Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.09.2012, 11:54   #1
ashuros
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Hallo Trojaner-Board.de,

das ist mein erster Post hier!

Problemschilderung:
Ich habe zu langsames Internet.
Davor lief es auch super, auf einmal wurde es sehr langsam. Meine Leitung läuft eigentlich mit 16.000b/s doch seitdem es langsamer ist, habe ich eine Schätzungsweise 3000-4000b/s Leitung. Dieses Problem besteht nur mit diesem Computer im Netzwerk, die anderen haben noch die volle Internetleistung. Hinzu kommt, das dieses Problem nur den Download betrifft! Uploadrate ist 16.000 entsprechend!



Eckdaten

Alle Namen wurden durch ein *** ersetzt.

Betriebsystem:
Windows 7 64bit v. 6.1 (Build 7601: SP 1)

System (DxDiag)
Code:
ATTFilter
------------------
System Information
------------------
Time of this report: 9/23/2012, 12:41:55
       Machine name: ***
   Operating System: Windows 7 Professional 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120503-2030)
           Language: German (Regional Setting: German)
System Manufacturer: System manufacturer
       System Model: System Product Name
               BIOS: BIOS Date: 06/12/10 10:25:48 Ver: 08.00.14
          Processor: AMD Athlon(tm) II X4 640 Processor (4 CPUs), ~3.0GHz
             Memory: 4096MB RAM
Available OS Memory: 4096MB RAM
          Page File: 2165MB used, 6023MB available
        Windows Dir: C:\Windows
    DirectX Version: DirectX 11
DX Setup Parameters: Not found
   User DPI Setting: Using System DPI
 System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
     DxDiag Version: 6.01.7601.17514 32bit Unicode
  DxDiag Previously: Crashed in DirectInput (stage 1). Re-running DxDiag with "dontskip" command line parameter or choosing not to bypass information gathering when prompted might result in DxDiag successfully obtaining this information

------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
      Display Tab 2: No problems found.
        Sound Tab 1: No problems found.
        Sound Tab 2: No problems found.
          Input Tab: 

--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)

---------------
Display Devices
---------------
          Card name: NVIDIA GeForce 9600 GT
       Manufacturer: NVIDIA
          Chip type: GeForce 9600 GT
           DAC type: Integrated RAMDAC
         Device Key: Enum\PCI\VEN_10DE&DEV_0622&SUBSYS_00000000&REV_A1
     Display Memory: 2287 MB
   Dedicated Memory: 495 MB
      Shared Memory: 1791 MB
       Current Mode: 1440 x 900 (32 bit) (60Hz)
       Monitor Name: PnP-Monitor (Standard)
      Monitor Model: Acer X193W
         Monitor Id: ACRADA9
        Native Mode: 1440 x 900(p) (59.887Hz)
        Output Type: HD15
        Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um
Driver File Version: 9.18.0013.0623 (English)
     Driver Version: 9.18.13.623
        DDI Version: 10
       Driver Model: WDDM 1.1
  Driver Attributes: Final Retail
   Driver Date/Size: 8/30/2012 21:14:00, 18229096 bytes
        WHQL Logo'd: Yes
    WHQL Date Stamp: 
  Device Identifier: {D7B71E3E-4562-11CF-DF61-0D201CC2C435}
          Vendor ID: 0x10DE
          Device ID: 0x0622
          SubSys ID: 0x00000000
        Revision ID: 0x00A1
 Driver Strong Name: oem24.inf:NVIDIA_SetA_Devices.NTamd64.6.1:Section008:9.18.13.623:pci\ven_10de&dev_0622
     Rank Of Driver: 00E00003
        Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C 
   Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
       D3D9 Overlay: Supported
            DXVA-HD: Supported
       DDraw Status: Enabled
         D3D Status: Enabled
         AGP Status: Enabled

          Card name: NVIDIA GeForce 9600 GT
       Manufacturer: NVIDIA
          Chip type: GeForce 9600 GT
           DAC type: Integrated RAMDAC
         Device Key: Enum\PCI\VEN_10DE&DEV_0622&SUBSYS_00000000&REV_A1
     Display Memory: 2287 MB
   Dedicated Memory: 495 MB
      Shared Memory: 1791 MB
       Current Mode: 1280 x 1024 (32 bit) (60Hz)
       Monitor Name: PnP-Monitor (Standard)
      Monitor Model: YM19GPX
         Monitor Id: FAC00C6
        Native Mode: 1280 x 1024(p) (60.020Hz)
        Output Type: HD15
        Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um
Driver File Version: 9.18.0013.0623 (English)
     Driver Version: 9.18.13.623
        DDI Version: 10
       Driver Model: WDDM 1.1
  Driver Attributes: Final Retail
   Driver Date/Size: 8/30/2012 21:14:00, 18229096 bytes
        WHQL Logo'd: Yes
    WHQL Date Stamp: 
  Device Identifier: {D7B71E3E-4562-11CF-DF61-0D201CC2C435}
          Vendor ID: 0x10DE
          Device ID: 0x0622
          SubSys ID: 0x00000000
        Revision ID: 0x00A1
 Driver Strong Name: oem24.inf:NVIDIA_SetA_Devices.NTamd64.6.1:Section008:9.18.13.623:pci\ven_10de&dev_0622
     Rank Of Driver: 00E00003
        Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C 
   Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
       D3D9 Overlay: Supported
            DXVA-HD: Supported
       DDraw Status: Enabled
         D3D Status: Enabled
         AGP Status: Enabled

