Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: starker Performanceverlust auf Laptop

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 08.05.2011, 21:25   #1
sundues
 
starker Performanceverlust auf Laptop - Standard

starker Performanceverlust auf Laptop



Hallo zusammen, auf dem Laptop meiner Freundin ist seit einiger Zeit ein starker Leistungsverlust festzustellen. Mein Verdacht waren gleich irgendwelche Backdoor-Aktivitaeten, deshalb gleich die Logs gefahren.

Hier zunaechst das Malware Log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6533

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

08/05/2011 20:34:41
mbam-log-2011-05-08 (20-34-41).txt

Scan type: Quick scan
Objects scanned: 176451
Time elapsed: 9 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (hxxp://www.helpmeopen.com/?n=app&ext=%s) Good: (hxxp://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\$RECYCLE.BIN\s-1-5-21-717181376-2373768855-204596754-1003\$RF0DISR.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\\AppData\Local\Temp\icreinstall\audioconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\\AppData\Local\Temp\5423483.uninstall\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\\AppData\Local\Temp\Low\9b88.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\\AppData\Local\Temp\Low\_EE5F.tmp (Spyware.Password) -> Quarantined and deleted successfully.



Ausserdem das OTL-Logfile:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08/05/2011 21:06:27 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sara\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.34 Gb Total Space | 147.32 Gb Free Space | 66.26% Space Free | Partition Type: NTFS
Drive D: | 10.55 Gb Total Space | 2.37 Gb Free Space | 22.44% Space Free | Partition Type: NTFS
 
Computer Name: | User Name: | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/05/08 20:22:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe
PRC - [2011/04/17 02:37:44 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2011/03/16 21:26:02 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011/01/11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/11/25 14:39:19 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 12:48:41 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/18 20:32:27 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/18 20:32:24 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/18 20:32:16 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/07/13 12:46:44 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/12/01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/12/01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/09/05 23:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/09/05 23:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/05/08 20:22:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/07/18 20:32:27 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010/07/18 20:32:24 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/12/01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/03/05 20:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/05/05 21:51:04 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/18 20:32:18 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/03 21:15:16 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/19 20:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/02/25 01:03:16 | 000,014,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/10/03 07:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/06/22 19:38:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/06/22 19:26:04 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2008/11/17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/03/04 04:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/08/29 01:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/08/09 06:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 21:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 20:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/11 20:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/07/10 16:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/28 17:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/06/19 03:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/18 14:03:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h==p://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h==p://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = h==p://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=90129103000000000000001de09d8a97&tlver=1.4.19.19&affID=17160
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h==p://www.bbc.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2
 
FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010/06/11 13:35:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/02/07 23:23:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/02/07 23:23:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/07 16:20:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011/03/02 23:30:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\\AppData\Roaming\Mozilla\Extensions
[2011/03/02 23:30:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/09 22:17:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/02 23:37:30 | 000,000,000 | ---D | M] (Lightning) -- C:\USERS\\APPDATA\ROAMING\THUNDERBIRD\PROFILES\RE4M10YS.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103}
[2011/04/18 23:44:15 | 000,002,423 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Search Protection] File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: magnetmail.net ([www] https in Trusted sites)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/16 18:14:26 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{2147cfa8-25d5-11df-8b18-001e3776b1e0}\Shell\AutoRun\command - "" = F:\t8s2x.exe
O33 - MountPoints2\{2147cfa8-25d5-11df-8b18-001e3776b1e0}\Shell\open\Command - "" = F:\t8s2x.exe
O33 - MountPoints2\{4ae789c3-b344-11df-bb3e-001e3776b1e0}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae789c3-b344-11df-bb3e-001e3776b1e0}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{4b125331-a7a8-11df-8a5b-9b69f60174de}\Shell - "" = AutoRun
O33 - MountPoints2\{4b125331-a7a8-11df-8a5b-9b69f60174de}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4b12533f-a7a8-11df-8a5b-9b69f60174de}\Shell - "" = AutoRun
O33 - MountPoints2\{4b12533f-a7a8-11df-8a5b-9b69f60174de}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d69f936a-a906-11df-8133-001f166adbaa}\Shell - "" = AutoRun
O33 - MountPoints2\{d69f936a-a906-11df-8133-001f166adbaa}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\m1eqos3.exe
O33 - MountPoints2\G\Shell\open\Command - "" = G:\m1eqos3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/08 20:40:29 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{D5A2CAA8-4F5D-49D3-8448-B45E1FF283A6}
[2011/05/08 20:22:02 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2011/05/06 20:28:26 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{0645C295-F91C-4721-B074-4F3E2D9A5F23}
[2011/05/05 18:44:05 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{1A1275EF-B485-405E-8DAE-19A39606ABF6}
[2011/05/03 19:44:53 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{45EE30A1-F453-4B2B-A420-DA7CE0FC7C58}
[2011/05/01 16:17:03 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{F9C8AE84-F6EC-4D7F-B7A9-F3CF1142CE54}
[2011/04/30 12:25:08 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{90E790DE-A3DF-4104-911F-675A43950F6D}
[2011/04/30 00:11:26 | 000,000,000 | ---D | C] -- C:\Users\\Desktop\koln zoo
[2011/04/29 19:01:23 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{F10A3E08-4177-41CE-BDEF-32D650EE86B7}
[2011/04/27 21:07:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/27 21:07:33 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/27 21:07:30 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/27 19:17:39 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{A1DAE9BE-38FD-416F-BDAC-8D975A83D44B}
[2011/04/26 19:39:58 | 000,000,000 | ---D | C] -- C:\Users\\Desktop\Easter Road Trip South Germany
[2011/04/26 19:25:59 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{06AF9CF3-C778-41F8-94C6-CA5F7CDDB72F}
[2011/04/26 19:25:37 | 000,000,000 | ---D | C] -- C:\Users\\Desktop\south germany
[2011/04/24 11:47:43 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{79660AAF-E875-40E1-8E1D-51876FB3D045}
[2011/04/23 20:38:20 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{655D863F-78EA-46F4-80BC-45AA84867989}
[2011/04/20 18:57:01 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{59B8D5EF-3170-4BB3-942C-FE59F1412F02}
[2011/04/19 20:49:26 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{DE3CCC0F-195B-4BCB-BADC-67F8DC33B33A}
[2011/04/18 23:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/04/18 22:56:35 | 000,000,000 | ---D | C] -- C:\Users\\Documents\LimeWire
[2011/04/18 22:33:22 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{50FE2AAD-A620-412D-BEC1-9BD06F752179}
[2011/04/17 02:38:28 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{B8AEECE9-A516-4FAF-B58D-B3CC591E0A81}
[2011/04/16 12:38:20 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{02DA1393-4D0C-4CA3-924E-BDBF13769A69}
[2011/04/15 18:41:29 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/15 18:41:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/15 18:41:20 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/15 18:41:20 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/15 18:41:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/15 18:41:19 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/15 18:41:19 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/15 18:41:19 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/15 18:41:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/15 18:41:19 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/15 18:41:19 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/15 18:41:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/15 18:41:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/15 18:41:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/15 18:41:19 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/15 18:41:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/15 18:41:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/15 18:41:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/15 18:41:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/15 18:41:14 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/15 18:41:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/15 18:41:11 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/15 18:41:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/15 18:40:49 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/15 18:40:48 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/12 19:46:12 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{66CF6B50-70DC-4D66-A64A-678D38E54F2F}
[2011/04/11 18:54:26 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Local\{9929CE14-21F1-442A-B354-BFE84D061B5E}
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/08 20:39:45 | 000,000,163 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/05/08 20:38:57 | 000,647,050 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/08 20:38:42 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/08 20:38:41 | 000,647,050 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/08 20:37:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 20:37:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 20:37:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/08 20:37:43 | 2145,771,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/08 20:36:32 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/08 20:22:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2011/05/08 20:18:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/08 20:10:19 | 075,755,545 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/05/05 21:51:04 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2011/04/30 00:15:07 | 000,655,904 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/30 00:15:07 | 000,126,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/26 23:39:04 | 000,135,680 | ---- | M] () -- C:\Users\\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/19 00:06:52 | 000,007,369 | ---- | M] () -- C:\Users\\Desktop\SharePodSettings.xml
[2011/04/17 01:54:13 | 000,383,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/14 00:01:51 | 000,007,808 | ---- | M] () -- C:\Users\\AppData\Local\d3d9caps.dat
[2011/04/09 18:23:16 | 000,000,468 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sara.job
 
========== Files Created - No Company Name ==========
 
[2010/04/15 22:39:38 | 000,647,050 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/04/15 22:39:38 | 000,647,050 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/04/15 19:14:12 | 000,009,134 | -HS- | C] () -- C:\Users\\AppData\Local\g0e65To
[2010/04/15 19:14:12 | 000,009,134 | -HS- | C] () -- C:\ProgramData\g0e65To
[2010/04/01 13:55:43 | 000,007,808 | ---- | C] () -- C:\Users\\AppData\Local\d3d9caps.dat
[2010/03/25 12:56:42 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2010/03/25 12:56:19 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe
[2010/02/26 00:57:50 | 000,130,806 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010/02/26 00:57:31 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010/02/19 03:01:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/02/18 23:45:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/02/18 23:45:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/02/16 19:32:16 | 000,135,680 | ---- | C] () -- C:\Users\\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/16 17:19:22 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/02/10 23:28:32 | 000,100,976 | ---- | C] () -- C:\Users\\AppData\Roaming\nvModes.001
[2010/02/10 23:02:06 | 000,100,976 | ---- | C] () -- C:\Users\\AppData\Roaming\nvModes.dat
[2010/02/05 23:39:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/03 17:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 17:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/02/04 20:34:21 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/12/16 18:54:08 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/09/05 22:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:37 | 000,383,520 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:33:01 | 000,655,904 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,126,194 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/11/14 23:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010/03/06 00:34:29 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\AVG9
[2010/04/24 02:11:33 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\BitZipper
[2011/03/04 12:00:28 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Canneverbe Limited
[2010/02/05 20:13:53 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\DigitalPersona
[2011/04/18 22:56:41 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\LimeWire
[2011/02/07 23:23:41 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Local
[2011/03/02 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Thunderbird
[2011/04/26 20:51:34 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Voipwise
[2011/05/08 20:36:33 | 000,032,600 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---




Ok, hoffe ich habe alles unkenntlich gemacht was ich machen sollte und kann hier auf eure Hilfe hoffen. Besten Dank im Vorraus!

