Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7, PC rattert, Internet und PC sehr langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 20.03.2014, 23:46   #1
Asiya
 
Windows 7, PC rattert, Internet und PC sehr langsam - Standard

Windows 7, PC rattert, Internet und PC sehr langsam



Hallo liebes Forenteam,

habe vor kurzem (ca 1,5 Monaten?) meinen PC neu aufgesetzt, wegen Verdacht auf Virusbefall, seit kurzem aber habe ich Probleme mit dem Internet, muss Seiten immer wieder neu laden und es ist sehr langsam. Mittlerweile hat auch mein PC diese "Rattergeräusche" wenn er arbeitet. Ich hoffe ihr könnt mir helfen.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by DunjaCarlos (administrator) on DUNJACARLOS-PC on 20-03-2014 22:42:12
Running from C:\Users\DunjaCarlos\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Salaat Time - www.salaattime.com) C:\Program Files (x86)\Salaat Time\SalaatTime.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-547 revA\wirelesscm.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [9936512 2010-07-15] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-10-26] (DeviceVM, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1624422066-2509176335-3414399805-1000\...\Run: [SalaatTime] - C:\Program Files (x86)\Salaat Time\SalaatTime.exe [17199104 2013-03-10] (Salaat Time - www.salaattime.com)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x867CDB81881FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKCU - DefaultScope {50E2F7FC-9885-4844-A6C6-B2BBBF5A1421} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {50E2F7FC-9885-4844-A6C6-B2BBBF5A1421} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {DBA5419D-022F-4fb4-A206-DA98A6C4B581} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF %3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (YouTube) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]
CHR Extension: (Google-Suche) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (AdBlock Premium) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-02-01]
CHR Extension: (Google Wallet) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]
CHR Extension: (Google Mail) - C:\Users\DunjaCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
S3 jswpsapi; C:\Program Files (x86)\D-Link\DWA-547 revA\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 EraserUtilDrv11312; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 22:39 - 2014-03-20 22:42 - 00018508 _____ () C:\Users\DunjaCarlos\Downloads\Addition.txt
2014-03-20 22:39 - 2014-03-20 22:42 - 00010278 _____ () C:\Users\DunjaCarlos\Downloads\FRST.txt
2014-03-20 22:39 - 2014-03-20 22:42 - 00000000 ____D () C:\FRST
2014-03-20 22:37 - 2014-03-20 22:38 - 02157056 _____ (Farbar) C:\Users\DunjaCarlos\Downloads\FRST64.exe
2014-03-20 22:37 - 2014-03-20 22:37 - 00000256 _____ () C:\Users\DunjaCarlos\Downloads\defogger_enable.log
2014-03-20 22:33 - 2014-03-20 22:33 - 00000484 _____ () C:\Users\DunjaCarlos\Downloads\defogger_disable.log
2014-03-20 22:32 - 2014-03-20 22:32 - 00050477 _____ () C:\Users\DunjaCarlos\Downloads\Defogger.exe
2014-03-20 21:45 - 2014-03-20 21:45 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Malwarebytes
2014-03-20 21:44 - 2014-03-20 21:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:44 - 2014-03-20 21:44 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 21:44 - 2014-03-20 21:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-20 21:43 - 2014-03-20 21:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DunjaCarlos\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-20 21:42 - 2014-03-20 21:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DunjaCarlos\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 21:05 - 2014-03-20 21:05 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Avira
2014-03-20 21:03 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-20 21:03 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-20 21:03 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-20 21:02 - 2014-03-20 21:02 - 00000000 ____D () C:\ProgramData\Avira
2014-03-20 21:02 - 2014-03-20 21:02 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-20 21:02 - 2014-03-09 10:24 - 00000426 _____ () C:\AVScanner.ini
2014-03-20 20:57 - 2014-03-20 21:00 - 138607664 _____ () C:\Users\DunjaCarlos\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-16 09:09 - 2014-03-16 09:09 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Local\Microsoft Games
2014-03-13 10:31 - 2014-03-13 10:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-13 10:30 - 2014-03-13 10:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-13 10:30 - 2014-03-13 10:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-03-13 10:28 - 2014-03-13 10:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-13 10:28 - 2014-03-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-13 10:27 - 2014-03-13 10:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 10:27 - 2014-03-13 10:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-13 10:27 - 2014-03-13 10:27 - 00000000 __RHD () C:\MSOCache
2014-03-13 10:27 - 2014-03-13 10:27 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Local\Microsoft Help
2014-03-02 10:23 - 2014-03-02 10:23 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-02 10:23 - 2014-03-02 10:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-02 10:22 - 2014-03-02 10:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-02 10:21 - 2014-03-02 10:27 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

