Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.11.2011, 13:34   #1
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Hallo!

Habe vor ca. 6 Monaten den Pc neu aufgesetzt.
Er wird von ca. 3 Leuten verwendet, daher weiß ich nicht immer, was alles gemacht wird. Habe allerdings alle "störenden" Programme gelöscht und den Avira/Adaware Scanner laufen lassen, diese haben nichts gefunden.
Leider ist der Pc inzwischen extrem langsam geworden, könnte sein dass sich inzwischen diverse Störenfriede eingenistet haben!

Die StepbyStep-Anleitung habe ich befolgt, das einzige was abwich war bei DEFOGGER, hier wurde nach dem FINISHED-OK Click keine Neustartaufforderung angezeigt, daher habe ich ohne Neustart weiter gemacht.
Das DEFOGGER DISABLE-REENABLE Fenster wird immer noch angezeigt, soll ich das jetzt beenden oder warten bis hier jemand geholfen hat?!

Gruss und Danke!

OTL:
OTL logfile created on: 07.11.2011 11:44:40 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Suzie\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1023,55 Mb Total Physical Memory | 164,83 Mb Available Physical Memory | 16,10% Memory free
2,00 Gb Paging File | 0,98 Gb Available in Paging File | 49,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 31,52 Gb Free Space | 64,69% Space Free | Partition Type: NTFS
Drive E: | 100,22 Gb Total Space | 53,93 Gb Free Space | 53,81% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1187,17 Gb Free Space | 63,72% Space Free | Partition Type: NTFS
Drive L: | 100,00 Mb Total Space | 71,66 Mb Free Space | 71,67% Space Free | Partition Type: NTFS

Computer Name: SUZIE-PC | User Name: Suzie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.07 11:43:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Suzie\Downloads\OTL.exe
PRC - [2011.11.07 11:30:38 | 000,050,477 | ---- | M] () -- C:\Users\Suzie\Downloads\Defogger.exe
PRC - [2011.11.05 16:40:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- E:\#APZ\Firefox\firefox.exe
PRC - [2011.11.05 16:40:06 | 000,016,856 | ---- | M] (Mozilla Corporation) -- E:\#APZ\Firefox\plugin-container.exe
PRC - [2011.11.03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011.11.03 12:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.09.29 19:23:49 | 000,399,512 | ---- | M] (Mozilla Messaging) -- E:\#APZ\Thunderbird\thunderbird.exe
PRC - [2011.07.21 11:08:02 | 000,269,480 | ---- | M] (Avira GmbH) -- E:\#APZ\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.04.21 06:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- E:\#APZ\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- E:\#APZ\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.13 14:02:34 | 001,808,784 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.04.14 07:43:42 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
PRC - [2006.10.27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- E:\#APZ\Office\Office12\GrooveMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.07 11:30:38 | 000,050,477 | ---- | M] () -- C:\Users\Suzie\Downloads\Defogger.exe
MOD - [2011.11.05 16:40:08 | 001,833,944 | ---- | M] () -- E:\#APZ\Firefox\mozjs.dll
MOD - [2011.09.29 19:23:49 | 001,833,112 | ---- | M] () -- E:\#APZ\Thunderbird\mozjs.dll
MOD - [2011.09.29 19:23:49 | 000,161,944 | ---- | M] () -- E:\#APZ\Thunderbird\nsldap32v60.dll
MOD - [2011.09.29 19:23:49 | 000,021,656 | ---- | M] () -- E:\#APZ\Thunderbird\nsldappr32v60.dll
MOD - [2011.07.25 21:14:16 | 000,056,832 | ---- | M] () -- C:\Users\Suzie\AppData\Roaming\Thunderbird\Profiles\1nyvjnm6.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2011.06.15 14:00:51 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.11.03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Disabled | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.07.21 11:08:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\#APZ\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\#APZ\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.15 07:18:38 | 000,055,920 | ---- | M] () [Disabled | Stopped] -- C:\Programme\VIA\RAID\vialogsv.exe -- (VRAID Log Service)
SRV - [2010.12.27 17:12:55 | 000,435,008 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- E:\#APZ\TuneUP2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.30 16:12:34 | 001,051,968 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- E:\#APZ\TuneUP2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.09.30 16:09:20 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.09 11:26:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.04 10:14:34 | 000,087,344 | ---- | M] (AVM Berlin) [Disabled | Stopped] -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\#APZ\Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)


========== Driver Services (SafeList) ==========

DRV - [2011.11.03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011.11.03 12:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.07.21 11:11:12 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.21 11:11:11 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.07.22 12:37:29 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- E:\#APZ\TuneUP2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.29 13:06:46 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2009.09.28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.18 19:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008.04.29 17:40:56 | 000,210,472 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Si3114r5.sys -- (Si3114r5)
DRV - [2008.04.29 17:40:56 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2008.04.29 17:40:56 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil)
DRV - [2008.02.01 17:24:04 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- E:\#APZ\PowerDvd\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2005.01.31 10:13:22 | 000,163,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920)
DRV - [2005.01.31 10:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EF 6D EC BE BF A5 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {E404CB9E-A980-4465-83A6-D15F6BB7BC96}:1.9.1


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: E:\#APZ\Firefox\components [2011.11.05 16:40:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: E:\#APZ\Firefox\plugins [2011.11.05 19:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: E:\#APZ\Thunderbird\components [2011.11.05 20:36:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: E:\#APZ\Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{E404CB9E-A980-4465-83A6-D15F6BB7BC96}: C:\Users\Suzie\AppData\Local\{E404CB9E-A980-4465-83A6-D15F6BB7BC96} [2011.04.06 15:46:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: E:\#APZ\Firefox\components [2011.11.05 16:40:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: E:\#APZ\Firefox\plugins [2011.11.05 19:11:16 | 000,000,000 | ---D | M]

[2010.12.27 13:32:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suzie\AppData\Roaming\mozilla\Extensions
[2011.11.05 16:41:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suzie\AppData\Roaming\mozilla\Firefox\Profiles\xujtyozo.default\extensions

O1 HOSTS File: ([2011.05.12 12:43:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\#APZ\Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [GrooveMonitor] E:\#APZ\Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - E:\#APZ\Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\#APZ\Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\#APZ\Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\#APZ\Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{466B5820-DAC5-4458-8528-EFAADEBAA60F}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8B5D34C-74D6-4F90-8416-A1EF035CD5F0}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\#APZ\Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\#APZ\Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SiICfg.lnk - C:\Programme\Silicon Image\SiICfg\SiICfg.exe - (Silicon Image, Inc.)
MsConfig - StartUpFolder: C:^Users^Suzie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - E:\#APZ\Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: avgnt - hkey= - key= - E:\#APZ\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
MsConfig - StartUpReg: BDRegion - hkey= - key= - C:\Programme\Cyberlink\Shared Files\brs.exe (cyberlink)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - E:\#APZ\DTlite\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - E:\#APZ\Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - File not found
MsConfig - StartUpReg: PDVD8LanguageShortcut - hkey= - key= - E:\#APZ\PowerDvd\PowerDVD8\Language\Language.exe ()
MsConfig - StartUpReg: RemoteControl8 - hkey= - key= - E:\#APZ\PowerDvd\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SwitchBoard - hkey= - key= - C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: VIARaidUtl - hkey= - key= - C:\Programme\VIA\RAID\raid_tool.exe ()
MsConfig - StartUpReg: WinampAgent - hkey= - key= - E:\#APZ\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
MsConfig - State: "bootini" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.11.05 22:05:14 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011.11.05 22:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011.11.05 22:04:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.11.05 21:57:10 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Roaming\vlc
[2011.11.05 21:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.11.05 20:49:29 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Local\Downloaded Installations
[2011.11.05 20:48:52 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Roaming\Leadertech
[2011.11.05 20:37:04 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Local\Thunderbird
[2011.11.05 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Roaming\Thunderbird
[2011.11.05 20:00:18 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Roaming\Malwarebytes
[2011.11.05 19:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.05 19:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.11.05 19:18:16 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.11.05 19:14:46 | 000,000,000 | ---D | C] -- C:\Users\Suzie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.11.05 19:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011.11.05 19:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011.11.05 19:10:27 | 000,000,000 | ---D | C] -- C:\Users\Suzie\SystemRequirementsLab
[2011.11.05 19:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011.11.05 19:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011.11.05 19:03:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8

