Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Internet langsam

Internet langsam


Log-Analyse und Auswertung: Internet langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 05.10.2010, 16:29   #1
gumplchen
 
Internet langsam - Standard

Internet langsam


Hi Trojaner Board

Vor einigen Wochen war ich schonmal hier, weil mein Internet sehr langsam war.
Durch einen Neustart meines Routers war aller wieder i.O. Jedoch funktioniert das jetzt nicht mehr. Es bleibt einfach langsam. Seiten bauen sehr lange auf. Jetzt wollte ich hier wieder um Hilfe anfragen


Hier ist der HijackThis Log
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:37, on 01.10.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugin-container.exe
C:\Users\Christoph\Downloads\HiJackThis204.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = A1 Telekom Austria TA AG
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\Windows\TEMP\E_SA2F3.tmp" /EF "HKCU"
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Christoph\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 6807 bytes
--- --- ---


einen Scan mit Malwarebytes habe ich auch schon gemacht und der war negativ.

Danke schonmal im Vorraus =)

Hier ist noch der Malwarebytes Log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4724

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

01.10.2010 14:18:49
mbam-log-2010-10-01 (14-18-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 307004
Laufzeit: 1 Stunde(n), 4 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

und hier noch OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.10.2010 14:08:54 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Christoph\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 23,00% Memory free
10,00 Gb Paging File | 6,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 255,21 Gb Free Space | 54,79% Space Free | Partition Type: NTFS
Drive D: | 653,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CHRISTOPH-PC
Current User Name: Christoph
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Spiele\StarCraft II\Versions\Base16605\SC2.exe (Blizzard Entertainment, Inc.)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Christoph\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Christoph\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (qcusbser) -- C:\Windows\SysNative\DRIVERS\qcusbser.sys (QUALCOMM Incorporated)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (ialm) -- C:\Windows\SysNative\DRIVERS\ialmnt5.sys (Intel Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Amazon.de"
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0rc1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.23.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1114
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010.09.28 16:36:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\components [2010.09.18 09:12:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugins [2010.09.18 09:12:46 | 000,000,000 | ---D | M]
 
