Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten

Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten


Plagegeister aller Art und deren Bekämpfung: Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.03.2011, 11:47   #1
bartolo
 
Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten - Standard

Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten


Hallo zusammen,

seit ca. 2 Wochen werde ich bei der Benutzung vom Firefox und IE auf andere Seiten umgeleitet. Zudem sind beide unglaublich langsam, sodass sie eigentlich nicht mehr zu gebrauchen sind. Hauptumleitung, die passiert ist von www.comunio.de auf hxxp://de.bigpoint.com/games/fussballmanager/. Die 64-bit-Version von IE läuft hingegen ganz normal...

Eine Internetsuche hat ergeben, dass andere das Problem mit Spybot beheben konnten, bei mir findet der aber nichts. Auch Microsoft Security Essentials findet nichts.

Interessant war dass Firefox für 1 1/2 Tage ganz normal gelaufen ist, nachdem ich 5 Tage im Urlaub war und den Computer nicht benutzt habe. Jetzt geht aber wieder nix mehr.

Ich habe einen OTL-Scan gemacht und unten die logs gepostet. Ich bin für jegliche Hilfe dankbar!OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.03.2011 11:27:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Max\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 22,12 Gb Free Space | 29,69% Space Free | Partition Type: NTFS
Drive D: | 204,03 Gb Total Space | 203,64 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
 
Computer Name: MAX-PC | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Max\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (Boingo Wireless, Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe ()
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Max\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.06 21:11:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.06 21:11:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.03.06 14:31:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2011.02.22 11:40:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions
[2010.11.15 16:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.22 11:40:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\068u7whn.default\extensions
[2011.02.22 11:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.18 23:15:46 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files (x86)\mozilla firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
[2011.03.06 21:11:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.06 21:11:31 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.06 21:11:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.06 21:11:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.06 21:11:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Setwallpaper] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.08 11:23:23 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2011.03.05 19:27:47 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\Steuer-Sparbuch
[2011.03.05 18:02:52 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Buhl Data Service
[2011.03.05 18:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2011
[2011.03.05 18:01:43 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Buhl
[2011.03.05 18:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WISO
[2011.03.05 17:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH
[2011.03.05 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Buhl Data Service
[2011.02.23 08:28:10 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.23 08:28:10 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.23 08:28:09 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.23 08:28:08 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.22 22:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.02.22 22:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.02.22 22:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.02.22 11:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.20 15:10:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.02.18 23:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.02.10 07:44:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.10 07:44:40 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.10 07:44:40 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.10 07:44:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.10 07:44:40 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.10 07:44:39 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.10 07:44:39 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.10 07:44:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.10 07:44:39 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.10 07:44:39 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.10 07:44:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.10 07:44:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.10 07:44:23 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.10 07:44:21 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.10 07:44:20 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.10 07:44:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.10 07:44:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.10 07:44:16 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.10 07:44:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.10 07:44:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.10 07:44:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.10 07:44:13 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.10 07:44:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.10 07:44:11 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.10 07:44:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.10 07:44:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.10 07:44:09 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.10 07:44:09 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.10 07:44:08 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.10 07:44:08 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.10 07:44:08 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.10 07:44:07 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.10 07:44:07 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.10 07:44:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.08 11:23:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2011.03.08 11:05:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.08 10:58:34 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.08 10:58:34 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.08 10:51:19 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.08 10:50:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.08 10:50:52 | 3193,716,736 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.06 18:12:53 | 001,506,546 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.06 18:12:53 | 000,656,710 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.06 18:12:53 | 000,618,552 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.06 18:12:53 | 000,131,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.06 18:12:53 | 000,107,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.06 14:30:24 | 000,001,916 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.03.05 18:02:42 | 000,000,103 | ---- | M] () -- C:\Windows\wiso.ini
[2011.03.05 18:02:09 | 000,002,127 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
[2011.03.05 18:02:09 | 000,002,095 | ---- | M] () -- C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk
[2011.02.22 22:44:16 | 000,001,089 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011.02.22 22:17:45 | 000,001,260 | ---- | M] () -- C:\Users\Max\Desktop\Spybot - Search & Destroy.lnk
[2011.02.22 11:39:27 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.18 23:09:23 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\pdh32.dll
[2011.02.15 07:29:54 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.13 13:35:19 | 000,079,764 | ---- | M] () -- C:\Users\Max\Desktop\bewerbungsbogen_terminplan_merkblatt-ss-2011.pdf
[2011.02.13 12:27:42 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.03.05 18:02:13 | 000,000,103 | ---- | C] () -- C:\Windows\wiso.ini
[2011.03.05 18:02:09 | 000,002,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
[2011.03.05 18:02:09 | 000,002,095 | ---- | C] () -- C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk
[2011.02.22 22:17:45 | 000,001,260 | ---- | C] () -- C:\Users\Max\Desktop\Spybot - Search & Destroy.lnk
[2011.02.22 11:39:27 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.18 23:09:23 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\pdh32.dll
[2011.02.13 13:35:19 | 000,079,764 | ---- | C] () -- C:\Users\Max\Desktop\bewerbungsbogen_terminplan_merkblatt-ss-2011.pdf
[2011.01.06 11:28:45 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2011.01.06 11:28:45 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.11.24 16:22:12 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.11.24 16:22:12 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.11.16 08:53:25 | 001,528,460 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.15 18:21:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.13 03:21:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.08.13 03:01:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.02.09 08:07:38 | 000,020,480 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2010.02.09 08:07:38 | 000,000,269 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.10.26 04:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009.07.29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.28 21:04:11 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.28 21:04:11 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.28 21:04:11 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.28 21:04:11 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.12.02 02:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2006.05.19 04:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
 