========== Files - Modified Within 30 Days ==========

[2011.11.07 11:31:18 | 000,000,000 | ---- | M] () -- C:\Users\Suzie\defogger_reenable
[2011.11.07 11:05:15 | 000,019,520 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.07 11:05:15 | 000,019,520 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.07 11:01:55 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.07 11:01:55 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.07 11:01:55 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.07 11:01:55 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.07 10:57:12 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.11.07 10:56:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.07 10:56:44 | 804,954,112 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.06 18:39:51 | 000,000,262 | ---- | M] () -- C:\Users\Suzie\AppData\Roaming\burnaware.ini
[2011.11.06 16:40:04 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.11.06 16:40:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.11.05 22:05:16 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.11.05 20:50:56 | 000,005,632 | ---- | M] () -- C:\Users\Suzie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.05 20:36:56 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.11.05 20:36:56 | 000,000,789 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
[2011.11.05 19:29:02 | 003,788,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.05 19:23:06 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.11.05 19:14:47 | 000,002,697 | ---- | M] () -- C:\Users\Suzie\Desktop\Microsoft Office Word 2007.lnk
[2011.11.05 19:14:46 | 000,002,703 | ---- | M] () -- C:\Users\Suzie\Desktop\Microsoft Office Excel 2007.lnk
[2011.11.05 16:46:25 | 000,007,597 | ---- | M] () -- C:\Users\Suzie\AppData\Local\Resmon.ResmonCfg
[2011.11.05 16:18:54 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011.11.05 16:18:54 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011.11.03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011.10.15 09:53:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.10.15 09:53:00 | 000,004,359 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

========== Files Created - No Company Name ==========

[2011.11.07 11:31:18 | 000,000,000 | ---- | C] () -- C:\Users\Suzie\defogger_reenable
[2011.11.07 10:57:12 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.11.05 22:05:16 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.11.05 20:36:56 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.11.05 20:36:56 | 000,000,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
[2011.11.05 19:23:06 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.11.05 19:14:47 | 000,002,697 | ---- | C] () -- C:\Users\Suzie\Desktop\Microsoft Office Word 2007.lnk
[2011.11.05 19:14:46 | 000,002,703 | ---- | C] () -- C:\Users\Suzie\Desktop\Microsoft Office Excel 2007.lnk
[2011.11.05 16:39:56 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.11.05 16:39:56 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.11.05 16:30:57 | 000,007,597 | ---- | C] () -- C:\Users\Suzie\AppData\Local\Resmon.ResmonCfg
[2011.10.09 10:06:50 | 002,334,764 | ---- | C] () -- C:\Users\Suzie\Desktop\The Hobbit - 0223 - J.R.R. Tolkien - Rob Inglis.mp3
[2011.05.12 12:37:03 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.05.12 12:37:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.05.12 12:37:03 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.05.12 12:37:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.05.12 12:37:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.05.01 18:37:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.01 18:37:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.04.06 15:46:12 | 000,000,120 | ---- | C] () -- C:\Users\Suzie\AppData\Local\Udinozolocemuva.dat
[2011.04.06 15:46:12 | 000,000,000 | ---- | C] () -- C:\Users\Suzie\AppData\Local\Wfadikujikapa.bin
[2010.12.27 20:20:27 | 000,380,928 | ---- | C] () -- C:\Users\Suzie\AppData\Roaming\places.sqlite
[2010.12.27 20:15:45 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.27 18:08:57 | 000,005,632 | ---- | C] () -- C:\Users\Suzie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.27 17:46:02 | 000,000,262 | ---- | C] () -- C:\Users\Suzie\AppData\Roaming\burnaware.ini
[2010.12.27 17:00:17 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.07.14 09:47:43 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 003,788,616 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.14 07:43:32 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[2005.01.31 10:13:22 | 000,163,328 | ---- | C] () -- C:\Windows\System32\drivers\LV532AV.SYS
[2005.01.31 08:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2010.12.27 18:40:22 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\DAEMON Tools Lite
[2011.11.05 20:48:52 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\Leadertech
[2011.08.20 20:54:39 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\OpenOffice.org
[2010.12.29 20:40:01 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.11.05 20:37:04 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\Thunderbird
[2010.12.27 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\TuneUp Software
[2010.12.27 17:58:16 | 000,000,000 | ---D | M] -- C:\Users\Suzie\AppData\Roaming\XMedia Recode
[2011.11.07 10:57:12 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011.11.05 19:46:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.05.12 12:45:48 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.11.06 11:23:54 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.12.27 12:52:49 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.06.02 16:14:24 | 000,000,000 | -HSD | M] -- C:\found.000
[2010.12.27 13:24:31 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.06 16:20:49 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.06 11:23:54 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.12.27 12:52:49 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.05.12 12:45:46 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.12.27 12:52:49 | 000,000,000 | ---D | M] -- C:\Recovery
[2011.05.12 11:34:17 | 000,000,000 | ---D | M] -- C:\rsit
[2011.11.07 11:47:40 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.12.27 12:55:23 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.05 21:55:32 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2010.03.09 11:29:29 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2010.03.09 11:26:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010.03.09 11:26:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2010.03.09 11:29:29 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\ERDNT\cache\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.03.09 11:29:29 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.03.09 11:29:29 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2010.03.09 11:29:29 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-26 19:23:16

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP282699C

< End of report >


EXTRAS:
OTL Extras logfile created on: 07.11.2011 11:44:41 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Suzie\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1023,55 Mb Total Physical Memory | 164,83 Mb Available Physical Memory | 16,10% Memory free
2,00 Gb Paging File | 0,98 Gb Available in Paging File | 49,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 31,52 Gb Free Space | 64,69% Space Free | Partition Type: NTFS
Drive E: | 100,22 Gb Total Space | 53,93 Gb Free Space | 53,81% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1187,17 Gb Free Space | 63,72% Space Free | Partition Type: NTFS
Drive L: | 100,00 Mb Total Space | 71,66 Mb Free Space | 71,67% Space Free | Partition Type: NTFS

Computer Name: SUZIE-PC | User Name: Suzie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\#APZ\Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "E:\#APZ\Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\#APZ\Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\#APZ\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\#APZ\PS\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\#APZ\Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\#APZ\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\#APZ\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\#APZ\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\#APZ\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu 1.51 for Office
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{35355EBA-4636-40B2-A995-FEB4CDBD92B3}" =
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91649626-E343-11D5-BCEF-005004748D87}" = SiICfg
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{986A654F-F1E4-11DD-9FCA-005056C00008}" = Paragon Partition Manager™ 10.0 Personal
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"BurnAware Free_is1" = BurnAware Free 3.1
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneDVD2" = CloneDVD2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX100 Series" = Druckerdeinstallation für EPSON SX100 Series
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"JDownloader" = JDownloader
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OpenAL" = OpenAL
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"XMedia Recode" = XMedia Recode 2.2.9.7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Winamp Detect" = Winamp Erkennungs-Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05.11.2011 11:23:47 | Computer Name = Suzie-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.11.9745,
Zeitstempel: 0x4bb7e538 Name des fehlerhaften Moduls: NVCPL.DLL_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4bb7e511 Ausnahmecode: 0xc0000005 Fehleroffset: 0x016b9a9d
ID
des fehlerhaften Prozesses: 0x480 Startzeit der fehlerhaften Anwendung: 0x01cc9bcedfbbc0b6
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe Pfad des fehlerhaften
Moduls: NVCPL.DLL Berichtskennung: 27398767-07c2-11e1-ab7b-0011d851696e

