Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Firefox extrem langsam - Malware Befall vermutet

Firefox extrem langsam - Malware Befall vermutet


Log-Analyse und Auswertung: Firefox extrem langsam - Malware Befall vermutet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 04.04.2011, 22:56   #3
on_the_run
 
Firefox extrem langsam - Malware Befall vermutet - Standard

Firefox extrem langsam - Malware Befall vermutet


Danke für die Info.
Zuerst die Augen aufmachen und lesen

Alo erster Teil vom OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.04.2011 22:56:54 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Robert\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,28 Gb Total Space | 357,03 Gb Free Space | 78,94% Space Free | Partition Type: NTFS
Drive D: | 629,86 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 931,28 Gb Total Space | 753,19 Gb Free Space | 80,88% Space Free | Partition Type: FAT32
 
Computer Name: VAIO | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.04.04 15:54:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
PRC - [2011.04.04 14:06:21 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
PRC - [2011.04.04 14:06:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\java.exe
PRC - [2011.03.16 13:15:13 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.06 14:31:13 | 012,587,696 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Internet\Mozilla Thunderbird\thunderbird.exe
PRC - [2010.12.13 09:39:27 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 09:39:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.01 06:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.08.12 16:15:34 | 000,081,296 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCSpt.exe
PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.05.18 14:38:46 | 000,075,776 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Internet\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.12.28 18:25:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Internet\Belkin\F7D4101\V1\wlansrv.exe
PRC - [2009.11.25 19:45:22 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Internet\Belkin\F7D4101\V1\PBN.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.04.04 15:54:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.08.12 16:15:34 | 000,257,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010.06.08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.05.31 18:25:48 | 001,250,160 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011.03.16 13:15:13 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.13 09:39:27 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.10.21 08:51:08 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Internet\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.28 18:25:40 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Internet\Belkin\F7D4101\V1\wlansrv.exe -- (WLANBelkinService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.12.13 09:39:38 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.12.13 09:39:38 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.31 23:31:21 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.23 14:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.02.08 09:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009.11.06 09:40:26 | 000,838,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008.11.16 19:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\..\URLSearchHook: {134b012b-132d-4516-a786-2395828640b5} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.01.14 19:14:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files (x86)\Internet\Mozilla Thunderbird\components [2011.03.06 14:31:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files (x86)\Internet\Mozilla Thunderbird\plugins [2011.04.03 22:27:38 | 000,000,000 | ---D | M]
 
[2011.04.04 16:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions
[2011.01.07 17:31:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.07 19:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Thunderbird\Profiles\e2mxo0z6.default\extensions
[2011.01.07 19:31:39 | 000,000,000 | ---D | M] (Lightning) -- C:\Users\Robert\AppData\Roaming\mozilla\Thunderbird\Profiles\e2mxo0z6.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
[2011.01.07 20:03:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Thunderbird\Profiles\e2mxo0z6.default\extensions.sbd
File not found (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\THUNDERBIRD\PROFILES\TCEH3HPD.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103}
 