-------------
Sound Devices
-------------
            Description: Lautsprecher (VIA High Definition Audio)
 Default Sound Playback: Yes
 Default Voice Playback: Yes
            Hardware ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043840C&REV_1000
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: viahduaa.sys
         Driver Version: 6.00.0001.8700 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 8/4/2010 22:17:14, 1342064 bytes
            Other Files: 
        Driver Provider: VIA Technologies, Inc.
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: HD Audio HDMI out (VIA High Definition Audio)
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043840C&REV_1000
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: viahduaa.sys
         Driver Version: 6.00.0001.8700 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 8/4/2010 22:17:14, 1342064 bytes
            Other Files: 
        Driver Provider: VIA Technologies, Inc.
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
            Description: Stereomix (VIA High Definition Audio)
  Default Sound Capture: Yes
  Default Voice Capture: Yes
            Driver Name: viahduaa.sys
         Driver Version: 6.00.0001.8700 (English)
      Driver Attributes: Final Retail
          Date and Size: 8/4/2010 22:17:14, 1342064 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

-------------------
DirectInput Devices
-------------------
Poll w/ Interrupt: No

-----------
USB Devices
-----------

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------

------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 200.1 GB
Total Space: 476.9 GB
File System: NTFS
      Model: WDC WD50 00AAJS-00YFA SCSI Disk Device

      Drive: D:
      Model: DTSOFT Virtual CdRom Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (German), , 0 bytes

      Drive: E:
      Model: HL-DT-ST DVD-RW_GSA-H41N ATA Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (German), , 0 bytes

--------------
System Devices
--------------
     Name: High Definition Audio-Controller
Device ID: PCI\VEN_10DE&DEV_03F0&SUBSYS_840C1043&REV_A2\3&267A616A&0&28
   Driver: n/a

     Name: PCI Standard-ISA-Brücke
Device ID: PCI\VEN_10DE&DEV_03E1&SUBSYS_83A41043&REV_A2\3&267A616A&0&08
   Driver: n/a

     Name: NVIDIA GeForce 9600 GT
Device ID: PCI\VEN_10DE&DEV_0622&SUBSYS_00000000&REV_A1\4&210A641E&0&0048
   Driver: n/a

     Name: NVIDIA nForce Networking Controller
Device ID: PCI\VEN_10DE&DEV_03EF&SUBSYS_83A41043&REV_A2\3&267A616A&0&38
   Driver: n/a

     Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_03F6&SUBSYS_83A41043&REV_A2\3&267A616A&0&41
   Driver: n/a

     Name: Standard-Zweikanal-PCI-IDE-Controller
Device ID: PCI\VEN_10DE&DEV_03EC&SUBSYS_83A41043&REV_A2\3&267A616A&0&30
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1204&SUBSYS_00000000&REV_00\3&267A616A&0&C4
   Driver: n/a

     Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_03F6&SUBSYS_83A41043&REV_A2\3&267A616A&0&40
   Driver: n/a

     Name: NVIDIA nForce PCI-Systemverwaltung
Device ID: PCI\VEN_10DE&DEV_03EB&SUBSYS_83A41043&REV_A2\3&267A616A&0&09
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1203&SUBSYS_00000000&REV_00\3&267A616A&0&C3
   Driver: n/a

     Name: PCI Standard-RAM-Controller
Device ID: PCI\VEN_10DE&DEV_03F5&SUBSYS_83A41043&REV_A2\3&267A616A&0&0A
   Driver: n/a

     Name: PCI Standard-PCI-zu-PCI-Brücke
Device ID: PCI\VEN_10DE&DEV_03E9&SUBSYS_000010DE&REV_A2\3&267A616A&0&60
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1202&SUBSYS_00000000&REV_00\3&267A616A&0&C2
   Driver: n/a

     Name: PCI Standard-PCI-zu-PCI-Brücke
Device ID: PCI\VEN_10DE&DEV_03F3&SUBSYS_83A41043&REV_A1\3&267A616A&0&20
   Driver: n/a

     Name: PCI Standard-PCI-zu-PCI-Brücke
Device ID: PCI\VEN_10DE&DEV_03E9&SUBSYS_000010DE&REV_A2\3&267A616A&0&58
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1201&SUBSYS_00000000&REV_00\3&267A616A&0&C1
   Driver: n/a

     Name: Standard PCI-zu-USB erweiterter Hostcontroller
Device ID: PCI\VEN_10DE&DEV_03F2&SUBSYS_83A41043&REV_A3\3&267A616A&0&11
   Driver: n/a

     Name: PCI Standard-PCI-zu-PCI-Brücke
Device ID: PCI\VEN_10DE&DEV_03E8&SUBSYS_000010DE&REV_A2\3&267A616A&0&48
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1200&SUBSYS_00000000&REV_00\3&267A616A&0&C0
   Driver: n/a

     Name: Standard OpenHCD USB-Hostcontroller
Device ID: PCI\VEN_10DE&DEV_03F1&SUBSYS_83A41043&REV_A3\3&267A616A&0&10
   Driver: n/a

     Name: PCI Standard-RAM-Controller
Device ID: PCI\VEN_10DE&DEV_03E2&SUBSYS_83A41043&REV_A1\3&267A616A&0&00
   Driver: n/a
         