Error - 05.11.2011 11:34:23 | Computer Name = Suzie-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.11.9745,
Zeitstempel: 0x4bb7e538 Name des fehlerhaften Moduls: NVCPL.DLL_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4bb7e511 Ausnahmecode: 0xc0000005 Fehleroffset: 0x01439a9d
ID
des fehlerhaften Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01cc9bd05bb68876
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe Pfad des fehlerhaften
Moduls: NVCPL.DLL Berichtskennung: a2c92b7a-07c3-11e1-bc44-0011d851696e

Error - 05.11.2011 13:55:07 | Computer Name = Suzie-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.11.9745,
Zeitstempel: 0x4bb7e538 Name des fehlerhaften Moduls: NVCPL.DLL_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4bb7e511 Ausnahmecode: 0xc0000005 Fehleroffset: 0x014d9a9d
ID
des fehlerhaften Prozesses: 0x4b0 Startzeit der fehlerhaften Anwendung: 0x01cc9be4045b5066
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe Pfad des fehlerhaften
Moduls: NVCPL.DLL Berichtskennung: 4b6d0e89-07d7-11e1-9a18-0011d851696e

Error - 05.11.2011 13:59:13 | Computer Name = Suzie-PC | Source = VSS | ID = 8194
Description =

Error - 05.11.2011 14:05:29 | Computer Name = Suzie-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: nvcpl.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4bb7e511 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0d0e9a9d
ID
des fehlerhaften Prozesses: 0x570 Startzeit der fehlerhaften Anwendung: 0x01cc9be40525f848
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
nvcpl.dll Berichtskennung: be808e31-07d8-11e1-9a18-0011d851696e

Error - 05.11.2011 14:15:55 | Computer Name = Suzie-PC | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Word.

Error - 05.11.2011 14:16:16 | Computer Name = Suzie-PC | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Excel.

Error - 05.11.2011 16:58:22 | Computer Name = Suzie-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 05.11.2011 16:59:09 | Computer Name = Suzie-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 06.11.2011 13:39:50 | Computer Name = Suzie-PC | Source = Application Hang | ID = 1002
Description = Programm DataDisc.exe, Version 3.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f9c Startzeit:
01cc9ca954a0b869 Endzeit: 94 Anwendungspfad: E:\#APZ\BurnAware Free\DataDisc.exe Berichts-ID:
4c71255f-089e-11e1-bfa1-0011d851696e

[ OSession Events ]
Error - 02.06.2011 15:27:47 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 31
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03.06.2011 04:18:46 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03.06.2011 09:50:58 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03.06.2011 09:51:11 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03.06.2011 13:32:27 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 04.06.2011 05:25:33 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36
seconds with 0 seconds of active time. This session ended with a crash.

Error - 08.06.2011 06:53:07 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 08.06.2011 11:06:52 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 09.06.2011 04:06:02 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.06.2011 08:46:13 | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 61
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 22.06.2011 10:59:21 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 22.06.2011 11:26:35 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 25.06.2011 06:55:37 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 26.06.2011 06:52:37 | Computer Name = Suzie-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?06.?2011 um 20:42:15 unerwartet heruntergefahren.

Error - 26.06.2011 06:52:54 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 26.06.2011 09:57:07 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 27.06.2011 04:58:40 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 27.06.2011 17:35:33 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 28.06.2011 03:23:00 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 28.06.2011 15:58:13 | Computer Name = Suzie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom


< End of report >


GMER:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-11-07 13:21:12
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_SP1614N rev.TM100-30
Running: bdke9fll.exe; Driver: C:\Users\Suzie\AppData\Local\Temp\ugloypod.sys


---- System - GMER 1.0.15 ----

SSDT 89F89FE6 ZwCreateSection
SSDT 89F89FEB ZwSetContextThread
SSDT 89F89F87 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13D1 81A87349 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81AC0D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 81AC7EAC 4 Bytes [E6, 9F, F8, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 81AC824C 4 Bytes [EB, 9F, F8, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 166F 81AC8324 4 Bytes [87, 9F, F8, 89]
E:\#APZ\PowerDvd\PowerDVD8\000.fcl entry point in "" section [0x8CD31000]
.clc E:\#APZ\PowerDvd\PowerDVD8\000.fcl unknown last section [0x8CD32000, 0x1000, 0x00000000]

---- User code sections - GMER 1.0.15 ----

.text E:\#APZ\Firefox\firefox.exe[452] ntdll.dll!LdrLoadDll 77BE22B8 5 Bytes JMP 65D6FAE0 E:\#APZ\Firefox\xul.dll (Mozilla Foundation)
.text E:\#APZ\Thunderbird\thunderbird.exe[1720] ntdll.dll!LdrLoadDll 77BE22B8 5 Bytes JMP 013413BF E:\#APZ\Thunderbird\thunderbird.exe (Thunderbird/Mozilla Messaging)
.text E:\#APZ\Firefox\plugin-container.exe[2216] USER32.dll!GetWindowInfo 77164B5E 5 Bytes JMP 65EE89A7 E:\#APZ\Firefox\xul.dll (Mozilla Foundation)
.text E:\#APZ\Firefox\plugin-container.exe[2216] USER32.dll!TrackPopupMenu 77172228 5 Bytes JMP 65EE8F65 E:\#APZ\Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)

Device \Driver\ACPI_HAL \Device\00000048 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Alt 08.11.2011, 10:06   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________

Alt 08.11.2011, 13:36   #3
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



hier schonmal der Log von MALWAREBYTES, der ESET folgt heut abend:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8112

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

08.11.2011 11:53:01
mbam-log-2011-11-08 (11-53-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|L:\|)
Durchsuchte Objekte: 249359
Laufzeit: 53 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________

Alt 08.11.2011, 14:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.11.2011, 21:10   #5
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Hab hier nochn malwarelog vom 05.11. gefunden:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8092

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

05.11.2011 20:07:37
mbam-log-2011-11-05 (20-07-37).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 158441
Laufzeit: 6 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)




und HIER noch der ESET-LOG, hatte 2 MELDUNGEN gegeben:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2efa6c000e202e4893cba0704fbde7e6
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-08 02:32:12
# local_time=2011-11-08 03:32:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 15554510 15554510 0 0
# compatibility_mode=1797 16775165 100 94 233154 57282827 228310 0
# compatibility_mode=5893 16776574 100 94 13812844 72382155 0 0
# compatibility_mode=8192 67108863 100 0 3709 3709 0 0
# scanned=100406
# found=2
# cleaned=0
# scan_time=11767
C:\Qoobox\Quarantine\C\Users\Suzie\AppData\Roaming\6F2084F6980915880DE2E2EC2B151245\enemies-names.txt.vir Win32/Adware.AntimalwareDoctor.AE.Gen application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Users\Suzie\AppData\Roaming\6F2084F6980915880DE2E2EC2B151245\local.ini.vir Win32/Adware.AntimalwareDoctor.AE.Gen application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2efa6c000e202e4893cba0704fbde7e6
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-08 07:34:12
# local_time=2011-11-08 08:34:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=512 16777215 100 0 15567675 15567675 0 0
# compatibility_mode=1797 16775165 100 94 246319 57295992 241475 0
# compatibility_mode=5893 16776574 100 94 13826009 72395320 0 0
# compatibility_mode=8192 67108863 100 0 16874 16874 0 0
# scanned=100853
# found=2
# cleaned=0
# scan_time=16724
C:\Qoobox\Quarantine\C\Users\Suzie\AppData\Roaming\6F2084F6980915880DE2E2EC2B151245\enemies-names.txt.vir Win32/Adware.AntimalwareDoctor.AE.Gen application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Users\Suzie\AppData\Roaming\6F2084F6980915880DE2E2EC2B151245\local.ini.vir Win32/Adware.AntimalwareDoctor.AE.Gen application (unable to clean) 00000000000000000000000000000000 I


Alt 09.11.2011, 08:35   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Zitat:
[2011.05.12 12:45:46 | 000,000,000 | ---D | M] -- C:\Qoobox
Du hast den vor 6 Monaten neu aufgesetzt? Aber dann direkt danach schon Combofix ausgeführt? Wieso das?
__________________
--> Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen

Alt 09.11.2011, 09:40   #7
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Ich kanns dir nicht mehr genau sagen, glaube damals war schonmal sowas ähnliches und ein Kollege hatte das empfohlen...
Was könnte ich als nächstes tun?