O1 HOSTS File: ([2011.01.17 00:50:15 | 000,001,294 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FontExpertType1Loader] C:\Program Files (x86)\Media\FontExpert\Type1Loader.exe (Proxima Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.05.27 06:45:29 | 000,000,042 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - Unable to obtain root file information for disk E:\
O33 - MountPoints2\{55143a00-1a58-11e0-8f85-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{55143a00-1a58-11e0-8f85-806e6f6e6963}\Shell\AutoRun\command - "" = D:\STUB.EXE -- [2003.02.17 22:10:16 | 000,024,576 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.04 16:11:22 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.04.04 15:54:55 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2011.04.04 14:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.04.04 14:06:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.04.04 14:06:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.04.04 14:06:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.04.04 00:42:16 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.04.04 00:41:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Google
[2011.04.03 23:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft HiJackFree
[2011.04.03 15:25:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Auslogics
[2011.03.30 10:52:44 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\TIPP10
[2011.03.30 10:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10
[2011.03.24 18:32:25 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CanarySim
[2011.03.24 18:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.03.24 18:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft
[2011.03.24 03:01:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
[2011.03.24 03:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
[2011.03.24 02:35:34 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011.03.24 02:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSacars
[2011.03.23 21:19:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
[2011.03.23 21:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
[2011.03.23 19:19:52 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Active Camera 2004
[2011.03.23 01:28:37 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Conduit
[2011.03.23 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2011.03.23 01:16:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2011.03.23 01:13:34 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lago
[2011.03.23 01:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lago
[2011.03.23 00:56:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Flight Simulator-Dateien
[2011.03.23 00:55:47 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.03.23 00:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2011.03.15 16:59:11 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\SKIDROW
[2011.03.15 16:59:04 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.03.15 16:59:04 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.03.15 16:59:04 | 000,133,632 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.03.15 16:59:04 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.03.15 16:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.03.10 23:38:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Diagnostics
[2011.03.10 23:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks 2
[2011.03.10 22:59:58 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Gutscheinmieze
[2011.03.09 12:52:51 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.03.09 12:52:50 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.03.09 12:52:50 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.03.09 12:52:50 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.03.09 12:52:48 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.03.09 12:52:48 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.03.09 12:52:47 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.03.09 12:52:47 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.03.09 12:52:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.03.09 12:52:47 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.03.09 12:52:46 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.03.09 12:52:46 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.03.09 12:52:44 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.03.09 12:52:44 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.03.09 12:52:42 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.03.09 12:52:41 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.03.09 12:52:41 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.03.09 12:52:41 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.03.06 21:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.03.06 21:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.03.06 21:46:43 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.03.06 21:41:06 | 000,000,000 | R--D | C] -- C:\Users\Robert\Favorites
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.04 22:46:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2037049737-1123142766-1239106862-1000UA.job
[2011.04.04 19:06:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.04 17:02:39 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 17:02:39 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 16:55:06 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.04 16:32:47 | 000,038,388 | ---- | M] () -- C:\Users\Robert\cc_20110404_163244.reg
[2011.04.04 16:21:06 | 000,019,002 | ---- | M] () -- C:\Users\Robert\cc_20110404_162059.reg
[2011.04.04 16:11:24 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.04 15:54:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2011.04.04 14:06:21 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.04.04 14:06:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.04.04 14:06:20 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.04.04 14:06:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.04.04 00:46:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2037049737-1123142766-1239106862-1000Core.job
[2011.04.04 00:42:30 | 000,002,283 | ---- | M] () -- C:\Users\Robert\Desktop\Google Chrome.lnk