OTL Quickscan
Code:
ATTFilter
OTL logfile created on: 23.09.2012 12:11:36 - Run 1
OTL by OldTimer - Version 3.2.66.0     Folder = C:\Users\***\Desktop\Trojaner-Board
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 55,49% Memory free
8,00 Gb Paging File | 6,14 Gb Available in Paging File | 76,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 195,43 Gb Free Space | 41,96% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.23 12:03:20 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\Trojaner-Board\OTL.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.31 20:51:01 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.08.21 11:58:32 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\***\AppData\Roaming\Spotify\spotify.exe
PRC - [2012.08.08 16:32:09 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.08.01 00:37:04 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.29 18:43:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.29 18:43:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.22 19:55:47 | 009,813,424 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2012.08.21 11:58:32 | 020,219,096 | ---- | M] () -- C:\Users\***\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.22 19:55:48 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.11 14:12:19 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.08.01 00:37:04 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 18:43:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.29 18:43:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.09.04 05:24:00 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009.08.10 16:01:06 | 000,206,880 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 16:01:04 | 000,626,208 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.01 20:13:42 | 000,041,704 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012.08.01 20:13:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012.05.29 18:43:44 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.29 18:43:44 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.21 23:22:17 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.04 22:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.07.01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.11.19 15:06:43 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic)
DRV:64bit: - [2009.11.19 15:06:43 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex)
DRV:64bit: - [2009.11.19 15:06:43 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5)
DRV:64bit: - [2009.11.19 15:06:41 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV:64bit: - [2009.11.19 15:06:40 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm)
DRV:64bit: - [2009.11.19 15:06:39 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV:64bit: - [2009.11.19 15:06:38 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus)
DRV:64bit: - [2009.07.30 11:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006.01.04 18:42:24 | 002,574,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 57 30 ED 20 78 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 210.107.100.251:8080
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.127.0
FF - prefs.js..extensions.enabledAddons: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.4.0.8
FF - prefs.js..extensions.enabledAddons: {a66191d8-898b-4a66-89be-d5b279477a54}:0.2.5
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.18
FF - prefs.js..keyword.URL: "hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:7317400059&cof=FORID:11&sa=Search&siteurl=search.linkury.com&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.07 19:45:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\***\AppData\Roaming\11004 [2012.04.01 17:26:33 | 000,000,000 | ---D | M]
 
[2012.01.04 05:01:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.03.22 01:03:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions
[2012.02.13 22:01:24 | 000,000,000 | ---D | M] (LoL Strategy Builds Community Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\{1d09b5e5-973b-47d3-b9da-5579bda6eb62}
[2012.01.08 05:48:40 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012.03.13 20:22:49 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.22 01:03:32 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.03.03 17:28:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.01.14 22:33:23 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\battlefieldheroespatcher@ea.com
[2012.01.04 05:29:30 | 000,000,000 | ---D | M] (Customizable Shortcuts) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dcm1xzvl.default\extensions\customizable-shortcuts@timtaubert.de
[2012.01.04 05:37:59 | 000,003,406 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dcm1xzvl.default\extensions\{a66191d8-898b-4a66-89be-d5b279477a54}.xpi
[2012.01.07 04:00:08 | 000,005,604 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dcm1xzvl.default\searchplugins\Linkury Smartbar Search.xml
[2012.04.29 14:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.28 22:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.04.17 22:03:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.110.0_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
 