Danke!

Alt 09.11.2011, 10:10   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
[2011.04.06 15:46:12 | 000,000,120 | ---- | C] () -- C:\Users\Suzie\AppData\Local\Udinozolocemuva.dat
[2011.04.06 15:46:12 | 000,000,000 | ---- | C] () -- C:\Users\Suzie\AppData\Local\Wfadikujikapa.bin
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:D282699C
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2011, 16:14   #9
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



hier der log, THX!!!:



All processes killed
========== OTL ==========
C:\Users\Suzie\AppData\Local\Udinozolocemuva.dat moved successfully.
C:\Users\Suzie\AppData\Local\Wfadikujikapa.bin moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
ADS C:\ProgramData\TEMP:9638A27E deleted successfully.
ADS C:\ProgramData\TEMP282699C deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Suzie
->Temp folder emptied: 198892000 bytes
->Temporary Internet Files folder emptied: 344858 bytes
->Java cache emptied: 1955545 bytes
->FireFox cache emptied: 161370503 bytes
->Flash cache emptied: 6214 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9070 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 346,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11092011_151155

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Alt 10.11.2011, 10:08   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.11.2011, 13:33   #11
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



So, das Kasperskytool ist fertig, hat nichts gefunden!
Die Unhide.exe musste ich nicht verwenden, wurde alles angezeigt.

hier der log:

13:28:57.0551 1340 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
13:28:57.0971 1340 ============================================================
13:28:57.0972 1340 Current date / time: 2011/11/10 13:28:57.0971
13:28:57.0972 1340 SystemInfo:
13:28:57.0972 1340
13:28:57.0972 1340 OS Version: 6.1.7601 ServicePack: 1.0
13:28:57.0972 1340 Product type: Workstation
13:28:57.0972 1340 ComputerName: SUZIE-PC
13:28:57.0972 1340 UserName: Suzie
13:28:57.0973 1340 Windows directory: C:\Windows
13:28:57.0973 1340 System windows directory: C:\Windows
13:28:57.0973 1340 Processor architecture: Intel x86
13:28:57.0973 1340 Number of processors: 1
13:28:57.0973 1340 Page size: 0x1000
13:28:57.0973 1340 Boot type: Normal boot
13:28:57.0973 1340 ============================================================
13:29:00.0145 1340 Initialize success
13:29:22.0469 2532 ============================================================
13:29:22.0469 2532 Scan started
13:29:22.0469 2532 Mode: Manual; SigCheck; TDLFS;
13:29:22.0469 2532 ============================================================
13:29:24.0027 2532 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:29:24.0359 2532 1394ohci - ok
13:29:24.0511 2532 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:29:24.0561 2532 ACPI - ok
13:29:24.0676 2532 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:29:24.0788 2532 AcpiPmi - ok
13:29:24.0951 2532 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:29:25.0054 2532 adp94xx - ok
13:29:25.0166 2532 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:29:25.0229 2532 adpahci - ok
13:29:25.0312 2532 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:29:25.0375 2532 adpu320 - ok
13:29:25.0525 2532 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:29:25.0625 2532 AFD - ok
13:29:25.0713 2532 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:29:25.0759 2532 agp440 - ok
13:29:25.0869 2532 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:29:25.0916 2532 aic78xx - ok
13:29:26.0228 2532 ALCXWDM (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS
13:29:26.0789 2532 ALCXWDM - ok
13:29:28.0972 2532 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:29:29.0162 2532 aliide - ok
13:29:30.0449 2532 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:29:30.0503 2532 amdagp - ok
13:29:30.0615 2532 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:29:30.0664 2532 amdide - ok
13:29:30.0773 2532 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:29:30.0846 2532 AmdK8 - ok
13:29:30.0924 2532 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:29:31.0011 2532 AmdPPM - ok
13:29:31.0103 2532 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:29:31.0166 2532 amdsata - ok
13:29:31.0255 2532 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:29:31.0313 2532 amdsbs - ok
13:29:31.0396 2532 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:29:31.0446 2532 amdxata - ok
13:29:31.0622 2532 AnyDVD (c6a45fee274fb31daf3de1e12d53a191) C:\Windows\system32\Drivers\AnyDVD.sys
13:29:31.0677 2532 AnyDVD - ok
13:29:31.0784 2532 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:29:32.0004 2532 AppID - ok
13:29:32.0142 2532 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:29:32.0194 2532 arc - ok
13:29:32.0274 2532 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:29:32.0345 2532 arcsas - ok
13:29:32.0434 2532 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:29:32.0640 2532 AsyncMac - ok
13:29:32.0722 2532 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:29:32.0742 2532 atapi - ok
13:29:32.0892 2532 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
13:29:32.0933 2532 avgntflt - ok
13:29:33.0027 2532 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
13:29:33.0089 2532 avipbb - ok
13:29:33.0207 2532 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:29:33.0343 2532 b06bdrv - ok
13:29:33.0431 2532 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:29:33.0504 2532 b57nd60x - ok
13:29:33.0617 2532 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:29:33.0709 2532 Beep - ok
13:29:33.0795 2532 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:29:33.0866 2532 blbdrive - ok
13:29:33.0952 2532 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:29:34.0021 2532 bowser - ok
13:29:34.0103 2532 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:29:34.0208 2532 BrFiltLo - ok
13:29:34.0291 2532 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:29:34.0349 2532 BrFiltUp - ok
13:29:34.0459 2532 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:29:34.0608 2532 Brserid - ok
13:29:34.0679 2532 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:29:34.0755 2532 BrSerWdm - ok
13:29:34.0821 2532 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:29:34.0881 2532 BrUsbMdm - ok
13:29:34.0957 2532 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:29:35.0010 2532 BrUsbSer - ok
13:29:35.0092 2532 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:29:35.0159 2532 BTHMODEM - ok
13:29:35.0261 2532 catchme - ok
13:29:35.0352 2532 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:29:35.0453 2532 cdfs - ok
13:29:35.0555 2532 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
13:29:35.0621 2532 cdrom - ok
13:29:35.0706 2532 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:29:35.0771 2532 circlass - ok
13:29:35.0858 2532 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:29:35.0892 2532 CLFS - ok
13:29:36.0061 2532 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:29:36.0112 2532 CmBatt - ok
13:29:36.0207 2532 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:29:36.0246 2532 cmdide - ok
13:29:36.0383 2532 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:29:36.0480 2532 CNG - ok
13:29:36.0564 2532 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:29:36.0600 2532 Compbatt - ok
13:29:36.0693 2532 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:29:36.0751 2532 CompositeBus - ok
13:29:36.0849 2532 cpuz130 - ok
13:29:36.0933 2532 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:29:36.0971 2532 crcdisk - ok
13:29:37.0121 2532 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:29:37.0208 2532 DfsC - ok
13:29:37.0285 2532 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:29:37.0366 2532 discache - ok
13:29:37.0472 2532 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:29:37.0521 2532 Disk - ok
13:29:37.0632 2532 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:29:37.0693 2532 drmkaud - ok
13:29:37.0833 2532 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:29:37.0968 2532 DXGKrnl - ok
13:29:38.0228 2532 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:29:38.0480 2532 ebdrv - ok
13:29:38.0622 2532 ElbyCDIO (309ac30471a0f1c3a89dee1c81230576) C:\Windows\system32\Drivers\ElbyCDIO.sys
13:29:38.0666 2532 ElbyCDIO - ok
13:29:38.0754 2532 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:29:38.0826 2532 elxstor - ok
13:29:38.0915 2532 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:29:38.0966 2532 ErrDev - ok
13:29:39.0080 2532 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:29:39.0190 2532 exfat - ok
13:29:39.0279 2532 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:29:39.0383 2532 fastfat - ok
13:29:39.0488 2532 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:29:39.0549 2532 fdc - ok
13:29:39.0649 2532 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:29:39.0698 2532 FileInfo - ok
13:29:39.0776 2532 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:29:39.0872 2532 Filetrace - ok
13:29:39.0957 2532 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:29:40.0011 2532 flpydisk - ok
13:29:40.0106 2532 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:29:40.0166 2532 FltMgr - ok
13:29:40.0285 2532 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:29:40.0328 2532 FsDepends - ok
13:29:40.0393 2532 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:29:40.0437 2532 Fs_Rec - ok
13:29:40.0553 2532 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:29:40.0593 2532 fvevol - ok
13:29:40.0687 2532 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:29:40.0747 2532 gagp30kx - ok
13:29:40.0823 2532 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:29:40.0900 2532 hcw85cir - ok
13:29:40.0999 2532 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:29:41.0076 2532 HDAudBus - ok
13:29:41.0161 2532 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:29:41.0223 2532 HidBatt - ok
13:29:41.0364 2532 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:29:41.0464 2532 HidBth - ok
13:29:41.0541 2532 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:29:41.0598 2532 HidIr - ok
13:29:41.0725 2532 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
13:29:41.0799 2532 HidUsb - ok
13:29:41.0943 2532 hotcore3 (8e0968b308040261c53b216e3ce7559a) C:\Windows\system32\DRIVERS\hotcore3.sys
13:29:41.0986 2532 hotcore3 - ok
13:29:42.0066 2532 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:29:42.0112 2532 HpSAMD - ok
13:29:42.0228 2532 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:29:42.0345 2532 HTTP - ok
13:29:42.0432 2532 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:29:42.0453 2532 hwpolicy - ok
13:29:42.0549 2532 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:29:42.0625 2532 i8042prt - ok
13:29:42.0724 2532 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:29:42.0802 2532 iaStorV - ok
13:29:42.0934 2532 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:29:42.0980 2532 iirsp - ok
13:29:43.0082 2532 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:29:43.0122 2532 intelide - ok
13:29:43.0218 2532 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:29:43.0291 2532 intelppm - ok
13:29:43.0393 2532 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:29:43.0497 2532 IpFilterDriver - ok
13:29:43.0595 2532 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:29:43.0661 2532 IPMIDRV - ok
13:29:43.0734 2532 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:29:43.0848 2532 IPNAT - ok
13:29:43.0940 2532 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:29:44.0021 2532 IRENUM - ok
13:29:44.0085 2532 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:29:44.0119 2532 isapnp - ok
13:29:44.0219 2532 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:29:44.0297 2532 iScsiPrt - ok
13:29:44.0396 2532 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:29:44.0451 2532 kbdclass - ok
13:29:44.0579 2532 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
13:29:44.0643 2532 kbdhid - ok
13:29:44.0735 2532 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:29:44.0785 2532 KSecDD - ok
13:29:44.0882 2532 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:29:44.0940 2532 KSecPkg - ok
13:29:45.0096 2532 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
13:29:45.0143 2532 Lavasoft Kernexplorer - ok
13:29:45.0212 2532 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
13:29:45.0269 2532 Lbd - ok
13:29:45.0388 2532 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:29:45.0499 2532 lltdio - ok
13:29:45.0621 2532 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:29:45.0671 2532 LSI_FC - ok
13:29:45.0752 2532 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:29:45.0800 2532 LSI_SAS - ok
13:29:45.0882 2532 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:29:45.0925 2532 LSI_SAS2 - ok
13:29:45.0994 2532 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:29:46.0046 2532 LSI_SCSI - ok
13:29:46.0127 2532 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:29:46.0227 2532 luafv - ok
13:29:46.0321 2532 LVUSBSta (a730fc8671a60666d6e877c544dd7cd4) C:\Windows\system32\drivers\lvusbsta.sys
13:29:46.0386 2532 LVUSBSta - ok
13:29:46.0478 2532 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:29:46.0520 2532 megasas - ok
13:29:46.0726 2532 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:29:46.0785 2532 MegaSR - ok
13:29:46.0901 2532 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:29:46.0991 2532 Modem - ok
13:29:47.0088 2532 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:29:47.0136 2532 monitor - ok
13:29:47.0233 2532 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
13:29:47.0281 2532 mouclass - ok
13:29:47.0383 2532 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:29:47.0435 2532 mouhid - ok
13:29:47.0545 2532 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:29:47.0571 2532 mountmgr - ok
13:29:47.0670 2532 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:29:47.0737 2532 mpio - ok
13:29:47.0815 2532 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:29:47.0916 2532 mpsdrv - ok
13:29:48.0019 2532 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:29:48.0142 2532 MRxDAV - ok
13:29:48.0241 2532 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:29:48.0327 2532 mrxsmb - ok
13:29:48.0428 2532 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:29:48.0537 2532 mrxsmb10 - ok
13:29:48.0766 2532 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:29:48.0952 2532 mrxsmb20 - ok
13:29:49.0058 2532 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:29:49.0096 2532 msahci - ok
13:29:49.0189 2532 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:29:49.0237 2532 msdsm - ok
13:29:49.0349 2532 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:29:49.0441 2532 Msfs - ok
13:29:49.0525 2532 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:29:49.0608 2532 mshidkmdf - ok
13:29:49.0697 2532 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:29:49.0738 2532 msisadrv - ok
13:29:49.0854 2532 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:29:49.0960 2532 MSKSSRV - ok
13:29:50.0051 2532 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:29:50.0149 2532 MSPCLOCK - ok
13:29:50.0239 2532 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:29:50.0326 2532 MSPQM - ok
13:29:50.0421 2532 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:29:50.0489 2532 MsRPC - ok
13:29:50.0580 2532 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:29:50.0606 2532 mssmbios - ok
13:29:50.0699 2532 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:29:50.0791 2532 MSTEE - ok