========== LOP Check ==========
 
[2010.11.15 12:21:24 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Asus WebStorage
[2011.02.03 12:06:30 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Audacity
[2011.03.05 18:02:52 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Buhl Data Service
[2011.03.07 09:10:54 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\SoftGrid Client
[2010.11.15 16:54:14 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Thunderbird
[2010.11.16 08:54:34 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\TP
[2011.02.22 22:43:39 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA
 
< End of report >
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 08.03.2011 11:27:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Max\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 22,12 Gb Free Space | 29,69% Space Free | Partition Type: NTFS
Drive D: | 204,03 Gb Total Space | 203,64 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
 
Computer Name: MAX-PC | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"USB 2.0 UVC 0.3M WebCam" = USB 2.0 UVC 0.3M WebCam
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite DCP-135C
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.2 MUI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{B653A2EC-D816-4498-A4FD-651047AB9DC9}" = Boingo Wi-Fi
"{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}" = syncables desktop SE
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS WebStorage" = ASUS WebStorage
"ASUS_UL_Series_Screensaver" = ASUS_UL_Series_Screensaver
"Audacity 1.3 Beta_is1" = Audacity 1.3.12
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.02.2011 14:15:04 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:04.640]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:06 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:06.140]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:07 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:07.640]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:09 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:09.140]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:10 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:10.640]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:12 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:12.140]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:13 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:13.640]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:15 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:15.140]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:16 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:16.640]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
Error - 23.02.2011 14:15:18 | Computer Name = Max-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/02/23 19:15:18.140]: [00004576]: lperrcode->api
= 1 , lperrcode->code = 2 
 
[ System Events ]
Error - 20.02.2011 10:11:09 | Computer Name = Max-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler. Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
3 Fehlertyp: 10 Prozessor-ID: 1 Die Detailansicht dieses Eintrags beinhaltet weitere
Informationen.
 
Error - 22.02.2011 06:37:22 | Computer Name = Max-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode: 
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
 
Error - 22.02.2011 17:44:06 | Computer Name = Max-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode: 
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
 
Error - 24.02.2011 02:28:00 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
 
Error - 24.02.2011 02:28:00 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
Neustart des Diensts.
 
Error - 24.02.2011 02:28:00 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies 
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
 
Error - 24.02.2011 02:28:00 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
durchgeführt: Neustart des Diensts.
 