[2010.07.26 22:20:32 | 000,000,000 | ---D | M] -- C:\Users\Christoph\AppData\Roaming\mozilla\Extensions
[2010.10.01 19:21:52 | 000,000,000 | ---D | M] -- C:\Users\Christoph\AppData\Roaming\mozilla\Firefox\Profiles\ssg0iz8z.default\extensions
[2010.09.09 21:51:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christoph\AppData\Roaming\mozilla\Firefox\Profiles\ssg0iz8z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.18 22:29:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christoph\AppData\Roaming\mozilla\Firefox\Profiles\ssg0iz8z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.29 00:41:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Christoph\AppData\Roaming\mozilla\Firefox\Profiles\ssg0iz8z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.26 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\Christoph\AppData\Roaming\mozilla\Firefox\Profiles\ssg0iz8z.default\extensions\battlefieldheroespatcher@ea.com
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATIEDE.EXE File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Christoph\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Christoph\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: blank ([]about in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 0.0.0.0
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.16 18:12:26 | 000,000,461 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.08.16 18:12:26 | 000,000,011 | R--- | M] () - D:\autorun.tag -- [ CDFS ]
O32 - AutoRun File - [2010.08.16 18:12:26 | 000,935,768 | R--- | M] (mirabyte GmbH & Co. KG) - D:\autostart.exe -- [ CDFS ]
O33 - MountPoints2\{fb637f4e-97c6-11df-88ee-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fb637f4e-97c6-11df-88ee-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autostart.exe -- [2010.08.16 18:12:26 | 000,935,768 | R--- | M] (mirabyte GmbH & Co. KG)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Programme (x86)\AVG\AVG10\avgchsva.exe File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Programme (x86)\AVG\AVG10\avgrsa.exe File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.01 15:24:34 | 000,000,000 | ---D | C] -- C:\Users\Christoph\Desktop\Studienbestätigungen
[2010.10.01 13:05:33 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.09.28 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Roaming\AVG10
[2010.09.28 16:37:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010.09.28 16:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010.09.28 16:36:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2010.09.28 16:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010.09.23 13:53:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg
[2010.09.22 16:21:42 | 000,000,000 | ---D | C] -- C:\Users\Christoph\Desktop\paul cezanne
[2010.09.18 09:13:53 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010.09.18 09:13:53 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.09.18 09:13:53 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.09.18 09:13:27 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.09.18 09:13:26 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.09.18 09:13:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.09.18 09:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.09.18 09:10:20 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.09.18 09:10:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.09.15 12:12:31 | 000,000,000 | ---D | C] -- C:\28f834c3334b7f64e1
[2010.09.15 11:49:06 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2010.09.15 11:49:06 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2010.09.15 11:48:58 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2010.09.14 12:25:55 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Roaming\OpenOffice.org
[2010.09.14 12:24:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2010.09.14 12:23:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010.09.14 12:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.14 12:22:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.09.14 12:22:37 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.14 12:22:36 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.14 12:22:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.14 12:22:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.14 12:22:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.09.14 12:21:23 | 000,000,000 | ---D | C] -- C:\Users\Christoph\Desktop\OpenOffice.org 3.2 (de) Installation Files
[2010.09.13 16:27:46 | 000,027,216 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys
[2010.09.10 21:41:08 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Roaming\Xfire
[2010.09.10 21:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.09.10 21:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010.09.09 22:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neffy
[2010.09.09 21:01:19 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Roaming\Need for Speed World
[2010.09.09 20:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010.09.09 17:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PixiePack Codec Pack
[2010.09.09 17:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution
