82, B0, 8E]
.text ntkrnlpa.exe!RtlSidHashLookup + 710 82CB4D50 4 Bytes [B3, 82, B0, 8E] {MOV BL, 0x82; MOV AL, 0x8e}
.text ntkrnlpa.exe!RtlSidHashLookup + 78C 82CB4DCC 4 Bytes [BD, 82, B0, 8E]
.text ntkrnlpa.exe!RtlSidHashLookup + 7E0 82CB4E20 4 Bytes [C2, 82, B0, 8E]
.text ...
.text C:\windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8EC1C000, 0x2D51CE, 0xE8000020]

---- EOF - GMER 2.1 ----


Kann man daraus etwas erkennen?
Vielen Dank für Eure Hilfe!

 

Themen zu Computer wird langsamer nach Download von doc-to-pdf-Tool
adobe, avg, avira, branding, computer, device driver, excel, firefox, home, homepage, html/ransom.i, launch, nach download, newtab, photoshop, programm, pup.optional.conduit.a, pup.optional.dealply.a, rundll, safer networking, security, services.exe, software, spyhunter, spyhunter entfernen, svchost.exe, temp, win32/adware.cidhelp, win32/adware.yontoo.b, windows


« Notebook wird im Laufe der Zeit immer langsamer | Windows 7: Virenbefall durch AntiVir entdeckt TR/Dropper.MSIL.43179 »


Ähnliche Themen: Computer wird langsamer nach Download von doc-to-pdf-Tool


  1. Computer wird immer langsamer - Viren/Malware oder Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 03.05.2015 (16)
  2. Windows 7 64 bit; Werbung poppt ständig auf; Computer wird langsamer
    Plagegeister aller Art und deren Bekämpfung - 26.11.2014 (51)
  3. Rechner wird nach Bundesamtvirus immer Langsamer
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (3)
  4. Windows wird einfach beendet, Computer wird immer langsamer.....
    Log-Analyse und Auswertung - 21.04.2014 (5)
  5. PC wird nach Softwareaktualisierung immer langsamer.
    Log-Analyse und Auswertung - 20.04.2014 (25)
  6. Rechner läuft immer langsamer nach unbeabsichtigten Download
    Log-Analyse und Auswertung - 04.03.2014 (20)
  7. EXTREM LANGSAMER und UNSTABILER Computer nach POLIZEI-VIRUS!
    Log-Analyse und Auswertung - 18.12.2013 (4)
  8. Windows 7: PC wird nach Virusfund und Entfernung immer langsamer
    Log-Analyse und Auswertung - 19.10.2013 (19)
  9. Nach GEMA-Trojaner wird der PC immer langsamer
    Log-Analyse und Auswertung - 23.10.2012 (4)
  10. Computer nach Virenlöschung langsamer geworden
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (13)
  11. computer wird langsamer / unsicher ob tatsächlich virus schuld
    Log-Analyse und Auswertung - 20.08.2012 (15)
  12. Computer öffnet automatisch Programme und wird immer langsamer
    Log-Analyse und Auswertung - 08.02.2010 (1)
  13. Computer nach Infektion mit 'Security Tool' einfach nur langsam
    Plagegeister aller Art und deren Bekämpfung - 09.01.2010 (4)
  14. inter net wird nach längerer nutzung immer langsamer
    Antiviren-, Firewall- und andere Schutzprogramme - 21.09.2009 (2)
  15. Computer wird langsamer
    Log-Analyse und Auswertung - 05.11.2008 (1)
  16. Computer wird immer Langsamer!
    Netzwerk und Hardware - 01.06.2008 (5)
  17. ---Computer wird immer langsamer!!!----
    Log-Analyse und Auswertung - 27.02.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Computer wird langsamer nach Download von doc-to-pdf-Tool - Guten Tag! Ich bin neu hier in dem Forum und habe leider auch nicht so viel Ahnung von Computern. Bitte entschuldigt daher, wenn ich etwas nachfragen muss. Weil mein Word - Computer wird langsamer nach Download von doc-to-pdf-Tool...
Archiv
Du betrachtest: Computer wird langsamer nach Download von doc-to-pdf-Tool auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131