Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Laptop wirkt verlangsamt und allgemeiner Check

Windows 7: Laptop wirkt verlangsamt und allgemeiner Check


Log-Analyse und Auswertung: Windows 7: Laptop wirkt verlangsamt und allgemeiner Check

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.05.2015, 11:46   #7
karl-heinz00
 
Windows 7: Laptop wirkt verlangsamt und allgemeiner Check - Standard

Windows 7: Laptop wirkt verlangsamt und allgemeiner Check


adwCleaner

Code:
ATTFilter
# AdwCleaner v4.203 - Bericht erstellt 12/05/2015 um 12:42:08
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-12.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Kerstin - KERSTIN-PC
# Gestarted von : C:\Users\Kerstin\Desktop\AdwCleaner_4.203.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM

***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Google Chrome v42.0.2311.135

[C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
[C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Default_Search_Provider_Data] : 

*************************

AdwCleaner[R3].txt - [1408 Bytes] - [12/05/2015 12:42:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1467  Bytes] ##########
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Home Premium x64
Ran by Kerstin on 12.05.2015 at 12:49:04,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.05.2015 at 12:55:30,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Kerstin (administrator) on KERSTIN-PC on 12-05-2015 12:58:46
Running from C:\Users\Kerstin\Desktop
Loaded Profiles: Kerstin (Available profiles: Kerstin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296768 2010-11-12] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1029200 2010-12-31] (Dritek System Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3817438319-2950311145-3816183397-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3817438319-2950311145-3816183397-1001 -> {1C1FF02F-5E7F-4F8D-B314-9284B7F2C809} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20110509&p={SearchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-04] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-04] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-09-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-21]