Alt 09.05.2011, 15:47   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
starker Performanceverlust auf Laptop - Standard

starker Performanceverlust auf Laptop



Zitat:
Art des Suchlaufs: Quick-Scan
Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 12.05.2011, 12:39   #3
sundues
 
starker Performanceverlust auf Laptop - Standard

starker Performanceverlust auf Laptop



Hi Arne, hier der vollstaendige Suchlauf mit MAB:

12/05/2011 11:50:26
mbam-log-2011-05-12 (11-50-26).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 335407
Time elapsed: 1 hour(s), 29 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
__________________

Alt 12.05.2011, 14:20   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
starker Performanceverlust auf Laptop - Standard

starker Performanceverlust auf Laptop



Irgendwie fehlt da was am Anfang des Logs..
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.05.2011, 16:43   #5
sundues
 
starker Performanceverlust auf Laptop - Standard

starker Performanceverlust auf Laptop



Hi Arne, also mehr steht da beim besten Willen nicht in der txt Datei:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6533

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

12/05/2011 11:50:26
mbam-log-2011-05-12 (11-50-26).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 335407
Time elapsed: 1 hour(s), 29 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Alt 12.05.2011, 19:13   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
starker Performanceverlust auf Laptop - Standard

starker Performanceverlust auf Laptop



Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Database version: 6533
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
Aber sicher, das stand da vorher nicht. Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.
__________________
--> starker Performanceverlust auf Laptop

Antwort

Themen zu starker Performanceverlust auf Laptop
adobe, adware.agent, adware.hotbar, autorun, avg, defender, detected, firefox, helper, hijacker.application, hxxp://shell.windows.com/fileassoc/%04x/xml/redir.asp?ext=%s, icreinstall, infected, install.exe, launch, lightning, location, malware, microsoft, mozilla, mozilla thunderbird, nvlddmkm.sys, recycle.bin, searchplugins, security, security scan, software, spyware.password, trojan.downloader, vista



Ähnliche Themen: starker Performanceverlust auf Laptop


  1. Starker PC-Leistungsabfall
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (12)
  2. starker Virenverdacht, langsamer Rechner
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (9)
  3. Starker Verdacht auf Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 30.05.2014 (13)
  4. Starker Adwarebefall
    Plagegeister aller Art und deren Bekämpfung - 18.04.2014 (9)
  5. Starker Virenbefall auf Laptop, Vista 32 Bit Version
    Plagegeister aller Art und deren Bekämpfung - 05.04.2014 (23)
  6. Plötzlicher Performanceverlust einer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 04.10.2013 (13)
  7. Starker Virenbefall von Computer und Laptop, alles in Quarantäne und jetzt?
    Log-Analyse und Auswertung - 15.08.2013 (9)
  8. Starker Verdacht auf Virus/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (29)
  9. Win.32/Sirefef.0 - Starker Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 17.11.2011 (46)
  10. Starker W32/Murofet.A Befall auf dem Server
    Plagegeister aller Art und deren Bekämpfung - 01.06.2011 (4)
  11. Starker Leistungseinbruch nach Formatierung
    Log-Analyse und Auswertung - 11.09.2010 (2)
  12. Starker Verdacht auf Malware
    Plagegeister aller Art und deren Bekämpfung - 06.02.2010 (8)
  13. Chkdsk ausgehebelt, starker Wurmbefall etc.
    Plagegeister aller Art und deren Bekämpfung - 07.05.2009 (2)
  14. Starker Virenbefall - 38 Funde!!!
    Plagegeister aller Art und deren Bekämpfung - 19.09.2008 (7)
  15. Starker Schädlingsbefall!!
    Plagegeister aller Art und deren Bekämpfung - 17.05.2006 (6)
  16. Starker Verdacht auf Trojaner!!
    Log-Analyse und Auswertung - 31.03.2006 (3)
  17. hilfe starker xp befahl
    Log-Analyse und Auswertung - 26.04.2005 (3)

Zum Thema starker Performanceverlust auf Laptop - Hallo zusammen, auf dem Laptop meiner Freundin ist seit einiger Zeit ein starker Leistungsverlust festzustellen. Mein Verdacht waren gleich irgendwelche Backdoor-Aktivitaeten, deshalb gleich die Logs gefahren. Hier zunaechst das Malware - starker Performanceverlust auf Laptop...
Archiv
Du betrachtest: starker Performanceverlust auf Laptop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.