[2010.09.09 17:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RapidSolution
[2010.09.09 17:33:22 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Local\RapidSolution
[2010.09.09 11:19:27 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Local\Electronic_Arts_Inc
[2010.09.09 11:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.09.07 03:48:58 | 000,381,008 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010.09.07 03:48:56 | 000,041,040 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010.09.07 03:48:52 | 000,305,232 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.09.07 03:48:50 | 000,030,288 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2010.09.05 13:37:49 | 001,693,048 | ---- | C] (EA Digital Illusions CE AB) -- C:\Users\Christoph\Desktop\BFBC2Updater.exe
[2010.09.04 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\Christoph\Documents\BFBC2
[2010.09.04 17:31:07 | 000,000,000 | RH-D | C] -- C:\Users\Christoph\AppData\Roaming\SecuROM
[2010.09.03 09:37:31 | 000,000,000 | ---D | C] -- C:\Users\Christoph\Documents\Meine empfangenen Dateien
[2010.09.02 15:54:51 | 000,000,000 | ---D | C] -- C:\Users\Christoph\Desktop\Musik
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.02 14:07:57 | 005,505,024 | -HS- | M] () -- C:\Users\Christoph\NTUSER.DAT
[2010.10.02 13:09:40 | 000,004,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.02 13:09:40 | 000,004,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.02 09:15:51 | 095,211,824 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010.10.02 09:10:06 | 000,037,301 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.10.02 09:10:05 | 000,037,301 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.10.02 09:09:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.02 09:09:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.02 09:09:33 | 4293,386,240 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.01 22:52:56 | 000,524,288 | -HS- | M] () -- C:\Users\Christoph\NTUSER.DAT{d7ceb1a9-98b7-11df-af99-001d7da76728}.TMContainer00000000000000000001.regtrans-ms
[2010.10.01 22:52:56 | 000,065,536 | -HS- | M] () -- C:\Users\Christoph\NTUSER.DAT{d7ceb1a9-98b7-11df-af99-001d7da76728}.TM.blf
[2010.10.01 22:52:48 | 003,481,330 | -H-- | M] () -- C:\Users\Christoph\AppData\Local\IconCache.db
[2010.09.29 21:03:02 | 000,019,460 | ---- | M] () -- C:\Users\Christoph\Documents\cc_20100929_210257.reg
[2010.09.28 16:37:20 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010.09.28 16:37:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\incavi.avm
[2010.09.28 16:37:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\iavichjw.avm
[2010.09.28 12:44:51 | 000,000,732 | ---- | M] () -- C:\Users\Christoph\AppData\Local\d3d9caps64.dat
[2010.09.26 21:03:17 | 000,010,990 | ---- | M] () -- C:\Users\Christoph\Desktop\La telefonata.docx
[2010.09.26 20:10:23 | 000,012,059 | ---- | M] () -- C:\Users\Christoph\Desktop\English Essay Healthcare.docx
[2010.09.26 19:56:53 | 000,057,232 | ---- | M] () -- C:\Users\Christoph\Documents\cc_20100926_195646.reg
[2010.09.26 19:56:03 | 000,017,553 | ---- | M] () -- C:\Users\Christoph\Documents\Essay in English.odt
[2010.09.26 18:31:10 | 000,018,595 | ---- | M] () -- C:\Users\Christoph\Documents\Personal Letter 14.9.2010 verbesserung.odt
[2010.09.22 17:54:29 | 000,019,832 | ---- | M] () -- C:\Users\Christoph\Documents\Paul Cezanne.odt
[2010.09.19 15:52:12 | 000,018,076 | ---- | M] () -- C:\Users\Christoph\Documents\STVP schummelzettel.odt
[2010.09.19 14:29:24 | 000,000,401 | ---- | M] () -- C:\Users\Christoph\Desktop\1920x1080.html
[2010.09.18 13:01:26 | 000,234,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.09.18 13:01:26 | 000,234,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.18 09:14:01 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.09.18 09:12:38 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.09.18 08:25:27 | 000,000,680 | ---- | M] () -- C:\Users\Christoph\AppData\Local\d3d9caps.dat
[2010.09.15 11:42:23 | 000,252,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.14 18:06:45 | 000,054,560 | ---- | M] () -- C:\Users\Christoph\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.14 13:35:16 | 000,339,545 | ---- | M] () -- C:\Users\Christoph\Documents\ÖVP für GESCHICHTE 14.9.2010.odt
[2010.09.14 12:42:18 | 000,018,128 | ---- | M] () -- C:\Users\Christoph\Documents\Personal Letter 14.9.2010.odt
[2010.09.14 12:24:57 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.09.14 12:22:29 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.14 12:22:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.14 12:22:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.14 12:22:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.13 16:27:46 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys
[2010.09.10 21:41:07 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.09.10 20:16:31 | 000,004,608 | ---- | M] () -- C:\Users\Christoph\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.09 20:38:17 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.09.07 03:48:58 | 000,381,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010.09.07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010.09.07 03:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.09.07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2010.09.06 11:27:25 | 000,000,031 | ---- | M] () -- C:\Users\Christoph\Desktop\HJ.ini