[2011.04.03 23:27:18 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft HiJackFree.lnk
[2011.04.03 23:00:50 | 000,007,627 | ---- | M] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2011.04.03 11:25:08 | 000,411,008 | ---- | M] () -- C:\Users\Robert\Video call snapshot 170.png
[2011.04.02 23:55:55 | 000,127,566 | ---- | M] () -- C:\Users\Robert\Video call snapshot 169.png
[2011.04.02 23:54:49 | 000,117,715 | ---- | M] () -- C:\Users\Robert\Video call snapshot 168.png
[2011.04.01 19:09:53 | 000,013,190 | ---- | M] () -- C:\Users\Robert\Hazy-Kurse+WS+2010-11_3.pdf
[2011.04.01 19:08:31 | 000,013,162 | ---- | M] () -- C:\Users\Robert\Hazy-Kurse+WS+2010-11_2.pdf
[2011.04.01 18:51:58 | 000,009,030 | ---- | M] () -- C:\Users\Robert\Hazy-Kurse+WS+2010-11.pdf
[2011.03.31 20:51:27 | 000,103,086 | ---- | M] () -- C:\Users\Robert\Video call snapshot 164.png
[2011.03.31 12:25:22 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.31 12:25:22 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.31 12:25:22 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.31 12:25:22 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.31 12:25:22 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.30 21:37:21 | 000,001,456 | ---- | M] () -- C:\Users\Robert\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.03.30 21:01:57 | 000,053,760 | ---- | M] () -- C:\Windows\SysNative\WcnEbpPeerProxy.dll
[2011.03.30 10:51:49 | 000,001,098 | ---- | M] () -- C:\Users\Robert\Desktop\TIPP10.lnk
[2011.03.24 03:05:53 | 005,345,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.03.24 02:32:12 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011.03.23 00:55:13 | 000,001,957 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
[2011.03.20 22:46:03 | 000,027,852 | ---- | M] () -- C:\Users\Robert\Documents\12172480_Anna Mai 05 -09.pdf
[2011.03.16 14:34:35 | 000,001,433 | ---- | M] () -- C:\Users\Robert\Desktop\flightControl.lnk
[2011.03.15 16:59:04 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.03.15 16:59:04 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.03.15 16:59:04 | 000,133,632 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.03.15 16:59:04 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.03.08 15:57:24 | 000,090,519 | ---- | M] () -- C:\test.xml
[2011.03.07 21:36:48 | 000,336,219 | ---- | M] () -- C:\Users\Robert\Deppengalerie.pdf
[2011.03.06 22:39:33 | 000,001,373 | ---- | M] () -- C:\Users\Robert\Desktop\Kurse.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.04 16:32:46 | 000,038,388 | ---- | C] () -- C:\Users\Robert\cc_20110404_163244.reg
[2011.04.04 16:21:03 | 000,019,002 | ---- | C] () -- C:\Users\Robert\cc_20110404_162059.reg
[2011.04.04 16:11:24 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.04 00:42:30 | 000,002,283 | ---- | C] () -- C:\Users\Robert\Desktop\Google Chrome.lnk
[2011.04.04 00:41:11 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2037049737-1123142766-1239106862-1000UA.job
[2011.04.04 00:41:10 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2037049737-1123142766-1239106862-1000Core.job
[2011.04.03 23:27:18 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft HiJackFree.lnk
[2011.04.03 20:54:46 | 000,007,627 | ---- | C] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2011.04.03 11:24:49 | 000,411,008 | ---- | C] () -- C:\Users\Robert\Video call snapshot 170.png
[2011.04.02 23:55:24 | 000,127,566 | ---- | C] () -- C:\Users\Robert\Video call snapshot 169.png
[2011.04.02 23:54:46 | 000,117,715 | ---- | C] () -- C:\Users\Robert\Video call snapshot 168.png
[2011.04.01 19:10:01 | 000,013,190 | ---- | C] () -- C:\Users\Robert\Hazy-Kurse+WS+2010-11_3.pdf
[2011.04.01 19:08:36 | 000,013,162 | ---- | C] () -- C:\Users\Robert\Hazy-Kurse+WS+2010-11_2.pdf
[2011.04.01 18:52:01 | 000,009,030 | ---- | C] () -- C:\Users\Robert\Hazy-Kurse+WS+2010-11.pdf
[2011.03.31 20:51:17 | 000,103,086 | ---- | C] () -- C:\Users\Robert\Video call snapshot 164.png
[2011.03.30 21:16:33 | 000,001,456 | ---- | C] () -- C:\Users\Robert\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.03.30 21:01:57 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\WcnEbpPeerProxy.dll
[2011.03.30 10:51:49 | 000,001,098 | ---- | C] () -- C:\Users\Robert\Desktop\TIPP10.lnk
[2011.03.23 18:03:53 | 000,002,675 | ---- | C] () -- C:\Windows\uninstall_canary_islands.ini
[2011.03.23 00:55:13 | 000,001,957 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
[2011.03.20 22:46:02 | 000,027,852 | ---- | C] () -- C:\Users\Robert\Documents\12172480_Anna Mai 05 -09.pdf
[2011.03.18 20:06:54 | 000,374,559 | ---- | C] () -- C:\Users\Robert\Documents\STEELTRAIN.JPG
[2011.03.18 20:06:54 | 000,073,224 | ---- | C] () -- C:\Users\Robert\Documents\SBB.JPG
[2011.03.15 22:30:14 | 000,001,433 | ---- | C] () -- C:\Users\Robert\Desktop\flightControl.lnk
[2011.03.07 21:36:31 | 000,336,219 | ---- | C] () -- C:\Users\Robert\Deppengalerie.pdf
[2011.03.06 17:37:13 | 000,001,373 | ---- | C] () -- C:\Users\Robert\Desktop\Kurse.lnk
[2011.01.21 22:59:39 | 000,016,622 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2011.01.19 22:45:44 | 000,000,235 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\devices.xml
[2011.01.19 22:45:44 | 000,000,012 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\settings.xml
[2011.01.11 01:33:06 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.07 21:19:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.12 19:30:23 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.10.12 19:30:22 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.10.12 19:30:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.10.12 19:30:21 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.10.12 19:30:20 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.10.12 19:30:13 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2010.10.12 19:30:13 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2010.10.12 19:27:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.11.07 05:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2004.10.28 17:38:10 | 000,315,728 | ---- | C] () -- C:\Windows\SysWow64\flt1chk3.dll
[2003.04.06 06:33:26 | 000,020,470 | ---- | C] () -- C:\Windows\hpoins01.dat
 