13:29:50.0873 2532 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:29:50.0918 2532 MTConfig - ok
13:29:51.0006 2532 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
13:29:51.0067 2532 MTsensor - ok
13:29:51.0145 2532 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:29:51.0194 2532 Mup - ok
13:29:51.0307 2532 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:29:51.0402 2532 NativeWifiP - ok
13:29:51.0555 2532 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:29:51.0652 2532 NDIS - ok
13:29:51.0712 2532 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:29:51.0815 2532 NdisCap - ok
13:29:51.0891 2532 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:29:51.0975 2532 NdisTapi - ok
13:29:52.0073 2532 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:29:52.0163 2532 Ndisuio - ok
13:29:52.0269 2532 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:29:52.0364 2532 NdisWan - ok
13:29:52.0464 2532 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:29:52.0568 2532 NDProxy - ok
13:29:52.0652 2532 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:29:52.0750 2532 NetBIOS - ok
13:29:52.0849 2532 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:29:52.0921 2532 NetBT - ok
13:29:53.0060 2532 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:29:53.0107 2532 nfrd960 - ok
13:29:53.0190 2532 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:29:53.0285 2532 Npfs - ok
13:29:53.0384 2532 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:29:53.0458 2532 nsiproxy - ok
13:29:53.0635 2532 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:29:53.0803 2532 Ntfs - ok
13:29:53.0887 2532 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:29:53.0977 2532 Null - ok
13:29:54.0141 2532 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
13:29:54.0233 2532 NVENETFD - ok
13:29:54.0863 2532 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:29:55.0733 2532 nvlddmkm - ok
13:29:55.0824 2532 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:29:55.0864 2532 nvraid - ok
13:29:55.0940 2532 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:29:55.0972 2532 nvstor - ok
13:29:56.0061 2532 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:29:56.0114 2532 nv_agp - ok
13:29:56.0226 2532 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:29:56.0284 2532 ohci1394 - ok
13:29:56.0442 2532 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:29:56.0502 2532 Parport - ok
13:29:56.0605 2532 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:29:56.0663 2532 partmgr - ok
13:29:56.0748 2532 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:29:56.0811 2532 Parvdm - ok
13:29:56.0911 2532 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:29:56.0972 2532 pci - ok
13:29:57.0061 2532 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:29:57.0100 2532 pciide - ok
13:29:57.0181 2532 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:29:57.0238 2532 pcmcia - ok
13:29:57.0328 2532 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:29:57.0375 2532 pcw - ok
13:29:57.0515 2532 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:29:57.0660 2532 PEAUTH - ok
13:29:57.0803 2532 PID_0920 (a937c4e37c0c1003ce5fca1e5e103fdc) C:\Windows\system32\DRIVERS\LV532AV.SYS
13:29:57.0860 2532 PID_0920 - ok
13:29:58.0011 2532 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\Windows\system32\DRIVERS\point32.sys
13:29:58.0052 2532 Point32 - ok
13:29:58.0164 2532 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:29:58.0264 2532 PptpMiniport - ok
13:29:58.0349 2532 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:29:58.0400 2532 Processor - ok
13:29:58.0513 2532 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:29:58.0602 2532 Psched - ok
13:29:58.0777 2532 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:29:59.0001 2532 ql2300 - ok
13:29:59.0083 2532 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:29:59.0144 2532 ql40xx - ok
13:29:59.0230 2532 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:29:59.0317 2532 QWAVEdrv - ok
13:29:59.0395 2532 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:29:59.0497 2532 RasAcd - ok
13:29:59.0593 2532 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:29:59.0686 2532 RasAgileVpn - ok
13:29:59.0781 2532 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:29:59.0876 2532 Rasl2tp - ok
13:29:59.0966 2532 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:30:00.0055 2532 RasPppoe - ok
13:30:00.0135 2532 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:30:00.0223 2532 RasSstp - ok
13:30:00.0335 2532 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:30:00.0451 2532 rdbss - ok
13:30:00.0530 2532 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:30:00.0591 2532 rdpbus - ok
13:30:00.0674 2532 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:30:00.0739 2532 RDPCDD - ok
13:30:00.0846 2532 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:30:00.0916 2532 RDPENCDD - ok
13:30:00.0988 2532 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:30:01.0044 2532 RDPREFMP - ok
13:30:01.0128 2532 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:30:01.0202 2532 RDPWD - ok
13:30:01.0318 2532 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:30:01.0389 2532 rdyboost - ok
13:30:01.0542 2532 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:30:01.0643 2532 rspndr - ok
13:30:01.0750 2532 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:30:01.0794 2532 sbp2port - ok
13:30:01.0894 2532 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:30:01.0979 2532 scfilter - ok
13:30:02.0096 2532 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:30:02.0183 2532 secdrv - ok
13:30:02.0293 2532 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:30:02.0349 2532 Serenum - ok
13:30:02.0435 2532 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:30:02.0491 2532 Serial - ok
13:30:02.0588 2532 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:30:02.0631 2532 sermouse - ok
13:30:02.0757 2532 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:30:02.0843 2532 sffdisk - ok
13:30:02.0922 2532 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:30:02.0989 2532 sffp_mmc - ok
13:30:03.0075 2532 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:30:03.0125 2532 sffp_sd - ok
13:30:03.0217 2532 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:30:03.0270 2532 sfloppy - ok
13:30:03.0404 2532 Si3114r5 (b8fb3ea0cf0aaca6b55e6ab8e1a9a918) C:\Windows\system32\DRIVERS\Si3114r5.sys
13:30:03.0436 2532 Si3114r5 - ok
13:30:03.0511 2532 SiFilter (cfdc1eb1e921311789c0080612fbfe01) C:\Windows\system32\DRIVERS\SiWinAcc.sys
13:30:03.0561 2532 SiFilter - ok
13:30:03.0639 2532 SiRemFil (a54a0d7892c01ff6e4bf47543930505f) C:\Windows\system32\DRIVERS\SiRemFil.sys
13:30:03.0679 2532 SiRemFil - ok
13:30:03.0773 2532 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:30:03.0808 2532 sisagp - ok
13:30:03.0900 2532 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:30:03.0944 2532 SiSRaid2 - ok
13:30:04.0026 2532 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:30:04.0074 2532 SiSRaid4 - ok
13:30:04.0167 2532 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:30:04.0253 2532 Smb - ok
13:30:04.0375 2532 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:30:04.0422 2532 spldr - ok
13:30:04.0568 2532 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:30:04.0695 2532 srv - ok
13:30:04.0798 2532 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:30:04.0904 2532 srv2 - ok
13:30:04.0993 2532 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:30:05.0062 2532 srvnet - ok
13:30:05.0167 2532 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
13:30:05.0207 2532 ssmdrv - ok
13:30:05.0303 2532 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:30:05.0341 2532 stexstor - ok
13:30:05.0449 2532 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:30:05.0487 2532 swenum - ok
13:30:05.0702 2532 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:30:05.0900 2532 Tcpip - ok
13:30:06.0050 2532 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:30:06.0112 2532 TCPIP6 - ok
13:30:06.0216 2532 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:30:06.0321 2532 tcpipreg - ok
13:30:06.0433 2532 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:30:06.0520 2532 TDPIPE - ok
13:30:06.0600 2532 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:30:06.0683 2532 TDTCP - ok
13:30:06.0791 2532 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:30:06.0891 2532 tdx - ok
13:30:06.0989 2532 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:30:07.0039 2532 TermDD - ok
13:30:07.0171 2532 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:30:07.0263 2532 tssecsrv - ok
13:30:07.0372 2532 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:30:07.0476 2532 TsUsbFlt - ok
13:30:07.0589 2532 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) E:\#APZ\TuneUP2010\TuneUpUtilitiesDriver32.sys
13:30:07.0634 2532 TuneUpUtilitiesDrv - ok
13:30:07.0769 2532 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:30:07.0867 2532 tunnel - ok
13:30:07.0946 2532 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:30:07.0979 2532 uagp35 - ok
13:30:08.0071 2532 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:30:08.0178 2532 udfs - ok
13:30:08.0314 2532 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:30:08.0348 2532 uliagpkx - ok
13:30:08.0426 2532 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:30:08.0489 2532 umbus - ok
13:30:08.0577 2532 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:30:08.0619 2532 UmPass - ok
13:30:08.0712 2532 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
13:30:08.0799 2532 usbccgp - ok
13:30:08.0897 2532 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:30:08.0957 2532 usbcir - ok
13:30:09.0030 2532 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:30:09.0089 2532 usbehci - ok
13:30:09.0194 2532 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:30:09.0282 2532 usbhub - ok
13:30:09.0370 2532 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
13:30:09.0423 2532 usbohci - ok
13:30:09.0533 2532 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:30:09.0592 2532 usbprint - ok
13:30:09.0680 2532 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
13:30:09.0748 2532 usbscan - ok
13:30:09.0831 2532 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:30:09.0897 2532 USBSTOR - ok
13:30:09.0979 2532 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
13:30:10.0036 2532 usbuhci - ok
13:30:10.0161 2532 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:30:10.0192 2532 vdrvroot - ok
13:30:10.0299 2532 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:30:10.0354 2532 vga - ok
13:30:10.0430 2532 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:30:10.0516 2532 VgaSave - ok
13:30:10.0623 2532 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:30:10.0677 2532 vhdmp - ok
13:30:10.0763 2532 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:30:10.0796 2532 viaagp - ok
13:30:10.0871 2532 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:30:10.0929 2532 ViaC7 - ok
13:30:11.0005 2532 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:30:11.0054 2532 viaide - ok
13:30:11.0126 2532 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:30:11.0175 2532 volmgr - ok
13:30:11.0275 2532 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:30:11.0321 2532 volmgrx - ok
13:30:11.0428 2532 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:30:11.0511 2532 volsnap - ok
13:30:11.0637 2532 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:30:11.0701 2532 vsmraid - ok
13:30:11.0780 2532 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
13:30:11.0828 2532 vwifibus - ok
13:30:11.0932 2532 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:30:11.0986 2532 WacomPen - ok
13:30:12.0099 2532 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:30:12.0188 2532 WANARP - ok
13:30:12.0215 2532 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:30:12.0274 2532 Wanarpv6 - ok
13:30:12.0402 2532 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:30:12.0449 2532 Wd - ok
13:30:12.0558 2532 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:30:12.0667 2532 Wdf01000 - ok
13:30:12.0827 2532 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:30:12.0897 2532 WfpLwf - ok
13:30:12.0984 2532 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:30:13.0020 2532 WIMMount - ok
13:30:13.0198 2532 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:30:13.0241 2532 WmiAcpi - ok
13:30:13.0369 2532 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:30:13.0458 2532 ws2ifsl - ok
13:30:13.0598 2532 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:30:13.0693 2532 WudfPf - ok
13:30:13.0804 2532 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:30:13.0878 2532 WUDFRd - ok
13:30:14.0034 2532 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
13:30:14.0126 2532 yukonw7 - ok
13:30:14.0232 2532 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} (5867ce254625645345c833510d24f124) E:\#APZ\PowerDvd\PowerDVD8\000.fcl
13:30:14.0261 2532 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
13:30:14.0292 2532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:30:14.0373 2532 \Device\Harddisk0\DR0 - ok
13:30:14.0387 2532 Boot (0x1200) (330fcafc604ec3dd3cfa5d727b19bda3) \Device\Harddisk0\DR0\Partition0
13:30:14.0389 2532 \Device\Harddisk0\DR0\Partition0 - ok
13:30:14.0414 2532 Boot (0x1200) (012d947a89cd2dfbc5abaaf82bd57fb0) \Device\Harddisk0\DR0\Partition1
13:30:14.0416 2532 \Device\Harddisk0\DR0\Partition1 - ok
13:30:14.0440 2532 Boot (0x1200) (60686b00c7fbcd8f8e3d6fa8a7f37e1e) \Device\Harddisk0\DR0\Partition2
13:30:14.0444 2532 \Device\Harddisk0\DR0\Partition2 - ok
13:30:14.0450 2532 ============================================================
13:30:14.0450 2532 Scan finished
13:30:14.0450 2532 ============================================================
13:30:14.0481 3072 Detected object count: 0
13:30:14.0481 3072 Actual detected object count: 0