Error - 24.02.2011 02:28:00 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
Neustart des Diensts.
 
Error - 24.02.2011 02:41:31 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
 
Error - 24.02.2011 02:41:31 | Computer Name = Max-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Telefonie" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
 
 
< End of report >
--- --- ---
 

Themen zu Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten
alternate, awareness, bho, browser, c:\windows\system32\rundll32.exe, computer, defender, error, firefox, firefox langsam, flash player, format, gfnexsrv.exe, google, google chrome, helper, home, iastor.sys, install.exe, installation, langsam, location, logfile, microsoft office starter 2010, microsoft security, microsoft security essentials, mozilla, mozilla thunderbird, oldtimer, otl-scan, otl.exe, problem, programdata, realtek, registry, rundll, safer networking, saver, searchplugins, security, shell32.dll, software, start menu, syswow64, usb, usb 2.0, webcheck, windows, wiso


« Bezüglich dem Thread "TR Crypt.ZPack.Gen2 bei steam, kompletter pfad war zu lang für überschrift" | Diverse Problem: Postbank TAN-Abfrage, Rechner friert ein, Trojanermeldungen bei AntiVir »


Ähnliche Themen: Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten


  1. Firefox auf einigen Seiten sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 31.07.2015 (11)
  2. Automatisches Öffnen mit unerwünschten Seiten (pornografischer Inhalt)
    Log-Analyse und Auswertung - 06.06.2015 (1)
  3. Firefox öffnet keine Seiten-PC langsam-Virenmeldung W32/Exploit.gen
    Log-Analyse und Auswertung - 05.06.2015 (9)
  4. Windows 7 Firefox langsam und https Seiten werden nicht geladen
    Log-Analyse und Auswertung - 11.09.2014 (24)
  5. Windows 8: Malware/Adware Probleme, Aufruf von unerwünschten Seiten im Internet
    Log-Analyse und Auswertung - 10.08.2014 (7)
  6. PC läuft sehr langsam, Firefox schließt automatisch, Manche Seiten blockiert
    Log-Analyse und Auswertung - 17.05.2014 (7)
  7. Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam
    Log-Analyse und Auswertung - 21.03.2014 (5)
  8. Firefox öffnet ständig neue Seiten...Computer reagiert sehr langsam
    Log-Analyse und Auswertung - 07.08.2013 (42)
  9. Firefox lädt ein paar Seiten bzw. Videos sehr langsam
    Log-Analyse und Auswertung - 28.03.2012 (1)
  10. System Langsam,Firefox öffnet falsche seiten,incredimail ruft gelöschte mails ab
    Plagegeister aller Art und deren Bekämpfung - 11.10.2010 (16)
  11. Google Redirects zu unerwünschten Seiten
    Plagegeister aller Art und deren Bekämpfung - 11.10.2010 (1)
  12. Umleitung auf Seiten wie netwere.com, Seite nicht gefunden im Firefox und IE
    Plagegeister aller Art und deren Bekämpfung - 20.09.2010 (16)
  13. Umleitung zu unerwünschten Werbeseiten
    Log-Analyse und Auswertung - 11.01.2010 (4)
  14. pc friert ein und umleitung bei google suche
    Log-Analyse und Auswertung - 22.12.2009 (3)
  15. Firefox leitet zu merkwürdige Seiten; langsam/nicht komplett.
    Log-Analyse und Auswertung - 20.05.2009 (1)
  16. Seiten Aufbau Firefox oder IE sehr langsam
    Log-Analyse und Auswertung - 16.05.2007 (13)
  17. GOOGLE-Ergebnislisten - Umleitung zu unerwünschten Seiten
    Log-Analyse und Auswertung - 10.10.2006 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten - Hallo zusammen, seit ca. 2 Wochen werde ich bei der Benutzung vom Firefox und IE auf andere Seiten umgeleitet. Zudem sind beide unglaublich langsam, sodass sie eigentlich nicht mehr zu - Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten...
Archiv
Du betrachtest: Firefox langsam, friert ein, Umleitung zu unerwünschten Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131