Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Computer ungewöhnlich langsam (und hängt oft)!

Computer ungewöhnlich langsam (und hängt oft)!


Log-Analyse und Auswertung: Computer ungewöhnlich langsam (und hängt oft)!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 16.11.2009, 19:25   #1
Crusader
/// Helfer-Team
 
Computer ungewöhnlich langsam (und hängt oft)! - Ausrufezeichen

Computer ungewöhnlich langsam (und hängt oft)!


Hallo,

Habe seit ein paar Wochen folgendes Problem: Hatte bis vor ein paar Wochen/1 Monat noch Vista 64-Bit (zum Arbeiten usw.) und XP 32-Bit (zum Spielen) nebeneinander installiert! Alles lief "perfekt", hatte vorher nie Stabilitätsprobleme oder andere Probleme!

Seit nun das neue Windows 7 erschienen ist, habe ich nun Win7 (zum Arbeiten usw.) und Vista (zum Spielen) installiert (machte bei beiden eine Neuinstallation!). Ich merke aber, das Vista wirklich extrem träge ist, vor allem nach dem Start (wenn alles geladen ist)! Der Explorer und einige andere Programme frieren ständig ein, obwohl die CPu-Auslastung "normal" ist! Windows7 läuft meistens ganz OK, habe dort keine größeren Probleme derzeit!

Was ich aber komisch finde ist, das Vista nun so träge ist, liegt das an den Spielen, nein oder?
Auch einen Virus schließe ich nicht aus, deshalb mein Thread! ;)

Mein System:

Windows 7 (C:)
Windows Vista (D:)
MEDION HDD (G:) -> externe Festplatte

1.) CCleaner:

Erledigt!

2.) Malwarebytes-Anti-Malware:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.41
Datenbank Version: 3079
Windows 6.1.7600

15.11.2009 22:22:43
mbam-log-2009-11-15 (22-22-43).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|G:\|)
Durchsuchte Objekte: 336616
Laufzeit: 1 hour(s), 47 minute(s), 1 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 8

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Alexander\Downloads\Spieledateien\Sim City 4 Deluxe\Plugins\SFBT_NVG_Wohnhaus\SFBT_NVG-Wohnhaus.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Alexander\Downloads\Spieledateien\Sim City 4 Deluxe\Plugins\SFBT_Stromleitungen\SFBT_Stromleitungen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
G:\Eigene Dateien\Eigene Dateien\Downloads\Spieledateien\Sim City 4 Deluxe\Plugins\SFBT_NVG_Wohnhaus\SFBT_NVG-Wohnhaus.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
G:\Eigene Dateien\Eigene Dateien\Downloads\Spieledateien\Sim City 4 Deluxe\Plugins\SFBT_Stromleitungen\SFBT_Stromleitungen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
G:\System Volume Information\_restore{0A41C036-F158-4C89-981C-CEA4253F8426}\RP68\A0019002.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
G:\System Volume Information\_restore{0A41C036-F158-4C89-981C-CEA4253F8426}\RP68\A0019003.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
G:\System Volume Information\_restore{30F8A32A-D55B-41EE-84EC-8E8A96A5BA3A}\RP99\A0027536.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
G:\System Volume Information\_restore{30F8A32A-D55B-41EE-84EC-8E8A96A5BA3A}\RP99\A0027537.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
3.) RSIT - Randoms System Information Tool:

----> Anhang

Ich zähle auf eure Hilfe! ;)
__________________
KEINE Hilfe per PN, für was wäre sonst das Forum da?

Trojaner Board unterstützen! | Mei Bier is ned deppad, du bist deppad! | [Invisible Fighters] Clan

Alt 21.11.2009, 16:43   #2
Crusader
/// Helfer-Team
 
Computer ungewöhnlich langsam (und hängt oft)! - Standard

Computer ungewöhnlich langsam (und hängt oft)!


Hallo,

Bitte helft mir, mein Problem besteht immer noch!

Vielen Dank für eure Hilfe!
__________________

__________________
Alt 21.11.2009, 16:51   #3
Larusso
/// Selecta Jahrusso
 
Computer ungewöhnlich langsam (und hängt oft)! - Standard

Computer ungewöhnlich langsam (und hängt oft)!