Chrome: 
=======
CHR Profile: C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-11-18] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2010-11-12] (NTI Corporation)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [30208 2006-11-07] (AVM GmbH)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 12:55 - 2015-05-12 12:55 - 00000602 _____ () C:\Users\Kerstin\Desktop\JRT.txt
2015-05-12 12:49 - 2015-05-12 12:49 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-KERSTIN-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-12 12:49 - 2015-05-12 12:49 - 00000000 ____D () C:\RegBackup
2015-05-12 12:36 - 2015-05-12 12:42 - 00000000 ____D () C:\AdwCleaner
2015-05-12 12:35 - 2015-05-12 12:35 - 02720307 _____ (Thisisu) C:\Users\Kerstin\Desktop\JRT.exe
2015-05-12 12:33 - 2015-05-12 12:33 - 02204160 _____ () C:\Users\Kerstin\Desktop\AdwCleaner_4.203.exe
2015-05-12 11:36 - 2015-05-12 11:36 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kerstin\Downloads\revosetup95.exe
2015-05-12 11:36 - 2015-05-12 11:36 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kerstin\Downloads\revosetup95 (1).exe
2015-05-12 11:36 - 2015-05-12 11:36 - 00000748 _____ () C:\Users\Kerstin\Desktop\Revo Uninstaller.lnk
2015-05-11 22:34 - 2015-05-11 22:34 - 00275496 _____ () C:\Windows\Minidump\051115-21216-01.dmp
2015-05-11 21:47 - 2015-05-11 21:47 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kerstin\Desktop\mbar-1.09.1.1004.exe
2015-05-11 16:52 - 2015-05-11 16:52 - 00275496 _____ () C:\Windows\Minidump\051115-23883-01.dmp
2015-04-29 10:26 - 2015-04-29 10:27 - 00275496 _____ () C:\Windows\Minidump\042915-26832-01.dmp
2015-04-27 01:13 - 2015-04-27 01:13 - 00275496 _____ () C:\Windows\Minidump\042715-21403-01.dmp
2015-04-27 01:02 - 2015-04-27 01:02 - 00022531 _____ () C:\Users\Kerstin\Downloads\Tutorium_komplett_SS2015.zip
2015-04-20 17:35 - 2013-09-16 19:46 - 00000910 _____ () C:\Users\Kerstin\Desktop\Downloads.lnk
2015-04-20 17:28 - 2015-04-20 17:28 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-20 17:25 - 2015-04-20 17:33 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Avira
2015-04-20 17:25 - 2015-04-20 17:28 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-20 17:24 - 2015-05-05 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-20 17:23 - 2015-05-05 12:44 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-04-20 17:23 - 2015-05-05 12:44 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-04-20 17:23 - 2015-04-20 17:31 - 00000000 ____D () C:\ProgramData\Avira
2015-04-20 17:23 - 2015-04-20 17:28 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-20 17:23 - 2015-03-17 13:01 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-04-20 17:23 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-04-20 16:12 - 2015-04-20 16:12 - 00275552 _____ () C:\Windows\Minidump\042015-26925-01.dmp
2015-04-19 05:12 - 2015-04-19 05:13 - 00275496 _____ () C:\Windows\Minidump\041915-28314-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 12:58 - 2015-03-23 23:31 - 00011702 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2015-05-12 12:58 - 2013-12-24 23:48 - 00000000 ____D () C:\FRST
2015-05-12 12:57 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-12 12:57 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-12 12:49 - 2013-10-15 15:45 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-12 12:48 - 2011-02-01 15:56 - 00659238 _____ () C:\Windows\system32\perfh007.dat
2015-05-12 12:48 - 2011-02-01 15:56 - 00132776 _____ () C:\Windows\system32\perfc007.dat
2015-05-12 12:48 - 2009-07-14 07:13 - 01512418 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-12 12:43 - 2013-12-25 03:40 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-12 12:43 - 2013-10-15 15:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-12 12:43 - 2011-03-27 15:20 - 00000000 ____D () C:\ProgramData\clear.fi
2015-05-12 12:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 12:43 - 2009-07-14 06:51 - 00247010 _____ () C:\Windows\setupact.log
2015-05-12 12:20 - 2015-02-24 05:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 11:31 - 2011-02-01 07:05 - 00552530 _____ () C:\Windows\PFRO.log
2015-05-11 22:39 - 2015-03-23 23:29 - 02102784 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST64.exe
2015-05-11 22:35 - 2013-12-25 00:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-11 22:34 - 2011-05-09 19:45 - 382813359 _____ () C:\Windows\MEMORY.DMP
2015-05-11 22:34 - 2011-05-09 19:45 - 00000000 ____D () C:\Windows\Minidump
2015-05-11 22:34 - 2011-01-17 19:22 - 00000000 ____D () C:\Windows\oem
2015-05-11 22:21 - 2013-12-25 00:44 - 00000000 ____D () C:\Users\Kerstin\Desktop\mbar
2015-05-11 21:50 - 2014-07-01 14:33 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-11 21:48 - 2014-07-01 14:31 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-11 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-08 12:33 - 2014-10-07 12:34 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\FileAdvisor
2015-05-08 12:33 - 2014-09-21 12:33 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2015-05-07 22:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-29 12:37 - 2011-04-02 05:41 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Skype
2015-04-20 17:50 - 2011-01-17 19:18 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-20 17:50 - 2011-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-20 17:28 - 2011-02-01 07:08 - 01703796 _____ () C:\Windows\WindowsUpdate.log
2015-04-19 23:20 - 2015-02-24 05:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-19 23:20 - 2015-02-24 05:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-19 23:20 - 2011-06-28 13:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 01:19 - 2014-09-19 00:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 01:19 - 2011-04-02 05:39 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2011-10-30 22:36 - 2011-10-31 16:36 - 0000000 ____H () C:\Users\Kerstin\AppData\Roaming\windrvconfig.txt
2012-11-14 16:18 - 2012-11-14 16:18 - 0000337 _____ () C:\Users\Kerstin\AppData\Local\Perfmon.PerfmonCfg
2011-12-02 05:25 - 2013-10-15 16:13 - 0007602 _____ () C:\Users\Kerstin\AppData\Local\Resmon.ResmonCfg
2011-02-01 07:34 - 2011-02-01 07:43 - 0016243 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-02 05:42 - 2011-04-02 05:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\Users\Kerstin\CTX.DAT