[2010.09.04 23:06:40 | 000,000,520 | ---- | M] () -- C:\Users\Christoph\Documents\cc_20100904_230634.reg
[2010.09.04 23:06:04 | 000,001,563 | ---- | M] () -- C:\Users\Christoph\Desktop\ccleaner - Verknüpfung.lnk
[2010.09.04 15:31:05 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.04 15:31:04 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.09.04 11:25:20 | 000,381,704 | ---- | M] () -- C:\Users\Christoph\Desktop\HJ.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.02 09:15:51 | 095,211,824 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010.09.29 21:02:59 | 000,019,460 | ---- | C] () -- C:\Users\Christoph\Documents\cc_20100929_210257.reg
[2010.09.29 17:46:38 | 000,000,000 | ---- | C] () -- C:\Users\Christoph\Sti_Trace.log
[2010.09.28 16:37:20 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010.09.28 16:37:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\avg\incavi.avm
[2010.09.28 16:37:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\avg\iavichjw.avm
[2010.09.26 21:03:16 | 000,010,990 | ---- | C] () -- C:\Users\Christoph\Desktop\La telefonata.docx
[2010.09.26 20:10:21 | 000,012,059 | ---- | C] () -- C:\Users\Christoph\Desktop\English Essay Healthcare.docx
[2010.09.26 19:56:48 | 000,057,232 | ---- | C] () -- C:\Users\Christoph\Documents\cc_20100926_195646.reg
[2010.09.26 18:31:08 | 000,018,595 | ---- | C] () -- C:\Users\Christoph\Documents\Personal Letter 14.9.2010 verbesserung.odt
[2010.09.23 20:04:20 | 000,017,553 | ---- | C] () -- C:\Users\Christoph\Documents\Essay in English.odt
[2010.09.22 17:44:22 | 000,019,832 | ---- | C] () -- C:\Users\Christoph\Documents\Paul Cezanne.odt
[2010.09.19 13:19:47 | 000,018,076 | ---- | C] () -- C:\Users\Christoph\Documents\STVP schummelzettel.odt
[2010.09.18 09:14:01 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.09.18 09:12:38 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.09.15 20:38:31 | 000,000,401 | ---- | C] () -- C:\Users\Christoph\Desktop\1920x1080.html
[2010.09.14 13:35:14 | 000,339,545 | ---- | C] () -- C:\Users\Christoph\Documents\ÖVP für GESCHICHTE 14.9.2010.odt
[2010.09.14 12:32:32 | 000,018,128 | ---- | C] () -- C:\Users\Christoph\Documents\Personal Letter 14.9.2010.odt
[2010.09.14 12:24:57 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.09.14 12:22:55 | 000,421,482 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_vcredistMSI11DC.txt
[2010.09.14 12:22:51 | 000,011,398 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_vcredistUI11DC.txt
[2010.09.10 21:41:07 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.09.10 20:16:28 | 000,004,608 | ---- | C] () -- C:\Users\Christoph\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.09 20:38:17 | 000,002,052 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.09.09 17:35:39 | 000,014,352 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_vcredistUI7A9A.txt
[2010.09.06 11:27:25 | 000,000,031 | ---- | C] () -- C:\Users\Christoph\Desktop\HJ.ini
[2010.09.06 11:27:14 | 000,381,704 | ---- | C] () -- C:\Users\Christoph\Desktop\HJ.exe
[2010.09.04 23:06:36 | 000,000,520 | ---- | C] () -- C:\Users\Christoph\Documents\cc_20100904_230634.reg
[2010.09.04 23:06:02 | 000,001,563 | ---- | C] () -- C:\Users\Christoph\Desktop\ccleaner - Verknüpfung.lnk
[2010.09.04 15:31:04 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.08.25 08:18:34 | 000,174,197 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2010.08.25 08:18:28 | 000,118,382 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_dotnetfx35install.txt
[2010.08.25 08:18:28 | 000,001,678 | ---- | C] () -- C:\Users\Christoph\AppData\Local\uxeventlog.txt
[2010.08.25 08:18:28 | 000,000,002 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_dotnetfx35error.txt
[2010.08.09 22:44:48 | 000,437,328 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_vcredistMSI7115.txt
[2010.08.09 22:44:47 | 000,011,458 | ---- | C] () -- C:\Users\Christoph\AppData\Local\dd_vcredistUI7115.txt
[2010.08.09 10:02:56 | 000,000,680 | ---- | C] () -- C:\Users\Christoph\AppData\Local\d3d9caps.dat
[2010.07.26 17:46:45 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010.07.26 17:43:55 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2010.07.25 16:53:48 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010.07.25 16:53:43 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010.07.25 15:36:09 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2010.07.25 12:02:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.25 11:00:34 | 000,037,301 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.07.25 11:00:34 | 000,037,301 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.07.25 10:40:22 | 000,000,732 | ---- | C] () -- C:\Users\Christoph\AppData\Local\d3d9caps64.dat
[2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.03.02 11:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
< End of report >
--- --- ---