Servus, dass vorgepläkel brauch dir ja hoffentlich nicht mehr erklären oder

schritt 1

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista-User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Code-Tags in Deinen Thread


schritt 2

Während dieser Scans soll(en):
  • alle anderen Scanner gegen Viren, Spyware, usw. deaktiviert sein,
  • keine Verbindung zu einem Netzwerk/Internet bestehen (WLAN nicht vergessen),
  • nichts am Rechner getan werden,
  • nach jedem Scan der Rechner neu gestartet werden.
Rootkitscan mit RootRepeal
  • Gehe hierhin, scrolle runter und downloade RootRepeal.zip.
  • Entpacke die Datei auf Deinen Desktop.
  • Doppelklicke die RootRepeal.exe, um den Scanner zu starten.
  • Klicke auf den Reiter Report und dann auf den Button Scan.
  • Mache einen Haken bei den folgenden Elementen und klicke Ok.
    .
    Drivers
    Files
    Processes
    SSDT
    Stealth Objects
    Hidden Services
    Shadow SSDT
    .
  • Im Anschluss wirst Du gefragt, welche Laufwerke gescannt werden sollen.
  • Wähle C:\ und klicke wieder Ok.
  • Der Suchlauf beginnt automatisch, es wird eine Weile dauern, bitte Geduld.
  • Wenn der Suchlauf beendet ist, klicke auf Save Report.
  • Speichere das Logfile als RootRepeal.txt auf dem Desktop.
  • Kopiere den Inhalt hier in den Thread.


Bitte teile die Logfiles auf. Danke
__________________
__________________
Alt 22.11.2009, 17:50   #4
Crusader
/// Helfer-Team
 
Computer ungewöhnlich langsam (und hängt oft)! - Standard

Computer ungewöhnlich langsam (und hängt oft)!


Hallo Daniel,

Zitat:
Servus, dass vorgepläkel brauch dir ja hoffentlich nicht mehr erklären oder
Nein, danke!

CustomScan mit OTL (OTL.txt) Part1:

Code:
ATTFilter
OTL logfile created on: 22.11.2009 16:44:26 - Run 1
OTL by OldTimer - Version 3.1.6.3     Folder = C:\Users\Alexander\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 71,73% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 195,45 Gb Free Space | 83,93% Space Free | Partition Type: NTFS
Drive D: | 232,87 Gb Total Space | 149,41 Gb Free Space | 64,16% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 931,51 Gb Total Space | 835,71 Gb Free Space | 89,72% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: GAMECOMPUTER
Current User Name: Alexander
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2009.11.22 16:42:35 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2009.10.07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2009.10.07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2009.10.07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2009.10.07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2009.08.28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.07.20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.02.11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008.12.12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2009.11.22 16:42:35 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe
MOD - [2009.07.20 04:00:00 | 00,057,344 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\x86\GameHook.dll
MOD - [2009.07.20 04:00:00 | 00,038,912 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\x86\lgscroll.dll
MOD - [2009.07.14 02:16:17 | 01,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009.07.14 02:16:17 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009.07.14 02:16:15 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009.07.14 02:16:15 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009.07.14 02:14:57 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009.07.14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.06.10 22:23:11 | 00,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009.02.11 11:06:38 | 00,014,032 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.11.13 09:24:50 | 00,036,168 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.09.23 23:28:02 | 00,202,752 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.09.21 16:36:16 | 00,660,256 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - [2009.09.12 00:40:22 | 02,287,360 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Defrag\oodag.exe -- (O&O Defrag)
SRV:64bit: - [2009.07.14 02:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009.07.14 02:41:55 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009.07.14 02:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009.07.14 02:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009.07.14 02:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009.07.14 02:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009.07.14 02:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009.07.14 02:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009.07.14 02:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009.07.14 02:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009.07.14 02:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009.07.14 02:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009.07.14 02:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009.07.14 02:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009.07.14 02:39:56 | 01,525,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2009.07.14 02:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009.07.14 02:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009.07.14 02:39:11 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV - [2009.11.16 17:56:29 | 00,607,048 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.11.13 09:30:48 | 01,353,544 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.11.13 09:24:42 | 00,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.10.20 07:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe -- (NIS)
SRV - [2009.10.07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009.08.28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.07.20 12:36:14 | 00,160,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.07.14 04:20:14 | 00,000,000 | ---D | M] -- C:\Windows\Vss -- (VSS)
SRV - [2009.07.14 04:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009.07.14 02:39:09 | 00,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2009.07.14 02:39:09 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009.07.14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.13 21:30:11 | 00,061,056 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009.06.10 22:23:09 | 00,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 21:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.06.10 21:30:59 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009.06.10 21:30:45 | 00,856,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009.02.11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008.12.12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008.11.04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D AF 90 35 26 5A CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85
FF - prefs.js..extensions.enabledItems: de-AT@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.18
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.11.2
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091007W
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {27c60876-b5c9-4335-b4f3-52b26782220c}:0.9.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.15
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {4C0766D3-67A7-45a3-85A2-752F77312F32}:4.0
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2009.10.31 13:48:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2009.10.31 13:48:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2009.10.31 16:22:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.11.10 20:37:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.11.07 09:38:18 | 00,000,000 | ---D | M]
 