O1 HOSTS File: ([2012.07.31 18:23:07 | 000,000,910 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 74.208.10.249 gs.apple.com
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKCU..\Run: [Spotify] C:\Users\***\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33FF9536-F465-4F38-AA18-82627B59835A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{58622dad-62b3-11e0-a209-20cf30ab4b24}\Shell - "" = AutoRun
O33 - MountPoints2\{58622dad-62b3-11e0-a209-20cf30ab4b24}\Shell\AutoRun\command - "" = E:\Launcher.exe
O33 - MountPoints2\{b654a8ec-1486-11e1-a4c6-20cf30ab4b24}\Shell - "" = AutoRun
O33 - MountPoints2\{b654a8ec-1486-11e1-a4c6-20cf30ab4b24}\Shell\AutoRun\command - "" = D:\Razor1911_Installer.exe
O33 - MountPoints2\{e0bd8809-e1f1-11e0-9e98-20cf30ab4b24}\Shell - "" = AutoRun
O33 - MountPoints2\{e0bd8809-e1f1-11e0-9e98-20cf30ab4b24}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trojaner-Board
[2012.09.22 21:51:28 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Projektkurs
[2012.09.22 20:15:36 | 000,000,000 | ---D | C] -- C:\temp
[2012.09.22 20:13:29 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.09.22 19:26:05 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.09.22 19:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.09.21 19:55:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.09.21 19:34:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.09.21 19:33:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.09.21 14:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2012.09.21 10:32:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2012.09.21 10:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.09.21 10:32:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.09.21 10:32:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.09.20 18:32:43 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Originals
[2012.09.11 00:06:10 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\RCT3
[2012.09.11 00:06:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Atari
[2012.09.10 23:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roller Coaster Tycoon 3 Platinum  - CarlesNeo !
[2012.09.10 23:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roller Coaster Tycoon 3 Platinum  - CarlesNeo !
[2012.09.02 23:47:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4
[2012.09.02 21:46:48 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner (4)
[2012.09.01 08:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.09.01 08:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.08.25 15:05:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner (3)
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\***\AppData\Roaming\*.tmp files -> C:\Users\***\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.23 12:14:18 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 12:14:18 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 12:12:36 | 001,644,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.23 12:12:36 | 000,707,918 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.23 12:12:36 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.23 12:12:36 | 000,153,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.23 12:12:36 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.23 12:06:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 12:06:24 | 3220,615,168 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 12:05:29 | 000,000,020 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.09.23 11:55:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.22 20:57:03 | 000,589,426 | ---- | M] () -- C:\Users\***\Desktop\IMG_0194.JPG
[2012.09.22 19:47:40 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.22 19:47:40 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.22 19:25:40 | 000,042,504 | ---- | M] () -- C:\Users\***\Documents\cc_20120922_192532.reg
[2012.09.22 03:18:37 | 005,331,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.09.21 19:40:32 | 000,007,631 | ---- | M] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.09.21 19:33:10 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
[2012.09.21 14:32:49 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.02 23:46:52 | 000,002,934 | ---- | M] () -- C:\Users\***\Desktop\geogebra.jnlp
[2012.08.30 21:14:00 | 000,016,366 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.30 10:40:14 | 000,429,416 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\***\AppData\Roaming\*.tmp files -> C:\Users\***\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.23 12:05:29 | 000,000,020 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.09.22 20:57:00 | 000,589,426 | ---- | C] () -- C:\Users\***\Desktop\IMG_0194.JPG
[2012.09.22 19:25:37 | 000,042,504 | ---- | C] () -- C:\Users\***\Documents\cc_20120922_192532.reg
[2012.09.21 19:33:10 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
[2012.09.21 14:32:49 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.09.02 23:46:52 | 000,002,934 | ---- | C] () -- C:\Users\***\Desktop\geogebra.jnlp
[2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.28 12:45:50 | 000,206,695 | ---- | C] () -- C:\ProgramData\1338201832.bdinstall.bin
[2012.04.05 16:36:10 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.04.05 16:36:09 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.04.05 16:36:09 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.03.29 14:02:35 | 000,245,084 | ---- | C] () -- C:\ProgramData\1333021867.bdinstall.bin
[2012.03.29 13:38:57 | 000,000,462 | ---- | C] () -- C:\ProgramData\1333021136.4956.bin
[2012.03.29 13:38:57 | 000,000,189 | ---- | C] () -- C:\ProgramData\1333021136.4984.bin
[2012.03.29 13:38:56 | 000,033,261 | ---- | C] () -- C:\ProgramData\1333021136.4988.bin
[2012.01.06 07:46:56 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\SQLite3.dll
[2011.12.29 01:53:30 | 000,000,102 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2011.12.11 23:11:02 | 000,000,088 | ---- | C] () -- C:\Users\***\AppData\Roaming\kpref
[2011.08.03 16:26:44 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.07 18:07:02 | 000,360,624 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.04.29 15:41:29 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2011.04.16 15:53:57 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011.03.31 19:42:32 | 000,041,974 | ---- | C] () -- C:\Users\***\AppData\Roaming\room.dat
[2011.03.31 18:38:32 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.12.28 03:44:51 | 001,621,372 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.13 22:01:53 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2010.11.07 18:23:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2010.11.06 02:16:45 | 000,147,456 | ---- | C] ( ) -- C:\Windows\rsnp2std.dll
[2010.11.06 02:16:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2010.11.01 18:54:20 | 000,007,631 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2010.11.01 16:54:42 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.11.01 16:54:42 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.10.30 19:13:35 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2010.10.30 19:13:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.30 13:00:04 | 000,030,572 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.10.30 12:59:24 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.10.30 12:59:17 | 000,023,006 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.04.13 21:01:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2012.04.01 17:26:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\11004
[2010.10.30 19:03:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\aborange
[2011.05.10 18:11:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo
[2012.09.11 00:06:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2012.08.27 07:49:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BOM
[2011.04.22 20:20:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.03.27 10:09:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ciicl
[2012.05.25 11:08:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.nicolasprof.OTMEditor
[2012.09.22 19:25:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.09.22 19:25:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Pro
[2012.09.21 10:32:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2011.03.17 17:07:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.09.22 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2011.05.12 21:26:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\fltk.org
[2012.02.09 01:16:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GameRanger
[2011.05.10 18:04:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2011.01.12 17:10:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2012.03.22 01:04:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Iminent
[2012.03.25 01:51:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\kock
[2012.06.19 23:03:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leawo
[2011.05.13 23:37:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient
[2012.05.24 10:58:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient2
[2012.03.22 01:28:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAXON
[2010.12.10 21:47:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MobMapUpdater
[2012.09.21 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2012.09.21 10:32:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy
[2010.10.31 04:44:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.10.30 19:32:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2012.08.09 21:37:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Origin
[2012.08.05 23:46:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PhotoScape
[2012.01.09 06:27:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PriceGong
[2011.07.12 14:42:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.11.22 17:10:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Publish Providers
[2012.03.29 13:54:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2011.09.08 23:01:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\redsn0w
[2011.04.22 00:56:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Replay Media Catcher 4
[2011.10.25 12:25:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Screaming Bee
[2012.06.19 22:52:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2011.11.22 21:46:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Creative Software Inc
[2011.09.18 20:45:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Setup
[2012.09.23 12:12:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify
[2011.04.22 19:16:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.12.27 21:48:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Subversion
[2011.04.19 19:25:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2012.08.16 11:14:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Teeworlds
[2012.02.03 22:49:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\The Creative Assembly
[2012.06.19 23:05:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\tiger-k
[2012.03.25 01:52:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Toen
[2011.05.13 22:23:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay
[2012.09.21 19:55:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2012.03.25 21:53:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UAs
[2012.09.22 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\uTorrent
[2011.08.28 21:25:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wargaming.net
[2010.11.01 16:59:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2011.11.22 21:58:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WindSolutions
[2012.03.25 21:54:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\xmldm
 
========== Purity Check ==========
 
 