und die extras:



OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 02.10.2010 14:08:54 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Christoph\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 23,00% Memory free
10,00 Gb Paging File | 6,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 255,21 Gb Free Space | 54,79% Space Free | Partition Type: NTFS
Drive D: | 653,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CHRISTOPH-PC
Current User Name: Christoph
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = A8 A5 84 9A 03 2C CB 01  [binary data]
"VistaSp2" = 2B 5D 42 83 0C 2C CB 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B8D1E32-165B-4EEB-BC82-15CD05F240BC}" = lport=6890 | protocol=17 | dir=in | name=league of legends launcher | 
"{0F428466-4B9B-419D-89FB-475FFC9CC49E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{167D220C-57F6-4A18-89F0-E3D79EDCA051}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{18467FD5-2A4E-4FAE-A128-1AAA1BBF822F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A02F0BD7-077F-4BD5-8820-88D5DE07786E}" = lport=6890 | protocol=6 | dir=in | name=league of legends launcher | 
"{AC3786D1-1962-4A32-BAE2-4AA2AC9D0F8F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0085F7BF-E724-44CB-B989-59C0C81A75C8}" = protocol=6 | dir=in | app=c:\spiele\league of legends\game\league of legends.exe | 
"{08945214-4B3A-4FFB-B29D-E8AA4AD99051}" = protocol=6 | dir=in | app=c:\spiele\league of legends\air\lolclient.exe | 
"{12ECD363-55C0-4769-A75D-10F5C99FAFD0}" = protocol=6 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe | 
"{14B3075D-F6A0-4B00-9EA9-3F390FD44B19}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe | 
"{15927C52-D0C1-4B60-B4EE-5C4CC46BBB8D}" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\starcraft ii.exe | 
"{193DBC3F-7891-4B09-9FE8-B410FB0813A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{24375790-E212-4738-820B-D8864C8A0289}" = protocol=17 | dir=in | app=c:\spiele\league of legends\game\league of legends.exe | 
"{2940D250-8588-4FAC-AF0C-DDEE1D977035}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe | 
"{2B50BB8C-5981-4AE4-9658-71129BF2E6E8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | 
"{351E42DD-3243-4A76-BBE5-C10AC97F7BBB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{38DBFCDA-2B70-4347-9BF6-01D1E7004A13}" = protocol=17 | dir=in | app=c:\spiele\league of legends\air\lolclient.exe | 
"{39ED67BE-1D52-42C2-AFA1-AF7B883CF063}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{4961400F-ED31-4517-9FDA-044D7DEEBCA2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | 
"{4967F0A5-C2A4-4262-8088-26B8D3E36414}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plain sight\plainsight.exe | 
"{4BCEC4C7-EC36-47CE-9FC2-38357E02CDC7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{4D8DC845-396E-43BE-BC53-785B2719D21C}" = protocol=17 | dir=in | app=c:\spiele\bad company 2\bfbc2updater.exe | 
"{4DA015F2-DE4D-4280-8081-7CA23E054F18}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{52D73EB5-37BB-45CE-A576-0BD6096C5602}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\counter-strike source\hl2.exe | 
"{54335B12-46C1-47C3-BBFD-A58DF61434CF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | 
"{59773727-0C8E-4D33-93A7-E0806B930E0A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{5EA9ED48-CC4F-4AD7-80C0-6528B1566855}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe | 
"{60835E97-3E70-491D-9FDD-E4DCB1791F04}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{788C0949-5A6D-4BCB-9906-92EF9934684E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{846F395F-51FD-4037-9652-A8BE5007F4FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe | 
"{871DEEC2-9714-4D71-A0F4-53015455E5EA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | 
"{8A2247A0-A6ED-4E15-AD33-D69D9A96C06E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{8D0A3B52-9133-4E1A-BECC-4AA45F6854FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\garrysmod\hl2.exe | 
"{8F521221-6388-4630-8B91-F10DFB8F1074}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | 
"{9337B47E-1B31-4352-A6A6-61F060E45612}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | 
"{937D1E15-10BC-4008-A6F9-D256D926955F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{9C0A79E1-22B7-4836-BE4E-EB332611F59F}" = protocol=6 | dir=in | app=c:\spiele\bad company 2\bfbc2updater.exe | 
"{9D449AC3-B5B3-4564-81E7-64EE9B30C33D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{9E839F89-F041-473C-90FC-FBF64AAD2E6F}" = protocol=6 | dir=in | app=c:\spiele\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{A079363E-3B90-40A2-B58B-211D1D32CE4E}" = protocol=17 | dir=in | app=c:\spiele\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{A1DB2B9D-FE93-4D59-B449-DE88FF522E5B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | 
"{AA9E0E6F-C6A1-4EC5-B1C8-91188D002D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe | 
"{AAF77653-07BB-4A41-A2C5-A73058677C46}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{AB480365-3F63-4C95-A340-FABCAD68A1F8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{BD39D3E2-F86C-4041-937E-D794204CF027}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{C2A827B2-1048-4D93-AF0A-962A7E33FAC8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{C5A574FC-EE68-4402-8A5E-2428C5E9C94D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plain sight\plainsight.exe | 
