Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechner viel langsamer, stürzt häufig ab

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 20.07.2014, 20:40   #1
dieter44
 
Rechner viel langsamer, stürzt häufig ab - Standard

Rechner viel langsamer, stürzt häufig ab



hallo,
- habe ws vista, avast antivirus und google chrome
- rechner ist letzte tage viel langsamer geworden und chrome friert bald den cursor ein, dann ist jede taste ohne reaktion, habe eindruck, das bald nix mehr geht
- bei anwendung von GMER ist mehrmals das gleiche passiert
- defogger hat auf schwarzer fläche nix angezeigt
- frst 32bit ergebnisse sende ich hier
- avast ergebisse lassen kein kopieren zu; da steht: einige dateien können nicht überprüft werden; bei status: fehler: archiv ist kennwortgeschützt

vielen dank , bis bald


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by tm (administrator) on TM-PC on 20-07-2014 20:45:29
Running from C:\Users\tm\Downloads
Platform: Microsoft® Windows Vista™ Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
() C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(FUJIFILM Corporation) C:\Program Files\FinePixViewer\QuickDCF2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Users\tm\Downloads\Defogger (6).exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Farbar) C:\Users\tm\Downloads\FRST (4).exe


==================== Registry (Whitelisted) ==================

HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-lsf?lic=OUxTRlJFRS1WUFVaNy1HMk (the data entry has 177 more characters).
HKU\.DEFAULT\...\Run: [Samsung.PCSync] => C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2008-09-18] (Time Information Services Ltd.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-26] (Google Inc.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\tm\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=7dd42 (the data entry has 82 more characters).
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [S60 PC Suite Tray] => C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {18cd0e19-9393-11e1-94c8-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {28fd0733-d443-11e1-9967-0013776453a9} - H:\Menu.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa564-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa566-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {48a8bbfd-560a-11df-9857-0013776453a9} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5ae1-d13f-11dd-aae1-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5b06-d13f-11dd-aae1-0013776453a9} - G:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {ddab0c5a-e9c0-11e0-837a-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {f8940028-8263-11e0-ba62-db1fa4e62d98} - F:\Menu.exe
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-10] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=FbRkhSNyuC927LohHs6Uav7tIHA?q={searchTerms}
SearchScopes: HKCU - {A8221FCE-87F0-4F05-AFFC-6F4672A6D922} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://search.avg.com/route/?d=0&v=6.103.18.1&i=&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: No Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://go.web.de/tb/mff_startpage
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\webde-suche.xml
FF Extension: WEB.DE MailCheck - C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\Extensions\toolbar@web.de.xpi [2012-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-20]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: web.de
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-09]
CHR Extension: (Google Drive) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-09]
CHR Extension: (YouTube) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-09]
CHR Extension: (Google-Suche) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-09]
CHR Extension: (avast! Online Security) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-09]
CHR Extension: (Google Wallet) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR Extension: (Google Mail) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-09]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [116040 2008-09-10] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-10] (Google)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () [File not signed]
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 TDslMgrService; C:\Program Files\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [16448 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 dsltestSp5; C:\Windows\System32\Drivers\dsltestSp5.sys [26816 2007-09-12] (Printing Communications Assoc., Inc. (PCAUSA))
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-07-11] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113664 2009-12-08] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:16 - 2014-07-20 20:17 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:13 - 2014-07-20 19:14 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:10 - 2014-07-20 19:11 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:14 - 2014-07-20 20:20 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 04:10 - 2014-07-20 20:45 - 00019297 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 04:09 - 2014-07-20 20:45 - 00000000 ____D () C:\FRST
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 20:44 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 03:48 - 2014-07-20 04:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:27 - 2008-06-20 03:18 - 00781344 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00326160 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-07-20 03:27 - 2008-06-20 03:18 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00043544 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-07-20 03:27 - 2008-06-20 03:17 - 00097800 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00037384 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-07-20 03:27 - 2008-06-20 03:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-07-20 03:19 - 2014-07-20 03:26 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:19 - 2014-07-20 03:26 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:06 - 2008-07-27 20:00 - 00096760 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-07-20 03:04 - 2008-07-27 20:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-07-20 03:02 - 2010-02-21 01:54 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-07-20 03:01 - 2010-02-21 01:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-07-20 03:01 - 2010-02-20 23:30 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-06 19:07 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\Windows\system32\avmadd32.dll