2014-03-20 22:42 - 2014-03-20 22:39 - 00018508 _____ () C:\Users\DunjaCarlos\Downloads\Addition.txt
2014-03-20 22:42 - 2014-03-20 22:39 - 00010278 _____ () C:\Users\DunjaCarlos\Downloads\FRST.txt
2014-03-20 22:42 - 2014-03-20 22:39 - 00000000 ____D () C:\FRST
2014-03-20 22:38 - 2014-03-20 22:37 - 02157056 _____ (Farbar) C:\Users\DunjaCarlos\Downloads\FRST64.exe
2014-03-20 22:37 - 2014-03-20 22:37 - 00000256 _____ () C:\Users\DunjaCarlos\Downloads\defogger_enable.log
2014-03-20 22:37 - 2014-02-01 19:51 - 00000000 ____D () C:\Users\DunjaCarlos
2014-03-20 22:33 - 2014-03-20 22:33 - 00000484 _____ () C:\Users\DunjaCarlos\Downloads\defogger_disable.log
2014-03-20 22:33 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 22:33 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 22:32 - 2014-03-20 22:32 - 00050477 _____ () C:\Users\DunjaCarlos\Downloads\Defogger.exe
2014-03-20 22:30 - 2011-04-12 08:43 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2014-03-20 22:30 - 2011-04-12 08:43 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2014-03-20 22:30 - 2009-07-14 06:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-20 22:29 - 2014-02-01 19:51 - 02088674 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 22:26 - 2012-05-09 12:18 - 00171139 _____ () C:\Windows\setupact.log
2014-03-20 22:25 - 2014-02-01 21:04 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 22:25 - 2014-02-01 19:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-20 22:25 - 2010-11-21 04:47 - 00172564 _____ () C:\Windows\PFRO.log
2014-03-20 22:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-20 22:24 - 2014-02-02 08:13 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-20 22:15 - 2014-02-01 21:04 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 21:45 - 2014-03-20 21:45 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Malwarebytes
2014-03-20 21:45 - 2014-03-20 21:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:44 - 2014-03-20 21:44 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 21:44 - 2014-03-20 21:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:43 - 2014-03-20 21:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DunjaCarlos\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-20 21:43 - 2014-03-20 21:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DunjaCarlos\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 21:09 - 2014-02-02 08:04 - 00000000 ____D () C:\ProgramData\Panda Security
2014-03-20 21:09 - 2014-02-02 08:04 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-03-20 21:09 - 2009-07-14 05:45 - 00416336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-20 21:05 - 2014-03-20 21:05 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Avira
2014-03-20 21:05 - 2014-02-02 08:04 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Panda Security
2014-03-20 21:05 - 2014-02-01 21:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-20 21:02 - 2014-03-20 21:02 - 00000000 ____D () C:\ProgramData\Avira
2014-03-20 21:02 - 2014-03-20 21:02 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-20 21:00 - 2014-03-20 20:57 - 138607664 _____ () C:\Users\DunjaCarlos\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-20 21:00 - 2014-02-01 21:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-20 16:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-20 14:17 - 2014-02-02 10:24 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\vlc
2014-03-19 10:12 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-16 09:09 - 2014-03-16 09:09 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Local\Microsoft Games
2014-03-13 10:40 - 2014-02-01 21:03 - 00108840 _____ () C:\Users\DunjaCarlos\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-13 10:32 - 2014-03-13 10:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 10:31 - 2014-03-13 10:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-13 10:30 - 2014-03-13 10:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-13 10:30 - 2014-03-13 10:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-03-13 10:30 - 2014-03-13 10:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-13 10:30 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-03-13 10:30 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-13 10:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-13 10:28 - 2014-03-13 10:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-13 10:28 - 2014-03-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-13 10:28 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-13 10:27 - 2014-03-13 10:27 - 00000000 __RHD () C:\MSOCache
2014-03-13 10:27 - 2014-03-13 10:27 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Local\Microsoft Help
2014-03-09 10:24 - 2014-03-20 21:02 - 00000426 _____ () C:\AVScanner.ini
2014-03-07 19:25 - 2014-02-02 10:17 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Nico Mak Computing
2014-03-02 10:28 - 2014-03-02 10:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-02 10:27 - 2014-03-02 10:21 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Local\Adobe
2014-03-02 10:27 - 2014-02-01 20:39 - 00000000 ____D () C:\Users\DunjaCarlos\AppData\Roaming\Adobe
2014-03-02 10:23 - 2014-03-02 10:23 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-02 10:23 - 2014-03-02 10:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-25 11:41 - 2014-03-20 21:03 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-25 11:41 - 2014-03-20 21:03 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-25 11:41 - 2014-03-20 21:03 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-20 16:42 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\DunjaCarlos\AppData\Local\Temp\avgnt.exe
C:\Users\DunjaCarlos\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 14:40