< End of report >
         
OTL Extras
Code:
ATTFilter
OTL Extras logfile created on: 23.09.2012 12:11:37 - Run 1
OTL by OldTimer - Version 3.2.66.0     Folder = C:\Users\***\Desktop\Trojaner-Board
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 55,49% Memory free
8,00 Gb Paging File | 6,14 Gb Available in Paging File | 76,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 195,43 Gb Free Space | 41,96% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{068F112A-BD2F-4180-BDF5-14256FB39A63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0724CC24-1C82-46F0-ABF3-08169F55A4BD}" = rport=139 | protocol=6 | dir=out | app=system | 
"{091323E6-5829-4C85-A0AA-5647827A44F5}" = rport=137 | protocol=17 | dir=out | app=system | 
"{0C3F0EC3-B055-4C3D-898B-E5352674DDE3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1549A7AA-640E-46E1-A0F2-9CE472406558}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{15FEC8B4-BC3F-4EAB-9708-2647DEF37E67}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{1876653B-112E-4C02-B8CF-0CB098127F97}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{276357D0-ADD9-4402-A1ED-22C249AA5898}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{2F0416FB-EC11-441E-A8AB-C3F9AD0C4CF8}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3DD8D80F-1558-491C-969F-951655925874}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{4E417776-6CF5-488A-AA70-01C9544A70FD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{53E2CCE7-6F5B-42C5-83B5-4A324EAB1DE3}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{6A469DB6-7054-46AD-AE96-03AFE80FDB02}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7416766C-BD17-4C81-AAE4-D87F908B6379}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8FE5AF44-9D02-4C4E-B0C1-89C7FA84485A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{97F21837-D13B-44CA-AE4B-B441A83B0019}" = lport=137 | protocol=17 | dir=in | app=system | 
"{B0416F6E-F2E9-45EF-9869-B0794548C04E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B605DA67-3CEE-4206-89F0-DE11CECB74C6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B6063C47-22F7-485D-905C-3ABB871D8122}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BAD03D71-E1B5-4A9A-84C4-8E5E7F7CF3D6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C5586820-B4AC-4D15-9A96-DFFAAD3271BB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D7A216E4-8E76-4451-93B5-FC8379B59ABC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DB04E3E0-37CF-490A-AB36-C680DF9B720D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E92F263E-8E0A-49C9-8E40-5805476D0E04}" = lport=445 | protocol=6 | dir=in | app=system | 
"{EA9BB1F6-6796-4A1D-B0F3-83DE917B29ED}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F88E36AF-6084-4B26-BAD1-A0197F8C359D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FE9AF29B-C609-405D-ACEE-828E996BC7F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0240D629-0D7B-4453-9EE0-79C7B3B32E1C}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | 
"{0572EC92-C908-47EB-837D-CAD23CF5EC17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{08B56419-68DF-4272-8042-26F76C007472}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{0D4D654B-3AEE-4266-A425-6FED39AA7062}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{109B46C3-B632-423D-91F4-ECF92FF2A72D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{20EF7E29-95C5-40EE-A906-1F4B8B8EDC85}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{213E52DA-820B-4A18-9A25-237194779795}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{249E9B85-A4D4-44D4-B0AE-A5BC77774655}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{27291C6D-3EAF-4CB8-B3C7-61E0F673366E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{343B250D-B54F-4895-B746-EF8760C656B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3B460C4F-9ACB-4681-A756-EA098B9FF17C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe | 
"{3CAD68C9-07EB-463E-8EA7-B531FA0B2060}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3F990889-734E-4B2C-A064-D1884B17B24E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{41AFB780-5505-44F5-9921-F5F1ED0E6EAE}" = protocol=6 | dir=out | app=system | 
"{4476D422-B78D-4876-81FF-78F9D7B1CB0D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4ADA0D8E-1AFD-45FB-B9C1-D9235A0BBC8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe | 
"{4F02B5F3-39FF-4FE9-9CFD-4B51E46897CE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{566865F3-0C40-4488-A76A-2027325C0578}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{6300CE91-C3C4-4194-9338-C6399130F9B4}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{67630AEE-6BF4-4E15-BDE3-91202A21202E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6A1C1D4B-2A9E-4C50-B3BB-1755BF695090}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{707AAFCD-F7CC-4351-9D75-78810A2016B3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{708B6D3B-4D77-414A-BFF9-54C5C6A1617D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7170C132-D64F-463A-B2EE-684C909C6876}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{72882285-5BB1-477B-A270-ECBCC3EA5673}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | 
"{75E03EE0-8A9F-4CFD-BF22-9224C3496857}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{78C96D65-1997-41A5-8A1B-52D58E391CEE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7AF99882-D269-48A8-82EF-21EE82D39FAA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{8406DF4C-C184-44B2-9A7C-826EAC6F6852}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{85160BFC-9F84-4950-A945-39A4CA77EC6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8ACE678F-306C-4AF3-BE8A-9EE74AC4898F}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | 
"{9309DC43-8050-455E-B6DD-27B893AA3873}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{961E2429-C109-492B-9D26-065501FCD643}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{A49171A1-0F89-4AEF-BFBD-228D385835BD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{A4F55BB8-72E5-446C-81FA-EA1F896C9CCD}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{AC3D1D55-AA6A-4525-BA52-C71D8AC56D35}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{AD2F4AAC-091A-42A0-B934-7621C4D17106}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{B2C72ABF-7483-48F2-A4C3-443BE21B25FA}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | 
"{B66D9D59-0AB5-49A4-9727-9BFE56AE172E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C0F9E017-F132-44C7-AA85-AD98BDD0471E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{C60477E9-EC57-4579-B2C5-5A2D80D375BC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{D43FA403-F9C3-449F-88B5-2B88E3401843}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{D519289F-E4DF-4F4C-8C7A-6CC2A6B04A89}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E9CD32DE-523E-430D-8470-58559150C7BF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"TCP Query User{C7D559AF-9517-4BFF-8820-94D413BEED87}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | 
"TCP Query User{F122431F-D6A3-4D4D-A895-DCACD17BE37D}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{F5EE1E7E-78FE-45F6-988A-B681921F5D6E}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"UDP Query User{3C3B85AC-A024-46C4-9CB4-F291B71C7CB6}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{46B13B12-8E29-452F-ABE7-F0748C29AC81}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"UDP Query User{CC11B2DA-69B1-4406-B01C-CEED98C82FB7}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{44A79F1E-8DF7-11E1-80E3-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7 (64-bit)
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FE51C8DE-03A7-11E1-88F8-F04DA23A5C58}" = MSVCRT Redists
"ASUS WebCam, 1.3M, USB2.0, FF" = ASUS WebCam, 1.3M, USB2.0, FF
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{37491A3D-B2A6-402D-898E-5C4EF3984C29}" = Adobe Flash Media Live Encoder 3.1
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}" =  DCP-330C
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2F7D8E1-03A2-11E1-AA2E-F04DA23A5C58}" = MSVCRT Redists
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AutoHotkey" = AutoHotkey 1.0.91.05
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 2.60
"Free YouTube Download_is1" = Free YouTube Download version 3.0.22.221
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Game Booster_is1" = Game Booster 3
"Guild Wars 2" = Guild Wars 2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mp3tag" = Mp3tag v2.52
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.02.1578" = Opera 12.02
"Origin" = Origin
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Roller Coaster Tycoon 3 Platinum  - CarlesNeo !" = Roller Coaster Tycoon 3 Platinum  - CarlesNeo !
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 34030" = Napoleon: Total War
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"X3 Albion Prelude_is1" = X3 Albion Prelude
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 23.02.2012 12:05:59 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:05:59.032]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:00 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:00.532]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:02 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:02.032]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:03 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:03.532]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:05 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:05.032]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:06 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:06.532]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:08 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:08.032]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:09 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:09.532]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:11 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:11.032]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.02.2012 12:06:12 | Computer Name = *** | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/02/23 17:06:12.532]: [00003944]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 24.02.2012 12:37:43 | Computer Name = *** | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
[ System Events ]
Error - 23.09.2012 05:39:06 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet:   %%13
 