"{C7BFE065-BDCA-441C-A51B-6F68E80CDBC7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\garrysmod\hl2.exe | 
"{C7C6612A-1400-4663-ABFA-9DFC2F51EF0B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{C9E3C2B2-216B-466C-8DE6-22287405C0C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\counter-strike source\hl2.exe | 
"{CFE70161-C473-47C5-8C35-2EF58C0C6E0C}" = protocol=17 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe | 
"{D6DCB17A-3AA3-43E0-9D0F-7BABE3247E82}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | 
"{DA29D991-5875-4961-981D-63DD31E1206C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe | 
"{DEBFBE4B-41B2-477F-8915-39A8FF85FEFE}" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\starcraft ii.exe | 
"{E50E555C-C987-4E23-826B-BF91E295DB79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe | 
"{EEAD49F9-E282-4B41-99FE-2A93DE646680}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe | 
"TCP Query User{066B1690-B295-4900-B1D6-148CAA0C9A61}C:\spiele\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\support\blizzarddownloader.exe | 
"TCP Query User{0C43C7E9-93AD-4E49-84F5-4AA4C4F24236}C:\spiele\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base16561\sc2.exe | 
"TCP Query User{114699DF-D798-4C02-8DCE-02C8F59A9383}C:\spiele\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\spiele\alaplaya\loco\system\loco.exe | 
"TCP Query User{13DF325B-4A41-4534-8F54-407CB168EC0F}C:\spiele\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\spiele\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{2542830A-77A4-4B7E-92E7-9DA6ED53608A}C:\spiele\bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\spiele\bad company 2\bfbc2game.exe | 
"TCP Query User{49821027-0B43-4FA3-B17A-7B5AA67263E4}C:\spiele\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base15405\sc2.exe | 
"TCP Query User{62733807-FA7F-460D-8DEA-7F97DA315F8F}C:\spiele\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base15405\sc2.exe | 
"TCP Query User{67691470-D871-435B-9679-468BC4DF810E}C:\spiele\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\spiele\alaplaya\loco\system\loco.exe | 
"TCP Query User{782C7EA1-15BA-4A7B-A4A9-7DB4E42CDD19}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"TCP Query User{798E79E4-0F3E-4204-8BFE-B744AD357A1D}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
"TCP Query User{82CF1251-C716-4B1D-90C6-4FEF690C6800}C:\users\christoph\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=6 | dir=in | app=c:\users\christoph\downloads\fogdownloader-rom_3_0_1_2153.exe | 
"TCP Query User{88AC1397-7E8F-4647-9461-5399F60AB815}C:\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\spiele\world of warcraft\launcher.exe | 
"TCP Query User{B3B8A300-F2CC-4EA1-A1BF-C0E040E4668D}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"TCP Query User{B6C98652-E008-4C3E-9EE9-4E36760FFD84}C:\spiele\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base16605\sc2.exe | 
"TCP Query User{B6E9F098-9EAB-4439-8C46-D4D50834425E}C:\spiele\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\starcraft ii.exe | 
"TCP Query User{C387EAA6-7B2A-4EE9-9005-B28C0D617823}C:\program files (x86)\steam\steamapps\gumpl\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\counter-strike source\hl2.exe | 
"TCP Query User{C56A2E62-85A5-49F0-9B99-2F4EEF5CD485}C:\program files (x86)\steam\steamapps\gumpl\synergy\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\synergy\hl2.exe | 
"TCP Query User{C6A600AD-7C89-412E-8620-95A6FBE74C0E}C:\spiele\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\spiele\runes of magic\client.exe | 
"TCP Query User{D59DE735-3526-4661-8412-BFE69485AF5F}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe | 
"TCP Query User{D724FBD1-CD3F-4F72-BF29-2AC069AE7C65}C:\spiele\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\support\blizzarddownloader.exe | 
"TCP Query User{E834B44F-43F4-4BB3-85A1-F8C87C8358BC}C:\spiele\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\spiele\runes of magic\client.exe | 
"TCP Query User{F5BE9FC1-EA35-476E-9715-C474BA2F8EFE}C:\spiele\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\spiele\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | 
"UDP Query User{0AA4E8F4-CF10-4464-B616-074C17554754}C:\spiele\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\support\blizzarddownloader.exe | 
"UDP Query User{122392BB-DF1A-4DBC-8D1D-370238526CBC}C:\spiele\bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\spiele\bad company 2\bfbc2game.exe | 
"UDP Query User{1443F0F1-88F7-4B3E-A239-3634F882D4A4}C:\spiele\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\spiele\alaplaya\loco\system\loco.exe | 
"UDP Query User{1D28B62B-714C-4C57-B0A5-DF5E6E5BCC71}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"UDP Query User{2615DB13-C340-4644-B053-67F6D0B9D2AF}C:\program files (x86)\steam\steamapps\gumpl\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\counter-strike source\hl2.exe | 
"UDP Query User{2C1B9A1B-E299-42D5-A5B7-3C4CE80ED29D}C:\spiele\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\spiele\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | 
"UDP Query User{2FE31C1A-9BE2-4C74-84F6-705D12D3E99C}C:\spiele\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\spiele\runes of magic\client.exe | 
"UDP Query User{352D5352-93A5-42DD-98EF-3834853CBD24}C:\users\christoph\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=17 | dir=in | app=c:\users\christoph\downloads\fogdownloader-rom_3_0_1_2153.exe | 