==================== End Of Log ============================


Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by DunjaCarlos at 2014-03-20 22:42:26
Running from C:\Users\DunjaCarlos\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{64555D45-1F57-BF1D-1A5E-BFD4C8C0ADB4}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Browser Configuration Utility (HKLM-x32\...\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}) (Version: 1.0.10.0 - DeviceVM Inc.)
DWA-547 (HKLM-x32\...\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}) (Version: - D-Link)
EPU (HKLM-x32\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.02.20 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 261.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 261.01 - NVIDIA Corporation)
NVIDIA Grafiktreiber 261.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 261.01 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.1.9.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.9.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.0.14.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6101 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 261.01 (Version: 261.01 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Salaat Time 2.7 (HKLM\...\{F993F285-0F98-4E13-9421-41DB36806EE3}) (Version: 2.7 - Salaat Time - www.salaattime.com)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.32 - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
YTD Video Downloader 4.7.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.2 - GreenTree Applications SRL)

==================== Restore Points =========================

20-02-2014 09:00:55 Geplanter Prüfpunkt
02-03-2014 18:53:03 Geplanter Prüfpunkt
10-03-2014 11:38:37 Geplanter Prüfpunkt
13-03-2014 09:27:20 Installed Microsoft Office Enterprise 2007
20-03-2014 13:47:35 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1F8F53F4-E5A0-4DBD-BA29-405E8F4C6AF3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {4B572DAC-3890-4A55-804B-A51449F32BC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)
Task: {4C09C628-4E7B-4622-A409-9854FADF5A1A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {8C668661-32F4-476C-A9D1-A9249B8C8F4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)
Task: {EEB402AB-AB8C-4B6D-9474-83AA0CD4732D} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {F0F74E96-B40F-469A-A4D9-50209A05AB66} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {FD548ABC-CCDB-428F-A459-74152EA0F6E0} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-03-30 07:32 - 2009-03-30 07:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-02-01 20:15 - 2010-06-24 07:19 - 00109056 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
2014-02-01 20:05 - 2009-05-07 09:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-02-01 20:05 - 2009-05-07 09:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-02-01 20:05 - 2008-01-18 07:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2014-02-01 20:05 - 2010-03-02 08:31 - 64105984 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-03-20 21:03 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-01 20:15 - 2010-02-08 17:19 - 00053248 _____ () C:\Program Files\ASUS\TurboV EVO\HookKey32.dll
2014-02-01 20:15 - 2010-06-01 10:38 - 00253952 _____ () C:\Program Files\ASUS\TurboV EVO\pngio.dll
2014-02-01 21:15 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-01 21:15 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-01 21:15 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-01 21:15 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-01 21:15 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-02-01 20:43 - 2009-10-07 16:58 - 00376832 _____ () C:\Program Files (x86)\D-Link\DWA-547 revA\WlanDll.dll
2014-02-01 20:43 - 2009-09-08 18:04 - 00208896 _____ () C:\Program Files (x86)\D-Link\DWA-547 revA\WlanWPS.dll
2014-02-01 20:15 - 2010-06-01 10:38 - 00061440 _____ () C:\Program Files\ASUS\TurboV EVO\flashobj.dll
2014-02-01 20:15 - 2009-04-22 20:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL
2014-02-01 20:15 - 2010-01-08 17:17 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU\pngio.dll
2014-02-01 20:15 - 2010-01-08 17:17 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll
2009-06-27 10:11 - 2009-06-27 10:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-15 19:19 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2014 10:25:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 09:09:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 07:16:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 00:11:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 09:40:47 AM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 33.0.1750.154 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ed4