Some content of TEMP:
====================
C:\Users\Kerstin\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Kerstin\AppData\Local\Temp\avgnt.exe
C:\Users\Kerstin\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Kerstin\AppData\Local\Temp\MSN2.exe
C:\Users\Kerstin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kerstin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kerstin\AppData\Local\Temp\sqlite3.dll
C:\Users\Kerstin\AppData\Local\Temp\TitanPSetupUninstall1387370074849_77bb75_de.exe
C:\Users\Kerstin\AppData\Local\Temp\TitanPSetupUninstall1387729963429_3f9979_de.exe
C:\Users\Kerstin\AppData\Local\Temp\TitanPSetupUninstall1388078529334_c44289_de.exe
C:\Users\Kerstin\AppData\Local\Temp\TitanPSetupUninstall1388143015269_e25c23_de.exe
C:\Users\Kerstin\AppData\Local\Temp\TitanPSetupUninstall1389741798020_e25c23_de.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 12:06

==================== End Of Log ============================
--- --- ---
Geändert von karl-heinz00 (12.05.2015 um 12:01 Uhr)

 

Themen zu Windows 7: Laptop wirkt verlangsamt und allgemeiner Check
adobe, branding, browser, combofix, defender, desktop, error, explorer, flash player, google, home, homepage, launch, mozilla, msiexec.exe, phishing, registry, rundll, scan, security, services.exe, siteadvisor, software, svchost.exe, system, temp, usb, windows


« Win 7; 6 verschiedene Trojaner | Windows 7 x64: Verknüpfung zu verstecktem Ordner auf USB-Stick »


Ähnliche Themen: Windows 7: Laptop wirkt verlangsamt und allgemeiner Check


  1. Windows 7: Internet fasst zum Stillstand verlangsamt
    Log-Analyse und Auswertung - 10.04.2015 (15)
  2. Windows 8.1 - Computer stark verlangsamt - Verdacht auf Virus
    Plagegeister aller Art und deren Bekämpfung - 03.04.2015 (19)
  3. Windows Defender plötzlich deaktiviert, Rechenleistung verlangsamt..
    Plagegeister aller Art und deren Bekämpfung - 19.12.2014 (21)
  4. Treiber verlangsamt Windows Start?
    Alles rund um Windows - 13.02.2014 (11)
  5. Keine Symptome; Allgemeiner Check
    Log-Analyse und Auswertung - 12.01.2014 (5)
  6. Windows 7 : Internet plötzlich extrem verlangsamt
    Log-Analyse und Auswertung - 17.12.2013 (19)
  7. Win7 - WUDFHost.exe und allgemeiner Check
    Log-Analyse und Auswertung - 03.09.2013 (11)
  8. Allgemeiner Check - Wie kann ich meinen PC optimieren?
    Alles rund um Windows - 03.08.2013 (5)
  9. Check-up für mein laptop
    Plagegeister aller Art und deren Bekämpfung - 30.05.2013 (12)
  10. TrueCrypt verlangsamt den PC trotz neuem Windows?
    Überwachung, Datenschutz und Spam - 24.05.2013 (9)
  11. Problem mit "Öffnen mit..." - Verlangsamt den ganzen Laptop
    Plagegeister aller Art und deren Bekämpfung - 08.02.2013 (0)
  12. PC gesperrt durch GVU, Kaspersky WindowsUnlocker wirkt nicht
    Plagegeister aller Art und deren Bekämpfung - 28.10.2012 (49)
  13. Trojaner: Check System und Spy Hunter auf Laptop
    Log-Analyse und Auswertung - 22.01.2012 (21)
  14. CD-Laufwerk öffnet ständig - Allgemeiner Check, bitte!
    Log-Analyse und Auswertung - 22.08.2009 (2)
  15. Pc wirkt langsamer zu werden
    Log-Analyse und Auswertung - 08.11.2008 (1)
  16. Virus (?) verlangsamt Laptop und behindert Google
    Plagegeister aller Art und deren Bekämpfung - 15.07.2008 (1)
  17. Laptop logfile check plz
    Mülltonne - 16.12.2007 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Laptop wirkt verlangsamt und allgemeiner Check - adwCleaner Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v4.203 - Bericht erstellt 12/05/2015 um 12:42:08 # Aktualisiert 30/04/2015 von Xplode # Datenbank : 2015-05-12.2 [Server] # Betriebssystem : Windows 7 - Windows 7: Laptop wirkt verlangsamt und allgemeiner Check...
Archiv
Du betrachtest: Windows 7: Laptop wirkt verlangsamt und allgemeiner Check auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132