"UDP Query User{39FD8068-E7E1-476C-812D-489C6216FF45}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe | 
"UDP Query User{53048FB9-A795-4111-AB23-EA50AA8990C1}C:\spiele\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\spiele\alaplaya\loco\system\loco.exe | 
"UDP Query User{5AE51C92-DD79-4C25-8E85-2D4C0A5EB8DB}C:\program files (x86)\steam\steamapps\gumpl\synergy\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gumpl\synergy\hl2.exe | 
"UDP Query User{79752A59-D0A8-43C7-A3BA-5F44222A72AD}C:\spiele\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\spiele\runes of magic\client.exe | 
"UDP Query User{95A5B6CA-5569-4275-8D7F-BB98419F42BB}C:\spiele\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\support\blizzarddownloader.exe | 
"UDP Query User{9F134A3B-3ED4-4D15-8121-B8EBDEBFC2C2}C:\spiele\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base15405\sc2.exe | 
"UDP Query User{AF028524-CE35-4CB3-A84D-EB4188731780}C:\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\spiele\world of warcraft\launcher.exe | 
"UDP Query User{C2FC5578-6A6E-4A89-9467-188CCF1D1BED}C:\spiele\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\spiele\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{C61C4A04-6096-42C8-B2A4-04D9E61052E7}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"UDP Query User{CBB7460A-65D1-45A0-AAD7-815E377371D9}C:\spiele\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\starcraft ii.exe | 
"UDP Query User{DAB1EB58-7B5A-4019-B8DB-7A378135F042}C:\spiele\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base15405\sc2.exe | 
"UDP Query User{DD0C6AD5-925F-4C88-A53B-24E82A8FC52E}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
"UDP Query User{F441E58A-3B0D-4E94-A4C0-4FF8F993FB49}C:\spiele\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base16561\sc2.exe | 
"UDP Query User{F4CAE8EA-1EA2-4A9B-9264-632BF3D6795B}C:\spiele\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base16605\sc2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{6DA2E7DC-BC1E-4595-83A9-99BAD907AA1C}" = AVG 2011
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A019FB54-F9D4-42BE-937D-5A4B9A36428D}" = AVG 2011
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}" = Paint.NET v3.5.5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0BADEE36424C9945238CD1CBDECB6800485FD933" = Windows-Treiberpaket - Linux Developer Community Net  (02/02/2010 5.1.2600.2781)
"5F3015F0AD4F9F61F4D01EAE1AF322C1A901C27C" = Windows-Treiberpaket - ACER Incorporated (qcusbser) Ports  (10/12/2009 2.0.6.6)
"A61AC676A7F61C423134B0621CBA2D4134507A2D" = Windows-Treiberpaket - ACER, Inc (androidusb) USB  (10/12/2009 1.0.0010.00000)
"AVG" = AVG 2011
"BF39BAA13199B9BFDFC03B6C26851E9F3246C6A2" = Windows-Treiberpaket - ACER Incorporated (qcusbser) Modem  (10/12/2009 2.0.6.6)
"Defraggler" = Defraggler
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2BEB102E-F9CD-4881-984B-E288F66FD394}" = Quake Live Mozilla Plugin
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4767A89A-F6A5-41B1-903C-734483739882}" = Highspeed-Internet-Installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5AC1CB24-8B13-48F9-BDBE-EAA0D2C5253A}" = Aion
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7FB3C4-E71B-478D-9E15-5AE97EAD67B8}" = aonFTP
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{904B64C4-49D8-4941-A2B6-D13D06C5CD8B}" = Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aonFTP" = aonFTP
"aonUpdate" = aonUpdate
"CCleaner" = CCleaner
"Controller" = Controller
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch
"Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.02.100
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Highspeed-Internet-Installation" = Highspeed-Internet-Installation
"League of Legends_is1" = League of Legends
"LOCO" = LOCO EU
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Neffy" = Neffy 1,3,29,0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"StarCraft II" = StarCraft II
"Steam App 17520" = Synergy
"Steam App 240" = Counter-Strike: Source
"Steam App 4000" = Garry's Mod
"Steam App 42120" = Lead and Gold - Gangs of the Wild West
"Steam App 48700" = Mount and Blade: Warband
"Steam App 49900" = Plain Sight
"Steam App 550" = Left 4 Dead 2
"Steam App 630" = Alien Swarm
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OnlineFestplatte" = aon Online Festplatte (entfernen)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.09.2010 07:16:31 | Computer Name = Christoph-PC | Source = Bonjour Service | ID = 100
Description = 472: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 28.09.2010 10:37:38 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 28.09.2010 11:36:12 | Computer Name = Christoph-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 28.09.2010 12:23:41 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 29.09.2010 07:19:10 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 30.09.2010 07:40:50 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 01.10.2010 06:55:53 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 01.10.2010 07:13:10 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 01.10.2010 08:59:00 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
Error - 02.10.2010 03:15:53 | Computer Name = Christoph-PC | Source = LoadPerf | ID = 3001
Description = 
 