Startzeit: 01cf4417eec130cc

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 538f8328-b00b-11e3-8937-bcaec55be401

Error: (03/20/2014 09:31:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 09:24:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2014 11:32:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2014 11:05:32 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 33.0.1750.154 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2278

Startzeit: 01cf43b7c3a7db4a

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 944e74b1-afb2-11e3-9753-bcaec55be401

Error: (03/19/2014 07:34:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/20/2014 10:24:38 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/19/2014 08:59:17 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.1
registriert werden. Der Computer mit IP-Adresse 10.0.0.2 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (03/18/2014 01:49:05 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎18.‎03.‎2014 um 11:16:58 unerwartet heruntergefahren.

Error: (03/17/2014 11:04:44 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/16/2014 00:07:48 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/15/2014 10:03:01 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/15/2014 00:35:10 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎03.‎2014 um 12:30:25 unerwartet heruntergefahren.

Error: (03/12/2014 04:05:18 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/12/2014 03:26:05 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎12.‎03.‎2014 um 13:30:48 unerwartet heruntergefahren.

Error: (03/11/2014 11:15:49 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 4094.18 MB
Available physical RAM: 2080.39 MB
Total Pagefile: 8186.54 MB
Available Pagefile: 5512.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.87 GB) (Free:258.49 GB) NTFS
Drive d: () (Fixed) (Total:292.97 GB) (Free:212.84 GB) NTFS
Drive e: () (Fixed) (Total:345.57 GB) (Free:202.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 61B2FBA9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=346 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Gmer:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-20 22:59:33
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721010CLA332 rev.JP4OA3MA 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\DUNJAC~1\AppData\Local\Temp\ffldrpob.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002fbb000 16 bytes [8B, E3, 41, 5F, 41, 5E, 41, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 545 fffff80002fbb011 35 bytes {LEA ECX, [RSP+0x70]; CALL 0x3d64f}

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075511465 2 bytes [51, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000755114bb 2 bytes [51, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3756] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075511465 2 bytes [51, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3756] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000755114bb 2 bytes [51, 75]
.text ... * 2
---- Processes - GMER 2.1 ----

Library C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll (*** suspicious ***) @ C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [3552](2009-06-27 09:11:12) 0000000060900000

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{22C2F627-D0B0-43AA-A8F6-D2CE58AA0927}@LeaseObtainedTime 1395352585
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{22C2F627-D0B0-43AA-A8F6-D2CE58AA0927}@T1 1395395785
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{22C2F627-D0B0-43AA-A8F6-D2CE58AA0927}@T2 1395428185
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{22C2F627-D0B0-43AA-A8F6-D2CE58AA0927}@LeaseTerminatesTime 1395438985

---- EOF - GMER 2.1 ----

mbam:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.20.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
DunjaCarlos :: DUNJACARLOS-PC [Administrator]