Error - 23.09.2012 05:43:02 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 05:43:21 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 05:43:21 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 05:45:52 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 05:45:52 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 06:01:52 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 06:06:40 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 06:06:55 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 23.09.2012 06:06:55 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
 
< End of report >
         
Bisherige Versuche
  • Systemwiederherstellung (Jedoch kein Punkt vorhanden gehabt der weit genug zurückliegt)
  • Abgesicherter Modus (Internet -> Gleich Langsam)
  • CCleaner, reinigen der Reg.
  • Antivir Systemscan (2 Funde, welche gelöscht wurden)
  • Netzwerkkarten Treiber update (Hat irgendwie nicht geklappt, updated nur Grafikkarte!)

Geändert von ashuros (23.09.2012 um 12:11 Uhr)

Alt 23.09.2012, 15:36   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Zitat:
CCleaner, reinigen der Reg.
Finger weg von Registry-Cleanern!!

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr startet.
  • Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
  • Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
  • Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Zitat:
Antivir Systemscan (2 Funde, welche gelöscht wurden)
Schön und wo sind die Logs dazu?

Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 23.09.2012, 21:31   #3
ashuros
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Entschuldige, habe da überhaupt nicht dran gedacht!

Hier die Logs von Avira:
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Samstag, 22. September 2012  23:03

Es wird nach 4251695 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : ***
Computername   : ***