[ System Events ]
Error - 31.08.2010 14:08:00 | Computer Name = Christoph-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 31.08.2010 um 20:05:10 unerwartet heruntergefahren.
 
Error - 05.09.2010 08:45:52 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 05.09.2010 08:45:52 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.09.2010 17:37:48 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 07.09.2010 17:37:48 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 13.09.2010 06:52:11 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 18.09.2010 03:11:38 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 23.09.2010 10:40:53 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 24.09.2010 10:44:10 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 24.09.2010 10:44:10 | Computer Name = Christoph-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
--- --- ---

wäre toll wenn ihr mir helfen könntet

Alt 06.10.2010, 10:58   #2
Chris4You
 
Internet langsam - Standard

Internet langsam


Hi,

Fix für OTL (sieht nach einem Wurm aus IPINIP.SYS, Prevx, dort findest Du auch die anderen zwei die zwar laufen, deren Files aber nicht aufzufinden sind!):
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATIEDE.EXE File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

MAM updaten und Fullscan, zusätzlich noch:
http://www.trojaner-board.de/59299-a...eb-cureit.html
Nach Beendigung des Scans findes Du das Log unter %USERPROFILE%\DoctorWeb\CureIt.log.
Bevor du irgendwelche Aktionen unternimmst, kopiere bitte den Inhalt des Logs und poste ihn.
Die Log Datei ist sehr groß, ca. über 5MB Text. Benutzt einfach die Suche nach "infiziert" und kopiert betreffende Teile heraus, bevor Du sie postet.

chris
__________________

__________________
Alt 06.10.2010, 16:14   #3
gumplchen
 
Internet langsam - Standard

Internet langsam


All processes killed
========== OTL ==========
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\SysNative\DRIVERS\ipinip.sys File not found not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON SX100 Series deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Christoph
->Temp folder emptied: 78041551 bytes
->Temporary Internet Files folder emptied: 9090628 bytes
->Java cache emptied: 194866 bytes
->FireFox cache emptied: 95829078 bytes
->Flash cache emptied: 62657 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21292424 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 195,00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 10062010_161537

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...




Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4754

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

06.10.2010 17:21:30
mbam-log-2010-10-06 (17-21-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 306206
Laufzeit: 1 Stunde(n), 0 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)





rest folgt

danke für die hilfe
__________________
Geändert von gumplchen (06.10.2010 um 16:22 Uhr)

Antwort

Themen zu Internet langsam
7-zip, adblock, adobe, avg, bho, bonjour, c:\windows\system32\rundll32.exe, components, converter, counter-strike source, explorer, firefox, frage, hijack, hijackthis, home premium, install.exe, internet, internet explorer, internet langsam, internet sehr langsam, intranet, langsam, league of legends, location, mbamservice.exe, mozilla, mp3, need for speed, neustart, nvidia, oldtimer, otl.exe, plug-in, programdata, saver, sehr langsam, seiten, shell32.dll, shortcut, skype.exe, software, studio, syswow64, temp, trojaner, usbaapl64, vista, visual studio, windows


« Spyware/Maleware/Viren auf dem rechner = gefährlich???? | Security Tool eingenistet - Auswertung Combo-Fix Log-Datei »


Ähnliche Themen: Internet langsam


  1. Internet Langsam !
    Plagegeister aller Art und deren Bekämpfung - 07.05.2015 (5)
  2. PC langsam. Internet langsam. Beim Start öffnen sich unseriöse Sachen.
    Plagegeister aller Art und deren Bekämpfung - 26.12.2014 (7)
  3. VLC.de - Internet langsam
    Log-Analyse und Auswertung - 17.08.2014 (18)
  4. Windows 7 Internet Explorer langsam Internet Explorer reagiert lahm oder gar nicht
    Log-Analyse und Auswertung - 28.05.2014 (15)
  5. PC langsam, Internet manchmal langsam, Trojaner?
    Log-Analyse und Auswertung - 03.04.2014 (1)
  6. Rechner langsam, Internet langsam, neue Programme , mit Log Files
    Log-Analyse und Auswertung - 08.05.2013 (4)
  7. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  8. Internet Langsam
    Plagegeister aller Art und deren Bekämpfung - 08.11.2012 (19)
  9. Internet Explorer 2 x im Taskmanager und Internet-Explorer + System furchtbar langsam
    Log-Analyse und Auswertung - 24.09.2010 (7)
  10. Internet zu langsam etc
    Log-Analyse und Auswertung - 09.09.2010 (24)
  11. Internet langsam und zu reagiert das Internet und Outlook nicht mehr
    Log-Analyse und Auswertung - 27.08.2009 (37)
  12. internet seitenaufbau total langsam,internet aktivität zu hoch.
    Plagegeister aller Art und deren Bekämpfung - 03.12.2008 (0)
  13. CD Laufwerk geht auf und zu| Rechner langsam | Internet langsam
    Log-Analyse und Auswertung - 01.06.2007 (1)
  14. pc so langsam . internet aufbau langsam pc ständig am arbeiten
    Log-Analyse und Auswertung - 04.05.2007 (9)
  15. internet langsam
    Log-Analyse und Auswertung - 23.01.2007 (6)
  16. Internet so langsam!
    Mülltonne - 24.11.2006 (0)
  17. Langsam im Internet
    Plagegeister aller Art und deren Bekämpfung - 20.03.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Internet langsam - Hi Trojaner Board Vor einigen Wochen war ich schonmal hier, weil mein Internet sehr langsam war. Durch einen Neustart meines Routers war aller wieder i.O. Jedoch funktioniert das jetzt nicht - Internet langsam...
Archiv
Du betrachtest: Internet langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129