Alt 10.11.2011, 16:08   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.11.2011, 19:51   #13
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Combofix meinte zwar das ich den Antivir Desktop usw schließen sollte, doch hatte ich nichts mehr offen. Hab es dann trotz Warnung ausgeführt, da ich nichts zum schließen gefunden habe^^

Hier der Log im Anhang! THX!!
Angehängte Dateien
Dateityp: zip CF.zip (128,2 KB, 36x aufgerufen)

Alt 10.11.2011, 21:47   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.11.2011, 23:36   #15
sdmmc
 
Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Standard

Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen



hier der gmerlog:

GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15641 - httpwww.gmer.net
Rootkit scan 2011-11-10 223731
Windows 6.1.7601 Service Pack 1 Harddisk0DR0 - DeviceIdeIdeDeviceP0T0L0-0 SAMSUNG_SP1614N rev.TM100-30
Running g3qpdqcw.exe; Driver CUsersSuzieAppDataLocalTempugloypod.sys


---- System - GMER 1.0.15 ----

SSDT            89DE2F66                                                        ZwCreateSection
SSDT            89DE2F6B                                                        ZwSetContextThread
SSDT            89DE2F07                                                        ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKey + 13D1                                   81A41349 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                          81A7AD52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11F7                             81A81EAC 4 Bytes  [66, 2F, DE, 89]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1597                             81A8224C 4 Bytes  [6B, 2F, DE, 89]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 166F                             81A82324 4 Bytes  [07, 2F, DE, 89]
                E#APZPowerDvdPowerDVD8000.fcl                              entry point in  section [0x8C99A000]
.clc            E#APZPowerDvdPowerDVD8000.fcl                              unknown last section [0x8C99B000, 0x1000, 0x00000000]
               CWindowssystem32DriversPROCEXP113.SYS                      Das System kann die angegebene Datei nicht finden. !
               CUsersSuzieAppDataLocalTempcatchme.sys                   Das System kann die angegebene Datei nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text           E#APZThunderbirdthunderbird.exe[1280] ntdll.dll!LdrLoadDll  773422B8 5 Bytes  JMP 001B142F E#APZThunderbirdthunderbird.exe (ThunderbirdMozilla Messaging)

---- Devices - GMER 1.0.15 ----

AttachedDevice  FileSystemNtfs Ntfs                                          SiWinAcc.sys (Windows Accelerator DriverSilicon Image, Inc.)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume12                         fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume12                         hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  Drivervolsnap DeviceHarddiskVolumeShadowCopy1               hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)

Device          DriverACPI_HAL Device00000048                               halmacpi.dll (Hardware Abstraction Layer DLLMicrosoft Corporation)

AttachedDevice  Drivervolmgr DeviceHarddiskVolume1                          fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume1                          hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume2                          fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume2                          hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume3                          fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume3                          hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume9                          fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume9                          hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume10                         fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume10                         hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume11                         fvevol.sys (BitLocker Drive Encryption DriverMicrosoft Corporation)
AttachedDevice  Drivervolmgr DeviceHarddiskVolume11                         hotcore3.sys (A part of Paragon System UtilitiesParagon Software Group)
AttachedDevice  FileSystemfastfat Fat                                        fltmgr.sys (Microsoft Dateisystem-Filter-ManagerMicrosoft Corporation)

---- EOF - GMER 1.0.15 ----
         
--- --- ---


hier der osamlog:

OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:55:47 on 10.11.2011

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 8.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"ALSNDMGR.CPL" - ? - C:\Windows\system32\ALSNDMGR.CPL  (File signed by Microsoft | File found, but it contains no detailed information)
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - E:\#APZ\Office\Office12\MLCFG32.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AnyDVD" (AnyDVD) - "SlySoft, Inc." - C:\Windows\System32\Drivers\AnyDVD.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Suzie\AppData\Local\Temp\catchme.sys  (File not found)
"cpuz130" (cpuz130) - ? - C:\Users\Suzie\AppData\Local\Temp\cpuz130\cpuz_x32.sys  (File not found)
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - C:\Windows\System32\Drivers\ElbyCDIO.sys
"hc3ServiceName" (hotcore3) - "Paragon Software Group" - C:\Windows\System32\DRIVERS\hotcore3.sys
"Lavasoft helper driver" (Lavasoft Kernexplorer) - ? - C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys  (File found, but it contains no detailed information)
"mbr" (mbr) - ? - C:\ComboFix\mbr.sys  (Hidden registry entry, rootkit activity | File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - E:\#APZ\TuneUP2010\TuneUpUtilitiesDriver32.sys
"ugloypod" (ugloypod) - ? - C:\Users\Suzie\AppData\Local\Temp\ugloypod.sys  (Hidden registry entry, rootkit activity | File not found)
"{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}" ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) - "Cyberlink Corp." - E:\#APZ\PowerDvd\PowerDVD8\000.fcl

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GRA32A~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - E:\#APZ\7-Zip\7-zip.dll
{653DCCC2-13DB-45B2-A389-427885776CFE} "Activities Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplact.dll
{124597D8-850A-41AE-849C-017A4FA99CA2} "Buttons Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{3BEABCC1-BF31-42df-88D9-A2955D6B8528} "IntelliPoint Sensitivity Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplsens.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - E:\#APZ\Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - E:\#APZ\Office\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - E:\#APZ\Office\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - E:\#APZ\Office\Office12\OLKFSTUB.DLL
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - E:\#APZ\Avira\AntiVir Desktop\shlext.dll
{C533AB49-9805-4972-8326-A084696B00F0} "Touch Mouse Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcpltouchmouse.dll
{1184D0ED-DBCE-4170-8DBB-4D0C3905DA85} "Touch Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcpltouch.dll
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - E:\#APZ\TuneUP2010\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - E:\#APZ\TuneUP2010\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} "Wheel Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll
{20082881-FC36-4E47-9A7A-644C95FF749F} "Wireless Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplwir.dll