[2009.10.31 13:35:24 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Extensions
[2009.10.31 13:35:24 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.11.22 10:00:53 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions
[2009.11.09 17:30:03 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009.10.31 15:50:09 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2009.10.31 15:50:09 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.10.31 15:50:09 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2009.10.31 15:50:10 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009.11.18 19:11:07 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009.10.31 15:50:09 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009.11.06 18:06:35 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.11.19 19:29:39 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.10.31 14:25:29 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.10.31 15:50:10 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\w82ry5m8.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2009.11.22 10:00:53 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.11.07 09:38:18 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.10.31 13:45:48 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.11.07 09:38:17 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009.11.07 09:38:17 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009.09.25 17:41:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2009.10.31 13:45:45 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009.09.25 17:41:24 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll
[2009.09.25 17:41:34 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009.02.06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009.11.07 09:38:17 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2009.02.27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009.10.31 13:44:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2009.09.25 17:41:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll
[2009.10.16 19:18:02 | 00,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.10.16 19:18:02 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2009.10.16 19:18:02 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009.10.16 19:18:02 | 00,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.10.16 19:18:02 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.10.16 19:18:02 | 00,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
__________________
KEINE Hilfe per PN, für was wäre sonst das Forum da?

Trojaner Board unterstützen! | Mei Bier is ned deppad, du bist deppad! | [Invisible Fighters] Clan

Alt 22.11.2009, 17:53   #5
Crusader
/// Helfer-Team
 
Computer ungewöhnlich langsam (und hängt oft)! - Standard

Computer ungewöhnlich langsam (und hängt oft)!


CustomScan mit OTL (OTL.txt) Part2:

Code:
ATTFilter
O1 HOSTS File: (824 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Programme\OO Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme (x86)\Microsoft Office\Office12\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O34 - HKLM BootExecute: (OODBS) -  File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

__________________
KEINE Hilfe per PN, für was wäre sonst das Forum da?

Trojaner Board unterstützen! | Mei Bier is ned deppad, du bist deppad! | [Invisible Fighters] Clan

Alt 22.11.2009, 17:54   #6
Crusader
/// Helfer-Team
 
Computer ungewöhnlich langsam (und hängt oft)! - Standard

Computer ungewöhnlich langsam (und hängt oft)!


CustomScan mit OTL (OTL.txt) Part3:

Code:
ATTFilter
NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 04:20:14 | 00,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
 
========== Files/Folders - Created Within 14 Days ==========
 
[2009.11.22 16:42:34 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe
[2009.11.19 19:40:08 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\CrashDumps
[2009.11.19 19:12:59 | 00,003,584 | ---- | C] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.19 19:12:51 | 00,000,000 | -H-D | C] -- C:\Users\Alexander\dwhelper
[2009.11.19 18:54:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PixiePack Codec Pack
[2009.11.19 18:51:08 | 00,000,000 | ---D | C] -- C:\ProgramData\RapidSolution
[2009.11.19 18:50:21 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\RapidSolution
[2009.11.17 19:58:34 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\CyberLink
[2009.11.16 17:56:30 | 00,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2009.11.16 17:56:30 | 00,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2009.11.16 17:56:30 | 00,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2009.11.16 14:46:12 | 00,046,112 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys
[2009.11.16 14:45:48 | 00,031,264 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys
[2009.11.11 14:53:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2009.11.11 14:03:57 | 00,000,000 | ---D | C] -- C:\ProgramData\Publish Data
[2009.11.11 14:02:55 | 00,000,000 | ---D | C] -- C:\Windows\uninstall
[2009.11.10 20:56:32 | 00,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\VoipBuster
[2009.11.10 20:54:50 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VoipBuster
[2009.11.10 20:15:27 | 00,053,296 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
 