Schutz: Aktiviert

20.03.2014 21:47:23
mbam-log-2014-03-20 (21-47-23).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 316697
Laufzeit: 36 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\ProgramData\YTD Video Downloader\ytd_installer.exe (PUP.Optional.Spigot.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DunjaCarlos\Downloads\SoftonicDownloader_fuer_wettercenter.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DunjaCarlos\Downloads\YTD471Setup.exe (PUP.Optional.Spigot.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Setup\Scripts\Windows7Loader.exe (Trojan.Agent.W) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Carlos\Programme\Autodata.2011.v3.38.GERMAN-PillePalle\AUTODATA 3.38 EN\ADCDA2\ADBCD.exe (Spyware.PWS) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


 

Themen zu Windows 7, PC rattert, Internet und PC sehr langsam
.dll, antivir, antivirus, browser, defender, desktop, excel, explorer, flash player, google, helper, langsam, programm, pup.optional.softonic.a, pup.optional.spigot.a, refresh, seiten, services.exe, spyware.pws, svchost.exe, symantec, temp, trojan.agent.w, windows




Ähnliche Themen: Windows 7, PC rattert, Internet und PC sehr langsam


  1. Windows 7: Internet sehr langsam
    Log-Analyse und Auswertung - 08.11.2015 (5)
  2. Nach Download läuft alles sehr sehr langsam, Internet funktioniert nicht, Programme lassen sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (3)
  3. Win 7 sehr langsam DHL Mail geöffent rechner rattert beim hochfahren
    Log-Analyse und Auswertung - 19.06.2015 (9)
  4. Windows 8 _ Internet ladet sehr langsam bis gar nicht!
    Log-Analyse und Auswertung - 31.03.2015 (21)
  5. Windows 7: Internet seit fast 2 Monaten sehr langsam
    Log-Analyse und Auswertung - 15.09.2014 (18)
  6. Windows 8 - Internet wird abends sehr langsam
    Log-Analyse und Auswertung - 14.07.2014 (11)
  7. Windows 7: mehrere Registry Key-Funde (über 1000), Internet Explorer sehr langsam
    Log-Analyse und Auswertung - 09.06.2014 (12)
  8. Windows 7: Internet sehr langsam
    Log-Analyse und Auswertung - 05.06.2014 (9)
  9. Windows Vista läuft sehr langsam und es werden immer (besonders wenn man im Internet ist) Speicherprobleme angezeigt
    Log-Analyse und Auswertung - 22.05.2014 (1)
  10. Windows 8: Internet plötzlich sehr langsam!
    Log-Analyse und Auswertung - 10.01.2014 (13)
  11. Programme starten sehr langsam / Windows allg. sehr lahm
    Log-Analyse und Auswertung - 18.05.2013 (2)
  12. Seit Windows 7 ist mein Umts Internet sehr langsam
    Alles rund um Windows - 12.03.2012 (7)
  13. PC ist sehr langsam, rattert vor sich hin.
    Log-Analyse und Auswertung - 21.09.2011 (1)
  14. Windows 7 RC Rechner u. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 23.11.2009 (4)
  15. Internet sehr sehr langsam
    Mülltonne - 03.12.2008 (0)
  16. Rechner ist sehr langsam / Festplatte rattert
    Log-Analyse und Auswertung - 25.07.2005 (1)
  17. Internet sehr sehr langsam..-> log
    Log-Analyse und Auswertung - 05.04.2005 (1)

Zum Thema Windows 7, PC rattert, Internet und PC sehr langsam - Hallo liebes Forenteam, habe vor kurzem (ca 1,5 Monaten?) meinen PC neu aufgesetzt, wegen Verdacht auf Virusbefall, seit kurzem aber habe ich Probleme mit dem Internet, muss Seiten immer wieder - Windows 7, PC rattert, Internet und PC sehr langsam...
Archiv
Du betrachtest: Windows 7, PC rattert, Internet und PC sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.