| |
| |||||||
Log-Analyse und Auswertung: Computer ungewöhnlich langsam (und hängt oft)!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.11.2009, 17:54
| #6 |
| /// Helfer-Team   |  Computer ungewöhnlich langsam (und hängt oft)! CustomScan mit OTL (OTL.txt) Part3: Code:
ATTFilter NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 04:20:14 | 00,000,000 | ---D | M] NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation) NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation) NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation) NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation) ========== Files/Folders - Created Within 14 Days ========== [2009.11.22 16:42:34 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe [2009.11.19 19:40:08 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\CrashDumps [2009.11.19 19:12:59 | 00,003,584 | ---- | C] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.19 19:12:51 | 00,000,000 | -H-D | C] -- C:\Users\Alexander\dwhelper [2009.11.19 18:54:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PixiePack Codec Pack [2009.11.19 18:51:08 | 00,000,000 | ---D | C] -- C:\ProgramData\RapidSolution [2009.11.19 18:50:21 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\RapidSolution [2009.11.17 19:58:34 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\CyberLink [2009.11.16 17:56:30 | 00,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2009.11.16 17:56:30 | 00,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2009.11.16 17:56:30 | 00,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2009.11.16 14:46:12 | 00,046,112 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys [2009.11.16 14:45:48 | 00,031,264 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys [2009.11.11 14:53:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2009.11.11 14:03:57 | 00,000,000 | ---D | C] -- C:\ProgramData\Publish Data [2009.11.11 14:02:55 | 00,000,000 | ---D | C] -- C:\Windows\uninstall [2009.11.10 20:56:32 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\VoipBuster [2009.11.10 20:54:50 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VoipBuster [2009.11.10 20:15:27 | 00,053,296 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys ========== Files - Modified Within 14 Days ========== [2009.11.22 16:43:18 | 00,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2009.11.22 16:43:18 | 00,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2009.11.22 16:42:35 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe [2009.11.22 16:40:51 | 01,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009.11.22 16:40:51 | 00,645,304 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2009.11.22 16:40:51 | 00,607,666 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009.11.22 16:40:51 | 00,126,904 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2009.11.22 16:40:51 | 00,104,044 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009.11.22 16:38:01 | 01,835,008 | -HS- | M] () -- C:\Users\Alexander\NTUSER.DAT [2009.11.22 16:36:04 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009.11.22 16:36:02 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009.11.22 16:35:58 | 00,066,352 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2009.11.22 10:40:39 | 02,604,735 | -H-- | M] () -- C:\Users\Alexander\AppData\Local\IconCache.db [2009.11.22 10:00:29 | 01,070,292 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1101000.013\Cat.DB [2009.11.19 19:12:59 | 00,003,584 | ---- | M] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.19 19:00:24 | 00,000,106 | ---- | M] () -- C:\Windows\Podcasts.INI [2009.11.16 17:56:20 | 00,002,192 | ---- | M] () -- C:\Users\Alexander\Desktop\TuneUp Utilities 2010.lnk [2009.11.16 14:46:12 | 00,046,112 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys [2009.11.16 14:45:48 | 00,031,264 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys [2009.11.14 14:09:37 | 00,000,493 | ---- | M] () -- C:\Users\Alexander\Desktop\Wartungscenter.lnk [2009.11.14 14:09:33 | 00,000,521 | ---- | M] () -- C:\Users\Alexander\Desktop\Netzwerk- und Freigabecenter.lnk [2009.11.14 14:09:24 | 00,000,477 | ---- | M] () -- C:\Users\Alexander\Desktop\System.lnk [2009.11.14 14:09:21 | 00,000,513 | ---- | M] () -- C:\Users\Alexander\Desktop\Software.lnk [2009.11.14 14:08:57 | 00,000,355 | ---- | M] () -- C:\Users\Alexander\Desktop\Arbeitsplatz.lnk [2009.11.14 08:15:35 | 00,002,498 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2009.11.13 09:31:02 | 00,033,608 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2009.11.13 09:25:02 | 00,025,928 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2009.11.13 09:24:56 | 00,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2009.11.13 09:24:50 | 00,036,168 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2009.11.13 09:24:42 | 00,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2009.11.11 14:53:29 | 00,001,036 | ---- | M] () -- C:\Users\Alexander\Desktop\JDownloader.lnk ========== Files Created - No Company Name ========== [2009.11.19 19:12:59 | 00,003,584 | ---- | C] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.19 19:00:24 | 00,000,106 | ---- | C] () -- C:\Windows\Podcasts.INI [2009.11.16 18:30:36 | 00,002,192 | ---- | C] () -- C:\Users\Alexander\Desktop\TuneUp Utilities 2010.lnk [2009.11.14 14:09:37 | 00,000,493 | ---- | C] () -- C:\Users\Alexander\Desktop\Wartungscenter.lnk [2009.11.14 14:09:33 | 00,000,521 | ---- | C] () -- C:\Users\Alexander\Desktop\Netzwerk- und Freigabecenter.lnk [2009.11.14 14:09:24 | 00,000,477 | ---- | C] () -- C:\Users\Alexander\Desktop\System.lnk [2009.11.14 14:09:21 | 00,000,513 | ---- | C] () -- C:\Users\Alexander\Desktop\Software.lnk [2009.11.14 14:08:57 | 00,000,355 | ---- | C] () -- C:\Users\Alexander\Desktop\Arbeitsplatz.lnk [2009.11.11 14:53:29 | 00,001,036 | ---- | C] () -- C:\Users\Alexander\Desktop\JDownloader.lnk [2009.10.31 08:45:34 | 00,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009.10.31 08:45:34 | 00,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009.10.30 20:17:16 | 02,604,735 | -H-- | C] () -- C:\Users\Alexander\AppData\Local\IconCache.db [2009.10.30 20:03:26 | 00,108,840 | ---- | C] () -- C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT [2009.07.14 06:32:39 | 00,043,318 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont [2009.07.14 06:32:39 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009.07.14 06:32:39 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009.07.14 06:32:39 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009.07.14 05:54:24 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2009.07.14 03:35:42 | 00,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009.07.14 03:34:57 | 00,000,403 | ---- | C] () -- C:\Windows\win.ini [2009.07.14 03:34:57 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.03.02 11:33:32 | 00,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.03.02 11:33:32 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2009.01.05 15:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini [2007.09.04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2007.02.05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI ========== LOP Check ========== [2009.11.04 08:46:51 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Adobe [2009.10.31 13:45:07 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Apple Computer [2009.10.30 20:03:19 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\ATI [2009.11.17 19:58:17 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\CyberLink [2009.11.06 19:33:48 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\FileZilla [2009.11.01 16:51:44 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\FreeFLVConverter [2009.10.30 19:51:01 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Identities [2009.11.01 16:31:07 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Leadertech [2009.11.01 16:31:17 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Logitech [2009.10.31 14:03:29 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Macromedia [2009.10.31 13:46:15 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Malwarebytes [2009.07.14 19:18:18 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Media Center Programs [2009.11.19 18:35:06 | 00,000,000 | --SD | M] -- C:\Users\Alexander\AppData\Roaming\Microsoft [2009.10.31 13:35:24 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Mozilla [2009.11.20 20:13:59 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Skype [2009.10.31 13:59:08 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TeamViewer [2009.10.31 13:59:58 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TuneUp Software [2009.11.11 18:00:34 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\VoipBuster [2009.10.31 13:40:52 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Win7codecs [2009.10.31 13:24:13 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\WinRAR [2009.11.22 16:36:04 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 06:08:49 | 00,014,742 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\eventlog.dll /s /md5 > < %SYSTEMDRIVE%\scecli.dll /s /md5 > [2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 02:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll < %SYSTEMDRIVE%\netlogon.dll /s /md5 > [2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 02:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > [2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > [2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < %SYSTEMDRIVE%\atapi.sys /s /md5 > [2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > [2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < %SYSTEMDRIVE%\nvatabus.sys /s /md5 > < End of report >
__________________ --> Computer ungewöhnlich langsam (und hängt oft)! |
| Themen zu Computer ungewöhnlich langsam (und hängt oft)! |
| 32-bit, 64-bit, andere probleme, backdoor.bot, ccleaner, code, computer, cpu-auslastung, dateien, explorer, folge, hilfe!, hängt, langsam, malwarebytes' anti-malware, neue, neuinstallation, problem, programme, registrierungsschlüssel, spiele, spielen, start, system, system volume information, tool, virus, vista, win7, windows |
Baum-Darstellung