========== Files - Modified Within 14 Days ==========
 
[2009.11.22 16:43:18 | 00,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.22 16:43:18 | 00,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.22 16:42:35 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe
[2009.11.22 16:40:51 | 01,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.11.22 16:40:51 | 00,645,304 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2009.11.22 16:40:51 | 00,607,666 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.11.22 16:40:51 | 00,126,904 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2009.11.22 16:40:51 | 00,104,044 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.11.22 16:38:01 | 01,835,008 | -HS- | M] () -- C:\Users\Alexander\NTUSER.DAT
[2009.11.22 16:36:04 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.11.22 16:36:02 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.11.22 16:35:58 | 00,066,352 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2009.11.22 10:40:39 | 02,604,735 | -H-- | M] () -- C:\Users\Alexander\AppData\Local\IconCache.db
[2009.11.22 10:00:29 | 01,070,292 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1101000.013\Cat.DB
[2009.11.19 19:12:59 | 00,003,584 | ---- | M] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.19 19:00:24 | 00,000,106 | ---- | M] () -- C:\Windows\Podcasts.INI
[2009.11.16 17:56:20 | 00,002,192 | ---- | M] () -- C:\Users\Alexander\Desktop\TuneUp Utilities 2010.lnk
[2009.11.16 14:46:12 | 00,046,112 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys
[2009.11.16 14:45:48 | 00,031,264 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys
[2009.11.14 14:09:37 | 00,000,493 | ---- | M] () -- C:\Users\Alexander\Desktop\Wartungscenter.lnk
[2009.11.14 14:09:33 | 00,000,521 | ---- | M] () -- C:\Users\Alexander\Desktop\Netzwerk- und Freigabecenter.lnk
[2009.11.14 14:09:24 | 00,000,477 | ---- | M] () -- C:\Users\Alexander\Desktop\System.lnk
[2009.11.14 14:09:21 | 00,000,513 | ---- | M] () -- C:\Users\Alexander\Desktop\Software.lnk
[2009.11.14 14:08:57 | 00,000,355 | ---- | M] () -- C:\Users\Alexander\Desktop\Arbeitsplatz.lnk
[2009.11.14 08:15:35 | 00,002,498 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2009.11.13 09:31:02 | 00,033,608 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2009.11.13 09:25:02 | 00,025,928 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2009.11.13 09:24:56 | 00,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2009.11.13 09:24:50 | 00,036,168 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2009.11.13 09:24:42 | 00,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2009.11.11 14:53:29 | 00,001,036 | ---- | M] () -- C:\Users\Alexander\Desktop\JDownloader.lnk
 
========== Files Created - No Company Name ==========
 
[2009.11.19 19:12:59 | 00,003,584 | ---- | C] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.19 19:00:24 | 00,000,106 | ---- | C] () -- C:\Windows\Podcasts.INI
[2009.11.16 18:30:36 | 00,002,192 | ---- | C] () -- C:\Users\Alexander\Desktop\TuneUp Utilities 2010.lnk
[2009.11.14 14:09:37 | 00,000,493 | ---- | C] () -- C:\Users\Alexander\Desktop\Wartungscenter.lnk
[2009.11.14 14:09:33 | 00,000,521 | ---- | C] () -- C:\Users\Alexander\Desktop\Netzwerk- und Freigabecenter.lnk
[2009.11.14 14:09:24 | 00,000,477 | ---- | C] () -- C:\Users\Alexander\Desktop\System.lnk
[2009.11.14 14:09:21 | 00,000,513 | ---- | C] () -- C:\Users\Alexander\Desktop\Software.lnk
[2009.11.14 14:08:57 | 00,000,355 | ---- | C] () -- C:\Users\Alexander\Desktop\Arbeitsplatz.lnk
[2009.11.11 14:53:29 | 00,001,036 | ---- | C] () -- C:\Users\Alexander\Desktop\JDownloader.lnk
[2009.10.31 08:45:34 | 00,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.10.31 08:45:34 | 00,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.10.30 20:17:16 | 02,604,735 | -H-- | C] () -- C:\Users\Alexander\AppData\Local\IconCache.db
[2009.10.30 20:03:26 | 00,108,840 | ---- | C] () -- C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.07.14 06:32:39 | 00,043,318 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2009.07.14 06:32:39 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 06:32:39 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 06:32:39 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 05:54:24 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009.07.14 03:35:42 | 00,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009.07.14 03:34:57 | 00,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009.07.14 03:34:57 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.03.02 11:33:32 | 00,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.03.02 11:33:32 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009.01.05 15:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2007.09.04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007.02.05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2009.11.04 08:46:51 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Adobe
[2009.10.31 13:45:07 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Apple Computer
[2009.10.30 20:03:19 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\ATI
[2009.11.17 19:58:17 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\CyberLink
[2009.11.06 19:33:48 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\FileZilla
[2009.11.01 16:51:44 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\FreeFLVConverter
[2009.10.30 19:51:01 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Identities
[2009.11.01 16:31:07 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Leadertech
[2009.11.01 16:31:17 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Logitech
[2009.10.31 14:03:29 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Macromedia
[2009.10.31 13:46:15 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:18 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Media Center Programs
[2009.11.19 18:35:06 | 00,000,000 | --SD | M] -- C:\Users\Alexander\AppData\Roaming\Microsoft
[2009.10.31 13:35:24 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Mozilla
[2009.11.20 20:13:59 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Skype
[2009.10.31 13:59:08 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TeamViewer
[2009.10.31 13:59:58 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TuneUp Software
[2009.11.11 18:00:34 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\VoipBuster
[2009.10.31 13:40:52 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Win7codecs
[2009.10.31 13:24:13 | 00,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\WinRAR
[2009.11.22 16:36:04 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 00,014,742 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.exe >
 