========== LOP Check ==========
 
[2011.02.10 01:50:03 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Audacity
[2011.04.03 15:25:56 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Auslogics
[2011.04.04 16:13:45 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BitTorrent
[2011.01.19 18:54:37 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.01.13 23:18:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\FileZilla
[2011.03.10 22:59:58 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Gutscheinmieze
[2011.03.02 14:33:48 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Obsidium
[2011.01.15 15:40:14 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PACE Anti-Piracy
[2011.01.18 19:43:59 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Proxima Software
[2011.01.12 15:40:37 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\SoftGrid Client
[2011.01.18 20:16:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.01.07 17:31:05 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Thunderbird
[2011.03.30 10:56:22 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\TIPP10
[2011.01.11 01:34:16 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\TP
[2011.03.16 13:12:53 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1240 bytes -> C:\Users\Robert\AppData\Local\aFMQ50PBQUjZy:lBRlHZpy6dJGtlfLLrsn
@Alternate Data Stream - 1211 bytes -> C:\Users\Robert\AppData\Local\Temp:qOu9ClHTUmzLqFZFdrT8nbD

< End of report >
--- --- ---
__________________
 

Themen zu Firefox extrem langsam - Malware Befall vermutet
antivir, antivir guard, antivirus, avira, bho, browser, desktop, firefox, frage, google, internet, internet explorer, langsam, malware, mozilla, mozilla thunderbird, netzwerk, notification, plug-in, problem, registry, rootkit, rundll, scan, security, sehr langsam, software, super, syswow64, usb, wlan


« Auswertung OTL | Trojaner? Yahoo versendet Spam-Mails »


Ähnliche Themen: Firefox extrem langsam - Malware Befall vermutet


  1. Mozilla Firefox extrem langsam
    Log-Analyse und Auswertung - 06.06.2015 (3)
  2. Viel Werbung Firefox Pc extrem langsam geworden...
    Log-Analyse und Auswertung - 06.10.2014 (3)
  3. Windows 7, PC extrem langsam, 50% Leerlaufauslastung, Verdacht auf Malware / Virus
    Plagegeister aller Art und deren Bekämpfung - 26.02.2014 (45)
  4. Windows XP: Extrem langsam, Verdacht auf Befall
    Log-Analyse und Auswertung - 14.02.2014 (13)
  5. Mozilla Firefox 26.00 extrem langsam
    Log-Analyse und Auswertung - 26.12.2013 (1)
  6. Firefox extrem langsam
    Log-Analyse und Auswertung - 15.12.2013 (19)
  7. Mein Firefox ist extrem langsam. Grund flashplyer?
    Plagegeister aller Art und deren Bekämpfung - 05.12.2013 (9)
  8. Malware?- PC extrem langsam-Kein Sound
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (10)
  9. Rechner ist extrem langsam nach Befall mit Trojan.Win32.Jorik.Androm.pfm
    Log-Analyse und Auswertung - 21.05.2013 (5)
  10. Firefox bereitet Probleme, Malware vermutet
    Log-Analyse und Auswertung - 09.07.2012 (9)
  11. Laptop extrem langsam - Malware oder einfach altersschwäche?
    Log-Analyse und Auswertung - 11.04.2012 (7)
  12. Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen
    Log-Analyse und Auswertung - 15.11.2011 (20)
  13. PC extrem langsam und laut und anscheinend böse malware
    Log-Analyse und Auswertung - 26.04.2011 (1)
  14. Rechner extrem langsam G-Data findet: Win32:Malware-gen - was tun?
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (20)
  15. Browser (Firefox,Chrome,...) extrem langsam. Virus, Malware, etc.?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (10)
  16. Häufige Abstürze von Firefox und PC extrem langsam -
    Log-Analyse und Auswertung - 21.06.2010 (2)
  17. Rechner extrem langsam, Viren vermutet
    Log-Analyse und Auswertung - 11.03.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox extrem langsam - Malware Befall vermutet - Danke für die Info. Zuerst die Augen aufmachen und lesen Alo erster Teil vom OTL:OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 04.04.2011 22:56:54 - Run 3 - Firefox extrem langsam - Malware Befall vermutet...
Archiv
Du betrachtest: Firefox extrem langsam - Malware Befall vermutet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131