Versionsinformationen:
BUILD.DAT      : 12.0.0.1199    40869 Bytes  07.09.2012 22:14:00
AVSCAN.EXE     : 12.3.0.33     468472 Bytes  08.08.2012 14:32:09
AVSCAN.DLL     : 12.3.0.15      66256 Bytes  29.05.2012 16:43:43
LUKE.DLL       : 12.3.0.15      68304 Bytes  29.05.2012 16:43:44
AVSCPLR.DLL    : 12.3.0.14      97032 Bytes  28.05.2012 10:48:41
AVREG.DLL      : 12.3.0.17     232200 Bytes  28.05.2012 10:48:41
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 09:49:21
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 06:56:15
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 06:56:21
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 10:48:28
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  28.03.2012 10:48:32
VBASE005.VDF   : 7.11.34.116  4034048 Bytes  29.06.2012 14:56:11
VBASE006.VDF   : 7.11.41.250  4902400 Bytes  06.09.2012 19:41:01
VBASE007.VDF   : 7.11.41.251     2048 Bytes  06.09.2012 19:41:01
VBASE008.VDF   : 7.11.41.252     2048 Bytes  06.09.2012 19:41:01
VBASE009.VDF   : 7.11.41.253     2048 Bytes  06.09.2012 19:41:01
VBASE010.VDF   : 7.11.41.254     2048 Bytes  06.09.2012 19:41:01
VBASE011.VDF   : 7.11.41.255     2048 Bytes  06.09.2012 19:41:02
VBASE012.VDF   : 7.11.42.0       2048 Bytes  06.09.2012 19:41:02
VBASE013.VDF   : 7.11.42.1       2048 Bytes  06.09.2012 19:41:02
VBASE014.VDF   : 7.11.42.65    203264 Bytes  09.09.2012 20:23:31
VBASE015.VDF   : 7.11.42.125   156672 Bytes  11.09.2012 20:23:34
VBASE016.VDF   : 7.11.42.171   187904 Bytes  12.09.2012 08:44:42
VBASE017.VDF   : 7.11.42.235   141312 Bytes  13.09.2012 08:44:36
VBASE018.VDF   : 7.11.43.35    133632 Bytes  15.09.2012 11:44:13
VBASE019.VDF   : 7.11.43.89    129024 Bytes  18.09.2012 20:09:29
VBASE020.VDF   : 7.11.43.141   130560 Bytes  19.09.2012 15:30:01
VBASE021.VDF   : 7.11.43.187   121856 Bytes  21.09.2012 15:31:08
VBASE022.VDF   : 7.11.43.188     2048 Bytes  21.09.2012 15:31:08
VBASE023.VDF   : 7.11.43.189     2048 Bytes  21.09.2012 15:31:09
VBASE024.VDF   : 7.11.43.190     2048 Bytes  21.09.2012 15:31:10
VBASE025.VDF   : 7.11.43.191     2048 Bytes  21.09.2012 15:31:12
VBASE026.VDF   : 7.11.43.192     2048 Bytes  21.09.2012 15:31:13
VBASE027.VDF   : 7.11.43.193     2048 Bytes  21.09.2012 15:31:13
VBASE028.VDF   : 7.11.43.194     2048 Bytes  21.09.2012 15:31:14
VBASE029.VDF   : 7.11.43.195     2048 Bytes  21.09.2012 15:31:17
VBASE030.VDF   : 7.11.43.196     2048 Bytes  21.09.2012 15:31:17
VBASE031.VDF   : 7.11.43.228    93696 Bytes  22.09.2012 15:32:12
Engineversion  : 8.2.10.164
AEVDF.DLL      : 8.1.2.10      102772 Bytes  11.07.2012 10:29:28
AESCRIPT.DLL   : 8.1.4.54      459131 Bytes  18.09.2012 20:09:34
AESCN.DLL      : 8.1.8.2       131444 Bytes  28.05.2012 10:48:40
AESBX.DLL      : 8.2.5.12      606578 Bytes  15.06.2012 12:06:51
AERDL.DLL      : 8.1.9.15      639348 Bytes  31.01.2012 06:55:37
AEPACK.DLL     : 8.3.0.36      811382 Bytes  14.09.2012 08:44:39
AEOFFICE.DLL   : 8.1.2.42      201083 Bytes  20.07.2012 14:48:42
AEHEUR.DLL     : 8.1.4.100    5280120 Bytes  14.09.2012 08:44:39
AEHELP.DLL     : 8.1.23.2      258422 Bytes  28.06.2012 14:56:20
AEGEN.DLL      : 8.1.5.36      434549 Bytes  24.08.2012 07:17:06
AEEXP.DLL      : 8.1.0.86       90484 Bytes  07.09.2012 19:42:23
AEEMU.DLL      : 8.1.3.2       393587 Bytes  11.07.2012 10:29:28
AECORE.DLL     : 8.1.27.4      201078 Bytes  07.08.2012 14:32:06
AEBB.DLL       : 8.1.1.0        53618 Bytes  31.01.2012 06:55:33
AVWINLL.DLL    : 12.3.0.15      27344 Bytes  29.05.2012 16:43:43
AVPREF.DLL     : 12.3.0.15      51920 Bytes  29.05.2012 16:43:43
AVREP.DLL      : 12.3.0.15     179208 Bytes  28.05.2012 10:48:41
AVARKT.DLL     : 12.3.0.15     211408 Bytes  29.05.2012 16:43:43
AVEVTLOG.DLL   : 12.3.0.15     169168 Bytes  29.05.2012 16:43:43
SQLITE3.DLL    : 3.7.0.1       398288 Bytes  29.05.2012 16:43:44
AVSMTP.DLL     : 12.3.0.32      63480 Bytes  08.08.2012 14:32:09
NETNT.DLL      : 12.3.0.15      17104 Bytes  29.05.2012 16:43:44
RCIMAGE.DLL    : 12.3.0.31    4444408 Bytes  08.08.2012 14:32:07
RCTEXT.DLL     : 12.3.0.31     100088 Bytes  08.08.2012 14:32:07

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Samstag, 22. September 2012  23:03

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'opera.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spotify.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mscorsvw.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\Program Files\AutoHotkey\uninst.exe
  [WARNUNG]   Unerwartetes Dateiende erreicht
C:\Windows\Sysnative\drivers\sptd.sys
  [WARNUNG]   Die Datei konnte nicht geöffnet werden!
Die Registry wurde durchsucht ( '3301' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Stevens Tchiri'
C:\Users\***\AppData\Roaming\BAcroIEHelpe092.dll
  [FUND]      Ist das Trojanische Pferd TR/Spy.Gen
C:\Users\***\AppData\Roaming\11004\components\AcroFF004.dll
  [FUND]      Ist das Trojanische Pferd TR/Spy.Banker.20115
C:\Users\***\Desktop\Sicherung.rar
  [WARNUNG]   Die Datei ist kennwortgeschützt

Beginne mit der Desinfektion:
C:\Users\***\AppData\Roaming\11004\components\AcroFF004.dll
  [FUND]      Ist das Trojanische Pferd TR/Spy.Banker.20115
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\***\AppData\Roaming\BAcroIEHelpe092.dll
  [FUND]      Ist das Trojanische Pferd TR/Spy.Gen
  [HINWEIS]   Die Datei wurde gelöscht.


Ende des Suchlaufs: Samstag, 22. September 2012  23:34
Benötigte Zeit: 30:32 Minute(n)

Der Suchlauf wurde abgebrochen!

   4867 Verzeichnisse wurden überprüft
 242297 Dateien wurden geprüft
      2 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      2 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      1 Dateien konnten nicht durchsucht werden
 242294 Dateien ohne Befall
  10641 Archive wurden durchsucht
      3 Warnungen
      2 Hinweise
         
__________________

Alt 24.09.2012, 13:59   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Da ist ein Bankingtrojaner am Werk, macht ihr OnlineBanking mit dieser Kiste?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.09.2012, 21:16   #5
ashuros
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Ja machen wir :O Ohje!!!

Was gibt es jetzt zu tun?