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
 
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
 
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
 
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
 
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
 
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
 
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
 
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
 
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
 
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< End of report >
__________________
--> Computer ungewöhnlich langsam (und hängt oft)!

Antwort

Themen zu Computer ungewöhnlich langsam (und hängt oft)!
32-bit, 64-bit, andere probleme, backdoor.bot, ccleaner, code, computer, cpu-auslastung, dateien, explorer, folge, hilfe!, hängt, langsam, malwarebytes' anti-malware, neue, neuinstallation, problem, programme, registrierungsschlüssel, spiele, spielen, start, system, system volume information, tool, virus, vista, win7, windows


« HJT-Logfile - was nun? | Avira hat TR/Crypt.XPACK.Gen gefunden »


Ähnliche Themen: Computer ungewöhnlich langsam (und hängt oft)!


  1. Computer ungewöhnlich langsam
    Plagegeister aller Art und deren Bekämpfung - 17.10.2015 (9)
  2. Computer seid 1 Woche ungewöhnlich langsam
    Plagegeister aller Art und deren Bekämpfung - 16.09.2015 (13)
  3. PC ungewöhnlich langsam, mehrere Viren-/Trojanerfunde!
    Log-Analyse und Auswertung - 12.01.2015 (23)
  4. WIN8: Computer startet langsam, hängt sich auf, Daten nicht auffindbar
    Plagegeister aller Art und deren Bekämpfung - 21.12.2014 (13)
  5. windows 7 lädt ungewöhnlich lange /beim srollen hängt die Seite
    Plagegeister aller Art und deren Bekämpfung - 15.12.2014 (16)
  6. Computer ist sehr langsam und hängt manchmal
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (9)
  7. Laptop ungewöhnlich langsam
    Log-Analyse und Auswertung - 14.11.2014 (3)
  8. Laptop ungewöhnlich langsam
    Log-Analyse und Auswertung - 11.11.2014 (11)
  9. Windws 7 lädt ungewöhnlich lange /beim scrollen hängt die Seite
    Alles rund um Windows - 16.10.2014 (2)
  10. Windows 7: System ungewöhnlich langsam
    Log-Analyse und Auswertung - 24.12.2013 (11)
  11. computer extrem langsam und hängt sich immer auf
    Log-Analyse und Auswertung - 17.09.2010 (6)
  12. Internet Ungewöhnlich langsam
    Log-Analyse und Auswertung - 22.10.2009 (3)
  13. Browser läuft ungewöhnlich langsam
    Log-Analyse und Auswertung - 19.12.2008 (1)
  14. PC seit 2 Wochen ungewöhnlich langsam!!!
    Log-Analyse und Auswertung - 01.09.2008 (1)
  15. Laptop ungewöhnlich langsam!
    Log-Analyse und Auswertung - 28.08.2008 (1)
  16. PC ungewöhnlich langsam
    Log-Analyse und Auswertung - 11.08.2008 (2)
  17. Hoher Ping - ungewöhnlich langsam
    Log-Analyse und Auswertung - 30.12.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Computer ungewöhnlich langsam (und hängt oft)! - Hallo, Habe seit ein paar Wochen folgendes Problem: Hatte bis vor ein paar Wochen/1 Monat noch Vista 64-Bit (zum Arbeiten usw.) und XP 32-Bit (zum Spielen) nebeneinander installiert! Alles lief - Computer ungewöhnlich langsam (und hängt oft)!...

Alle Zeitangaben in WEZ +1. Es ist jetzt 21:49 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: Computer ungewöhnlich langsam (und hängt oft)! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131