| |
| |||||||
Log-Analyse und Auswertung: Sämtliche Browser laden Websites sehr Langsam bzw GarnichtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.11.2014, 19:59
| #1 |
| |  Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Moin, ich weiß nicht weiter. Ich hab mir den Rechner gebraucht gekauft, da mein Alter den geist Aufgegeben hat. Zu meinem Problem, alle Browser laden Websites Langsam bzw Garnicht. Downloads laufen aber trzd Gewohnt schnell. OT Installiert war Win Vista, (wurde vom Verkäufer auch neu Aufgesetzt) dann wollte ich Win 7 Draufballern, also Win 7 von der CD booten und gut. Denkste, ging nicht. Wollte einfach nich Booten. Mit nem USB Stick probiert, brachte auch nix. Schlussendlich, habe ich im Laufendem Betrieb win 7 Installiert und Windows.old gelöscht. Das Problem, bestand aber auch schon, als win Vista noch installiert war. Was evt noch wichtig ist: Ich habe meine alte festplatte zusätzlich angeschlossen. Habe von der alten aber nur den Programme (x86) ordner Gesaved und dann die Platte formatiert. Aber daran wird es kaum liegen, da bevor ich die Platte rangehauen habe, die Browser sowieso schon elendig langsam waren  Im Hilfe thread stand ich solle die Log's auslesen. So is es auch geschehen. defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:19 on 04/11/2014 (Luca)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Luca (administrator) on CeroX on 04-11-2014 19:21:54
Running from C:\Users\Luca\Downloads
Loaded Profile: Luca (Available profiles: Luca)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B9E38A949F8CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\gh1f46xm.default
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 19:21 - 2014-11-04 19:22 - 00002602 _____ () C:\Users\Luca\Downloads\FRST.txt
2014-11-04 19:21 - 2014-11-04 19:21 - 00000000 ____D () C:\FRST
2014-11-04 19:20 - 2014-11-04 19:20 - 01106432 _____ (Farbar) C:\Users\Luca\Downloads\FRST.exe
2014-11-04 19:19 - 2014-11-04 19:19 - 00000470 _____ () C:\Users\Luca\Desktop\defogger_disable.log
2014-11-04 19:19 - 2014-11-04 19:19 - 00000000 _____ () C:\Users\Luca\defogger_reenable
2014-11-04 19:16 - 2014-11-04 19:16 - 00050477 _____ () C:\Users\Luca\Desktop\Defogger.exe
2014-11-04 17:13 - 2014-11-04 17:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 17:12 - 2014-11-04 17:12 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-04 17:12 - 2014-11-04 17:12 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Roaming\Mozilla
2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Local\Mozilla
2014-11-04 17:11 - 2014-11-04 17:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-04 17:11 - 2014-11-04 17:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-04 17:11 - 2014-11-04 17:11 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-04 17:08 - 2014-11-04 17:08 - 00001419 _____ () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-04 17:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-04 17:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-04 17:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-04 17:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-04 17:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-04 17:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-04 17:07 - 2014-11-04 19:19 - 00000000 ____D () C:\Users\Luca
2014-11-04 17:07 - 2014-11-04 17:07 - 00000020 ___SH () C:\Users\Luca\ntuser.ini
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Startmenü
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Netzwerkumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Druckumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Local\Verlauf
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 ____D () C:\Users\Luca\AppData\Local\VirtualStore
2014-11-04 17:07 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-04 17:07 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-04 16:33 - 2014-11-04 16:33 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-11-04 16:33 - 2014-11-04 16:33 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-11-04 16:32 - 2014-11-04 17:25 - 00037191 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 16:32 - 2014-11-04 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-11-04 16:29 - 2014-11-04 16:33 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-11-04 16:27 - 2014-11-04 17:07 - 00000000 ____D () C:\Windows\Panther
2014-11-03 10:00 - 2014-11-04 17:07 - 00000000 __SHD () C:\Recovery
2014-11-03 02:23 - 2014-11-03 03:09 - 00000000 ___HD () C:\$WINDOWS.~Q
2014-11-03 02:15 - 2014-11-03 02:18 - 00000000 ___HD () C:\$INPLACE.~TR
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 18:42 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 18:42 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 17:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-04 17:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-04 17:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-04 17:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-11-04 17:06 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 16:42 - 2009-07-14 05:39 - 00020766 _____ () C:\Windows\setupact.log
2014-11-04 16:41 - 2009-07-14 05:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-04 16:40 - 2009-07-14 05:39 - 00000269 _____ () C:\Windows\setuperr.log
2014-11-04 16:33 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-04 16:29 - 2009-07-14 09:57 - 00000000 ____D () C:\Windows\CSC
2014-11-04 16:29 - 2009-07-14 05:34 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-11-04 16:27 - 2014-07-30 13:27 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-11-04 16:27 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-11-04 16:27 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-04 17:34
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Luca at 2014-11-04 19:22:09
Running from C:\Users\Luca\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-11-2014 16:07:48 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (whitelisted) =============
2014-11-04 17:11 - 2014-10-28 03:01 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4223536495-2468334825-2304086249-500 - Administrator - Disabled)
Gast (S-1-5-21-4223536495-2468334825-2304086249-501 - Limited - Disabled)
Luca (S-1-5-21-4223536495-2468334825-2304086249-1000 - Administrator - Enabled) => C:\Users\Luca
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (11/04/2014 04:39:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet:
%%2
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 34%
Total physical RAM: 3070.18 MB
Available physical RAM: 2000.78 MB
Total Pagefile: 6138.63 MB
Available Pagefile: 4943.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:445.75 GB) (Free:381.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:20 GB) (Free:11.63 GB) FAT32
Drive f: () (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Luca) (Fixed) (Total:454.84 GB) (Free:298.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 84A1B47F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A93EB8C)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== End Of Log ============================
Bei GMER ziemlich komische geschichte, alle schritte befolgt, bekam aber trzd ne Fehlermeldung... Fehlermeldung: \Device\Harddisk2\DR2 (Was davor stand hab ich nicht mehr im kopf )Mit Freundlichem Gruß Luca |
| Themen zu Sämtliche Browser laden Websites sehr Langsam bzw Garnicht |
| aufgegeben, booten, defender, desktop, fehler, fehlercode 0x5, fehlercode windows, festplatte, langsam, log's, problem, security, services.exe, stick, svchost.exe, tdss file system, usb, win32/adware.multiplug.ay, win32/kryptik.orf, win32/olmarik.adz, win32/olmarik.afk, win64/adware.multiplug.d, win64/olmarik.a, win64/olmarik.r, windows.old, winlogon.exe |
Baum-Darstellung