==================== One Month Modified Files and Folders =======

2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:45 - 2014-07-20 04:10 - 00019297 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 20:45 - 2014-07-20 04:09 - 00000000 ____D () C:\FRST
2014-07-20 20:45 - 2008-03-30 15:28 - 00000412 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7DE789EB-2CEE-4FAA-A54E-B1DE1CF3B6DF}.job
2014-07-20 20:45 - 2008-01-25 05:31 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:44 - 2014-07-20 04:04 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 20:40 - 2011-05-29 04:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 20:40 - 2008-03-30 14:59 - 00000000 ____D () C:\Users\tm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-07-20 20:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:20 - 2014-07-20 04:14 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 20:18 - 2011-05-29 04:42 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 20:17 - 2014-07-20 20:16 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 20:13 - 2008-01-25 06:20 - 01084991 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:14 - 2014-07-20 19:13 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:11 - 2014-07-20 19:10 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 18:54 - 2012-12-27 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 17:25 - 2009-08-26 12:57 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-07-20 12:54 - 2007-07-11 00:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-20 12:54 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 12:53 - 2014-05-01 20:12 - 00035328 _____ () C:\Users\tm\Documents\infobook.xls
2014-07-20 11:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-20 11:17 - 2007-07-10 07:07 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-07-20 11:17 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-07-20 11:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-20 11:16 - 2008-08-23 19:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-20 11:16 - 2007-07-11 01:28 - 00034152 _____ () C:\Windows\PFRO.log
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:04 - 2008-03-30 14:58 - 00000000 ____D () C:\Users\tm
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 04:02 - 2014-07-20 03:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:46 - 2006-11-02 12:33 - 01492226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:45 - 2007-07-11 01:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-20 03:26 - 2014-07-20 03:19 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:26 - 2014-07-20 03:19 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:26 - 2010-05-29 15:47 - 58916864 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-20 03:01 - 2011-01-14 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-20 02:58 - 2010-05-29 15:35 - 00284204 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-07-20 02:56 - 2010-05-29 15:34 - 00288290 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-07-18 16:04 - 2013-11-09 06:07 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-10 22:04 - 2008-04-15 23:06 - 00066048 _____ () C:\Users\tm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-08 22:59 - 2012-12-27 20:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-08 22:59 - 2011-06-27 23:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:08 - 2013-02-09 20:46 - 00002963 _____ () C:\Windows\avmadd32.log
2014-07-06 19:07 - 2013-02-09 20:46 - 00000000 ____D () C:\Program Files\FRITZ!Box
2014-06-26 17:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\tm\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\tm\AppData\Local\Temp\ResetDevice.exe
C:\Users\tm\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\tm\AppData\Local\Temp\_is227F.exe
C:\Users\tm\AppData\Local\Temp\_is4847.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 20:46

==================== End Of Log ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by tm (administrator) on TM-PC on 20-07-2014 20:46:39
Running from C:\Users\tm\Downloads
Platform: Microsoft® Windows Vista™ Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
() C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(FUJIFILM Corporation) C:\Program Files\FinePixViewer\QuickDCF2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Users\tm\Downloads\Defogger (6).exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Farbar) C:\Users\tm\Downloads\FRST (4).exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe


==================== Registry (Whitelisted) ==================

HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-lsf?lic=OUxTRlJFRS1WUFVaNy1HMk (the data entry has 177 more characters).
HKU\.DEFAULT\...\Run: [Samsung.PCSync] => C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2008-09-18] (Time Information Services Ltd.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-26] (Google Inc.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\tm\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=7dd42 (the data entry has 82 more characters).
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [S60 PC Suite Tray] => C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {18cd0e19-9393-11e1-94c8-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {28fd0733-d443-11e1-9967-0013776453a9} - H:\Menu.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa564-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa566-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {48a8bbfd-560a-11df-9857-0013776453a9} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5ae1-d13f-11dd-aae1-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5b06-d13f-11dd-aae1-0013776453a9} - G:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {ddab0c5a-e9c0-11e0-837a-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {f8940028-8263-11e0-ba62-db1fa4e62d98} - F:\Menu.exe
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-10] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=FbRkhSNyuC927LohHs6Uav7tIHA?q={searchTerms}
SearchScopes: HKCU - {A8221FCE-87F0-4F05-AFFC-6F4672A6D922} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://search.avg.com/route/?d=0&v=6.103.18.1&i=&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: No Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://go.web.de/tb/mff_startpage
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\webde-suche.xml
FF Extension: WEB.DE MailCheck - C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\Extensions\toolbar@web.de.xpi [2012-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-20]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: web.de
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-09]
CHR Extension: (Google Drive) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-09]
CHR Extension: (YouTube) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-09]
CHR Extension: (Google-Suche) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-09]
CHR Extension: (avast! Online Security) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-09]
CHR Extension: (Google Wallet) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR Extension: (Google Mail) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-09]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [116040 2008-09-10] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-10] (Google)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () [File not signed]
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 TDslMgrService; C:\Program Files\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [16448 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 dsltestSp5; C:\Windows\System32\Drivers\dsltestSp5.sys [26816 2007-09-12] (Printing Communications Assoc., Inc. (PCAUSA))
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-07-11] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113664 2009-12-08] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:16 - 2014-07-20 20:17 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:13 - 2014-07-20 19:14 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:10 - 2014-07-20 19:11 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:14 - 2014-07-20 20:20 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 04:10 - 2014-07-20 20:46 - 00019207 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 04:09 - 2014-07-20 20:46 - 00000000 ____D () C:\FRST
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 20:44 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 03:48 - 2014-07-20 04:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:27 - 2008-06-20 03:18 - 00781344 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00326160 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-07-20 03:27 - 2008-06-20 03:18 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00043544 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-07-20 03:27 - 2008-06-20 03:17 - 00097800 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00037384 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-07-20 03:27 - 2008-06-20 03:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-07-20 03:19 - 2014-07-20 03:26 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:19 - 2014-07-20 03:26 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:06 - 2008-07-27 20:00 - 00096760 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-07-20 03:04 - 2008-07-27 20:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-07-20 03:02 - 2010-02-21 01:54 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-07-20 03:01 - 2010-02-21 01:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-07-20 03:01 - 2010-02-20 23:30 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-06 19:07 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\Windows\system32\avmadd32.dll

==================== One Month Modified Files and Folders =======

2014-07-20 20:46 - 2014-07-20 04:10 - 00019207 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 20:46 - 2014-07-20 04:09 - 00000000 ____D () C:\FRST
2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:45 - 2008-03-30 15:28 - 00000412 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7DE789EB-2CEE-4FAA-A54E-B1DE1CF3B6DF}.job
2014-07-20 20:45 - 2008-01-25 05:31 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:44 - 2014-07-20 04:04 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 20:43 - 2008-01-25 06:20 - 01084991 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 20:40 - 2011-05-29 04:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 20:40 - 2008-03-30 14:59 - 00000000 ____D () C:\Users\tm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-07-20 20:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:20 - 2014-07-20 04:14 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 20:18 - 2011-05-29 04:42 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 20:17 - 2014-07-20 20:16 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:14 - 2014-07-20 19:13 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:11 - 2014-07-20 19:10 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 18:54 - 2012-12-27 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 17:25 - 2009-08-26 12:57 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-07-20 12:54 - 2007-07-11 00:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-20 12:54 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 12:53 - 2014-05-01 20:12 - 00035328 _____ () C:\Users\tm\Documents\infobook.xls
2014-07-20 11:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-20 11:17 - 2007-07-10 07:07 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-07-20 11:17 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-07-20 11:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-20 11:16 - 2008-08-23 19:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-20 11:16 - 2007-07-11 01:28 - 00034152 _____ () C:\Windows\PFRO.log
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:04 - 2008-03-30 14:58 - 00000000 ____D () C:\Users\tm
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 04:02 - 2014-07-20 03:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:46 - 2006-11-02 12:33 - 01492226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:45 - 2007-07-11 01:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-20 03:26 - 2014-07-20 03:19 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:26 - 2014-07-20 03:19 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:26 - 2010-05-29 15:47 - 58916864 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-20 03:01 - 2011-01-14 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-20 02:58 - 2010-05-29 15:35 - 00284204 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-07-20 02:56 - 2010-05-29 15:34 - 00288290 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-07-18 16:04 - 2013-11-09 06:07 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-10 22:04 - 2008-04-15 23:06 - 00066048 _____ () C:\Users\tm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-08 22:59 - 2012-12-27 20:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-08 22:59 - 2011-06-27 23:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:08 - 2013-02-09 20:46 - 00002963 _____ () C:\Windows\avmadd32.log
2014-07-06 19:07 - 2013-02-09 20:46 - 00000000 ____D () C:\Program Files\FRITZ!Box
2014-06-26 17:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\tm\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\tm\AppData\Local\Temp\ResetDevice.exe
C:\Users\tm\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\tm\AppData\Local\Temp\_is227F.exe
C:\Users\tm\AppData\Local\Temp\_is4847.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 20:46