Alt 26.09.2012, 13:51   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Ich würde umgehend mal zur Bank rennen und denen Bescheid geben
Mach das mal zuerst und wir besprechen die weiteren Schritte ob wohl ich davon ausgehen kann, dass deine Bank eine komplette Neuinstallation deines Windows-Rechners aufgibt
__________________
--> Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.

Alt 26.09.2012, 22:13   #7
ashuros
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Mir wurde am Telefon gesagt, dass ich mir keine Sorgen über das verlieren von Geld machen müsste, da hierzu der TAN gebraucht ist. Das Passwort meines Accoutns sollte ich jedoch auf dem Computer in der Bank ändern.

Es wurde darum gebeten eine Neuinstallation durchzuführen, der Bankangestellte von der IT-Abteilung sagte mir, es sei zu riskant auf eine Reinigung des PC's zu vertrauen, da der Trojaner sich stehts irgendwo anders verstecken kann.

Also wie geht es weiter?

Zitat:
Zitat von ashuros Beitrag anzeigen
Mir wurde am Telefon gesagt, dass ich mir keine Sorgen über das verlieren von Geld machen müsste, da hierzu der TAN gebraucht ist. Das Passwort meines Accoutns sollte ich jedoch auf dem Computer in der Bank ändern.

Es wurde darum gebeten eine Neuinstallation durchzuführen, der Bankangestellte von der IT-Abteilung sagte mir, es sei zu riskant auf eine Reinigung des PC's zu vertrauen, da der Trojaner sich stehts irgendwo anders verstecken kann.

Also wie geht es weiter?
Eine externe Festplatte habe ich jetzt auch hier, nun müsste ich wissen, wie ich den PC "richtig" neuinstalliere, falls dies nötig ist.

gruß
Steve

Alt 27.09.2012, 15:51   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Die Bank hat schon recht, sicherer ist auf jeden Fall eine Neuinstallation von Windows
Willst du das machen oder lieber doch bereinigen?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.09.2012, 11:19   #9
ashuros
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Sicherer wäre ja die Neuinstallation. Wie führe ich die möglichst gut durch?

Gibt es etwas das ich bis zur Neuinstallation gemacht haben muss?

gruß
Steve

Alt 28.09.2012, 14:20   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Standard

Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.



Lies doch erstmal den Artikel zur Neuinstallation komplette, dann kannst du immer noch Fragen stellen wenn etwas offen ist
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.
32 bit, antivir, autorun, avira, bho, browser, build 7601, computer, converter, desktop, document, error, fehler, firefox, flash player, helper, iminent, iminent toolbar, install.exe, internet, jdownloader, langsam, langsam lahm, launch, logfile, mp3, msvcrt, netzwerk, netzwerkadapter, nvidia update, object, registry, richtlinie, rundll, security, senden, smartbar, software, strong, super, svchost.exe, teamspeak, vdeck.exe



Ähnliche Themen: Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk.


  1. Bei Download stürzt PC ab oder Internetverbindung bricht ab
    Plagegeister aller Art und deren Bekämpfung - 08.10.2015 (7)
  2. Windows 7 86Bit Firefox XML-Verarbeitungsfehler: nicht wohlgeformt & Problem bei einem download für online MMORPG
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (11)
  3. Windows 7, malewarebytes fund: 11 u. 28 infizierte Objekte nach einem freeware download
    Plagegeister aller Art und deren Bekämpfung - 11.08.2013 (14)
  4. virus.win32.expiro.ai in einem Netzwerk
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (10)
  5. Internetverbindung ist verdächtig langsam - von einem Tag auf den andern.
    Plagegeister aller Art und deren Bekämpfung - 28.05.2013 (19)
  6. GVU/BSI Trojaner - noch ein Betroffener!
    Plagegeister aller Art und deren Bekämpfung - 30.01.2013 (3)
  7. Moskau - Plötzlich langsame Internetverbindung trotz gutem Netzwerk
    Log-Analyse und Auswertung - 18.06.2012 (35)
  8. Die Telekom sagt mein System gehöre zu einem Sinkhole Netzwerk
    Log-Analyse und Auswertung - 08.07.2011 (43)
  9. Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay
    Alles rund um Windows - 18.02.2011 (4)
  10. Boot-/ Anmeldevorgang im Netzwerk extremst langsam
    Log-Analyse und Auswertung - 05.07.2010 (4)
  11. Bekomme Spamnachricht mit Link zu einem download in MSN
    Plagegeister aller Art und deren Bekämpfung - 29.03.2010 (3)
  12. trojaner oder virus? pc spinnt nach download von einem programm
    Log-Analyse und Auswertung - 16.02.2010 (17)
  13. Antivirus XP2008 - ein weiterer betroffener :)
    Plagegeister aller Art und deren Bekämpfung - 29.09.2008 (16)
  14. Antivirus XP2008 - ein weiterer betroffener :)
    Mülltonne - 17.09.2008 (2)
  15. Mit einem Linux-Rechner auf ein Drahtloses Windows-Netzwerk zugreifen?
    Alles rund um Mac OSX & Linux - 30.08.2006 (13)
  16. Kein anzeigen von "Gemeinsame Internetverbindung" in Netzwerk
    Alles rund um Windows - 03.05.2005 (4)
  17. netzwerk langsam
    Log-Analyse und Auswertung - 19.01.2005 (3)

Zum Thema Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. - Hallo Trojaner-Board.de, das ist mein erster Post hier! Problemschilderung: Ich habe zu langsames Internet. Davor lief es auch super, auf einmal wurde es sehr langsam. Meine Leitung läuft eigentlich mit - Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk....
Archiv
Du betrachtest: Internetverbindung zu langsam (Download) mit einem PC (-Betroffener) im Netzwerk. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.