[Internet Explorer]
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - E:\#APZ\Office\Office12\ONBttnIE.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - E:\#APZ\Office\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - E:\#APZ\Office\Office12\GR469A~1.DLL
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Suzie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Mozilla Thunderbird.lnk" - "Mozilla Messaging" - E:\#APZ\Thunderbird\thunderbird.exe  (Shortcut exists | File exists)
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"GrooveMonitor" - "Microsoft Corporation" - "E:\#APZ\Office\Office12\GrooveMonitor.exe"
"IntelliPoint" - "Microsoft Corporation" - "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"avm:" - "AVM Berlin GmbH" - C:\Windows\system32\avmprmon.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - E:\#APZ\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - E:\#APZ\Avira\AntiVir Desktop\sched.exe
"Lavasoft Ad-Aware Service" (Lavasoft Ad-Aware Service) - "Lavasoft Limited" - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - E:\#APZ\Office\Office12\GrooveAuditService.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru


und schließlich der aswmbrlog:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-10 23:01:15
-----------------------------
23:01:15.661 OS Version: Windows 6.1.7601 Service Pack 1
23:01:15.661 Number of processors: 1 586 0x1F00
23:01:15.663 ComputerName: SUZIE-PC UserName: Suzie
23:01:16.413 Initialize success
23:01:59.585 AVAST engine defs: 11111000
23:03:44.922 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:03:44.927 Disk 0 Vendor: SAMSUNG_SP1614N TM100-30 Size: 152627MB BusType: 3
23:03:47.000 Disk 0 MBR read successfully
23:03:47.006 Disk 0 MBR scan
23:03:47.142 Disk 0 Windows 7 default MBR code
23:03:47.185 Disk 0 scanning sectors +312578048
23:03:47.527 Disk 0 scanning C:\Windows\system32\drivers
23:04:29.951 Service scanning
23:04:31.782 Modules scanning
23:05:23.270 Disk 0 trace - called modules:
23:05:23.313 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
23:05:23.317 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x842541f0]
23:05:23.320 3 CLASSPNP.SYS[865a459e] -> nt!IofCallDriver -> [0x83abb918]
23:05:23.329 5 ACPI.sys[8601b3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x83a7d030]
23:05:23.726 AVAST engine scan C:\Windows
23:05:45.894 AVAST engine scan C:\Windows\system32
23:15:06.402 AVAST engine scan C:\Windows\system32\drivers
23:15:37.871 AVAST engine scan C:\Users\Suzie
23:18:26.180 Disk 0 MBR has been saved successfully to "C:\Users\Suzie\Downloads\MBR.dat"
23:18:26.190 The log file has been saved successfully to "C:\Users\Suzie\Downloads\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-10 23:01:15
-----------------------------
23:01:15.661 OS Version: Windows 6.1.7601 Service Pack 1
23:01:15.661 Number of processors: 1 586 0x1F00
23:01:15.663 ComputerName: SUZIE-PC UserName: Suzie
23:01:16.413 Initialize success
23:01:59.585 AVAST engine defs: 11111000
23:03:44.922 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:03:44.927 Disk 0 Vendor: SAMSUNG_SP1614N TM100-30 Size: 152627MB BusType: 3
23:03:47.000 Disk 0 MBR read successfully
23:03:47.006 Disk 0 MBR scan
23:03:47.142 Disk 0 Windows 7 default MBR code
23:03:47.185 Disk 0 scanning sectors +312578048
23:03:47.527 Disk 0 scanning C:\Windows\system32\drivers
23:04:29.951 Service scanning
23:04:31.782 Modules scanning
23:05:23.270 Disk 0 trace - called modules:
23:05:23.313 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
23:05:23.317 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x842541f0]
23:05:23.320 3 CLASSPNP.SYS[865a459e] -> nt!IofCallDriver -> [0x83abb918]
23:05:23.329 5 ACPI.sys[8601b3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x83a7d030]
23:05:23.726 AVAST engine scan C:\Windows
23:05:45.894 AVAST engine scan C:\Windows\system32
23:15:06.402 AVAST engine scan C:\Windows\system32\drivers
23:15:37.871 AVAST engine scan C:\Users\Suzie
23:18:26.180 Disk 0 MBR has been saved successfully to "C:\Users\Suzie\Downloads\MBR.dat"
23:18:26.190 The log file has been saved successfully to "C:\Users\Suzie\Downloads\aswMBR.txt"
23:21:01.442 AVAST engine scan C:\ProgramData
23:24:33.523 Scan finished successfully
23:32:09.907 Disk 0 MBR has been saved successfully to "C:\Users\Suzie\Downloads\MBR.dat"
23:32:09.922 The log file has been saved successfully to "C:\Users\Suzie\Downloads\aswMBR.txt"



THX!!

Antwort

Themen zu Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen
7-zip, ad-aware, alternate, antivir, autorun, bho, bluescreen, c:\windows\system32\rundll32.exe, defender, desktop, dsl, error, excel.exe, firefox, flash player, format, getwindowinfo, helper, home, intranet, jdownloader, langsam, locker, logfile, microsoft office word, mozilla, mozilla thunderbird, nodrives, ntdll.dll, nvlddmkm.sys, realtek, registry, rundll, scan, security, senden, software, windows



Ähnliche Themen: Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen


  1. Mozilla Firefox extrem langsam
    Log-Analyse und Auswertung - 06.06.2015 (3)
  2. Viel Werbung Firefox Pc extrem langsam geworden...
    Log-Analyse und Auswertung - 06.10.2014 (3)
  3. Mozilla Firefox 26.00 extrem langsam
    Log-Analyse und Auswertung - 26.12.2013 (1)
  4. Firefox extrem langsam
    Log-Analyse und Auswertung - 15.12.2013 (19)
  5. Mein Firefox ist extrem langsam. Grund flashplyer?
    Plagegeister aller Art und deren Bekämpfung - 05.12.2013 (9)
  6. PC + Internet ausgebremst bzw. sehr langsam.
    Plagegeister aller Art und deren Bekämpfung - 21.09.2013 (8)
  7. Laptop seit Tagen Extrem Langsam geworden IE , Firefox .
    Log-Analyse und Auswertung - 29.01.2013 (22)
  8. Nach Desk-Alarm Update: Windows & Firefox extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 02.11.2011 (35)
  9. Firefox öffnet neues Fenster, Verlinkungen auf falsche Webseiten, Bluescreen, PC-langsam
    Log-Analyse und Auswertung - 06.07.2011 (30)
  10. Firefox extrem langsam - Malware Befall vermutet
    Log-Analyse und Auswertung - 06.04.2011 (10)
  11. Internet seit Tagen extrem ausgebremst
    Log-Analyse und Auswertung - 09.01.2011 (41)
  12. Browser (Firefox,Chrome,...) extrem langsam. Virus, Malware, etc.?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (10)
  13. Häufige Abstürze von Firefox und PC extrem langsam -
    Log-Analyse und Auswertung - 21.06.2010 (2)
  14. Notebook bzw Firefox ist extrem langsam, bitte um Prüfung...
    Log-Analyse und Auswertung - 13.01.2010 (1)
  15. Rechner extrem ausgebremst
    Log-Analyse und Auswertung - 05.11.2008 (1)
  16. Laufendes Programm bei Rechnerstart, Firefox extrem langsam
    Log-Analyse und Auswertung - 23.05.2006 (7)
  17. Hilfe, PC+Internet extrem ausgebremst: bitte um Hijack-log-Auswertung!
    Log-Analyse und Auswertung - 27.11.2004 (1)

Zum Thema Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen - Hallo! Habe vor ca. 6 Monaten den Pc neu aufgesetzt. Er wird von ca. 3 Leuten verwendet, daher weiß ich nicht immer, was alles gemacht wird. Habe allerdings alle "störenden" - Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen...
Archiv
Du betrachtest: Pc extrem langsam, Firefox ausgebremst, ab und an Bluescreen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.