==================== End Of Log ============================

 

Themen zu Rechner viel langsamer, stürzt häufig ab
antivirus, desktop, explorer, flash player, google, homepage, html/ransom.h, java/agent.du, java/trojandownloader.agent.new, mozilla, newtab, registry, safer networking, security, services.exe, software, svchost.exe, win32/riern.aa, win32/toolbar.widgi, windows




Ähnliche Themen: Rechner viel langsamer, stürzt häufig ab


  1. Win7 Laptop stürzt häufig bei Downloads ab
    Plagegeister aller Art und deren Bekämpfung - 09.04.2015 (11)
  2. viel Werbung,unglaublich langsamer Rechner
    Log-Analyse und Auswertung - 03.09.2014 (13)
  3. Rechner arbeitet viel im hintergrund, ist langsamer und stürzt auch manchmal ab...
    Log-Analyse und Auswertung - 04.02.2014 (19)
  4. Windows 7 - extrem viel Werbung - Rechner immer langsamer!
    Plagegeister aller Art und deren Bekämpfung - 10.01.2014 (9)
  5. 8-mal so viel RAM wie zuvor - und viel langsamer
    Netzwerk und Hardware - 12.08.2013 (9)
  6. Malware Problem, viel Werbung, Schwarzes Fenster und extrem langsamer Rechner
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (9)
  7. Rechner stürzt reglmäßig ab und läuft viel zu langsam; anbei logfile
    Log-Analyse und Auswertung - 26.01.2011 (3)
  8. PC stürzt häufig ab
    Alles rund um Windows - 15.06.2010 (1)
  9. Computer extrem langsam, stürzt häufig ab, Avira brachte keine Besserung
    Log-Analyse und Auswertung - 15.02.2010 (1)
  10. PC läuft langsam / stürzt häufig ab. Wlanverbindung hat sich nach Einwahl geändert
    Log-Analyse und Auswertung - 06.01.2010 (2)
  11. Laptop stürzt häufig ohne Grund ab
    Log-Analyse und Auswertung - 14.11.2009 (1)
  12. Langsamer Rechner mit viel Festplattenaktivität und Abstürzen
    Plagegeister aller Art und deren Bekämpfung - 07.11.2009 (1)
  13. PC ist sehr langsam und stürzt häufig ab
    Log-Analyse und Auswertung - 05.01.2009 (0)
  14. Pc viel langsamer als vorher
    Log-Analyse und Auswertung - 30.12.2008 (5)
  15. Laptop stürzt häufig ab
    Log-Analyse und Auswertung - 16.09.2008 (0)
  16. PC läuft viel langsamer!
    Plagegeister aller Art und deren Bekämpfung - 03.08.2008 (1)
  17. Rechner stürzt sehr häufig ab / FireDaemon.exe startet ??
    Log-Analyse und Auswertung - 24.04.2007 (3)

Zum Thema Rechner viel langsamer, stürzt häufig ab - hallo, - habe ws vista, avast antivirus und google chrome - rechner ist letzte tage viel langsamer geworden und chrome friert bald den cursor ein, dann ist jede taste ohne - Rechner viel langsamer, stürzt häufig ab...
Archiv
Du betrachtest: Rechner viel langsamer, stürzt häufig ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.