Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.12.2010, 13:40   #1
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Hallo liebe Community,

ich habe einen permanenten ca. sekündlichen Festplattenzugriff zu beklagen bei meinem Windows Vista 32bit Betriebssystem.

Google spuckte das Problem öfter aus, aber das Deaktivieren aller möglichen Dienste (Wsearch; Fetch***) hat mir nicht geholfen.

Das Ganze stört so extrem, da ich keine online games spielen kann.
Ich habe ständige Ping Peaks. Normal ist er bei ca 25 aber durch den Festplattenzugriff (??) springt der Pings im 2-5 sek Takt auf 200.
Das Ganze ist mittlerweise in 3 verschiedenen WLAN Areas aufgetreten, am Inet oder Anbieter kann es somit nicht liegen.

Virenscan hat nichts ergeben.

Der Process Explorer von Microsoft zeigte mir vieles an, aber nichts womit ich was anfangen kann.
Daher nun meine Anfrage hier.

Habe ein HijackThis logfile im anhang,
zudem Malwarebytes prog im quickscan durchgeführt und diese

Logfiles davon im Anhang.

Danke für jede Hilfe schonmal.

€: Habe nun gesehen, dass ein Vollscan mehr helfen könnte und dann noch OTL durchgeführt.
Hier die Logs:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.12.2010 14:42:04 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\SouLy\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,65 Gb Total Space | 10,08 Gb Free Space | 4,55% Space Free | Partition Type: NTFS
Drive Q: | 9,77 Gb Total Space | 3,57 Gb Free Space | 36,56% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,68 Gb Free Space | 46,12% Space Free | Partition Type: NTFS
 
Computer Name: SOULYSORC | User Name: SouLy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1795EC50-1131-4117-BB09-1DB5B225E03F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{18E9638A-C85C-4F2A-950E-99A2091E3C1E}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{19C57FD0-4D1E-4993-98A2-9EDB03EC4F84}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1B9A1D6C-CFC4-48DA-BBDA-5CD334BA012C}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{1C82BC39-3F48-4574-946B-6D756D8E0298}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{1FB71AD9-DCAC-4650-84B5-F2198E342657}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{23F222DB-4C7E-47C6-A381-BA44589C3CB5}" = lport=445 | protocol=6 | dir=in | app=system | 
"{46F71168-D302-4DBF-97BC-69F8C550BF44}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{48590428-0518-42B1-ABB2-84B7E7628F6E}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{4FFA39B2-2697-45D3-A4C9-5F4FF1835FB9}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{53594ED3-1370-460E-878F-223CA6AD13CD}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{5DCC5BD7-30AC-4F63-8882-DAFCF11AC4BB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5E82EA57-7B11-4399-90B9-22C843E21586}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{618F6B2B-8F5C-46EA-AACA-2F77662C62B3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{666ED141-583F-45CD-8BCD-93952A0DE338}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{6F121B8B-0664-436A-A7FA-F175E23FAF39}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{7779E118-117C-4B18-AD34-7BF910E7C7F1}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{7902AED2-C5C0-403D-BB37-289CC5641FED}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{8892EE33-6516-4226-AA9E-481FBF9E237D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{8AD00333-6B76-4B99-8F1A-9A97E6A48C52}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{950DD133-D719-4AFC-8B59-281310F5FE25}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9747FC55-CEB2-4A14-94A0-06ED23024415}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9B9E2929-19AF-4DA6-B8C4-80D32BD0D5FB}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{9FDD4E8D-656B-4F3C-8386-FF1790BA998D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9FE8DF80-CA8B-4F03-B79E-BA0C1A6CB3BD}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A32024BC-10CA-43D8-A289-BC9097303002}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A5EE91CF-8E43-4AC3-844B-F690039C96E4}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{A6F30A94-CB9B-4248-89B9-319343197FBC}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A9682A0A-2368-48B7-9B1E-56D8407F11CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{ADF246D3-F8CC-48AD-A6FF-8064D3E9C302}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AF45F15F-9E3D-4C58-91E3-517C8253747E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{AFD8C588-8140-4546-9F24-E774DB0FF06B}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{B46FF2EC-3332-43B3-B13C-E7585361A04F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C103A4C1-031F-4E44-A5B7-9CF2190C1797}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{C256CCCE-1D61-4B42-A5F0-4F0376C719C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{C776D29D-92DC-4912-8665-9347DCFD6433}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C8E182AF-EBB3-4128-9BCD-88B5C8E9931A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{C907EDC7-97EC-4FE2-A17A-ACB75E22E7FD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CB93EAB6-72A9-4996-8165-0D3930E2AD3D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CBB180E2-ED8A-4056-9EC9-7878B6ED6CAB}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{CF96F711-C855-4133-8569-F79AEAD7FBE1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D4D6E020-3E06-4317-A3CC-4DC8100CBD2A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D5C6E132-0ABD-4C19-8DF5-0C04DEA837BB}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{D742F3C6-B8F5-42AF-89D8-EE07B2CAAF0D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D7D47A32-BDCF-4B92-8F2A-4F15DEBFA44E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D8AFF09A-BF52-4449-9EB4-6B9A88CB4E01}" = lport=138 | protocol=17 | dir=in | app=system | 
"{DA12B497-D463-4D83-9C14-4572D1479095}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DAB3CEE0-9AD5-4608-9567-D3AC344A2F23}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E3C27FC1-B2B8-472E-84C9-9E68AE29226B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{EE9819C2-8639-48FF-BB3D-26E0A0338703}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{EECA66C5-72F6-4A37-BC4D-18506ADBFCA6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F71A1772-FE9E-4898-A9AF-7DE3EF0DCCA7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F995987C-A610-4949-BD35-C6782004F8DD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FEB11F75-D542-469C-B422-FFBA28DCD499}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002C70A5-0784-4295-90B9-2F9F01A5FC19}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{01F0935F-5D23-40BE-9112-69145CE4DF66}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{0BDD2EEE-E7A5-43F6-9172-FCB5147668E3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{0F8789D6-348D-4EC3-A953-31406B371442}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{141E20EB-DF69-4CA0-A50F-A9CE9BFCCC78}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\soulslasha@gmx.de\counter-strike\hl.exe | 
"{14EB9C89-C7D5-4909-A6B3-62081E84AE94}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{15447309-A05A-4409-BFE2-AA38E941A5A4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{184EA800-06A7-4E84-A2E1-80F0F0FEF8AB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{23CD577C-5B1B-4ED4-A3F3-92EA34F77E01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{266E6DD2-B726-4F86-A9E9-2ECC894E5D49}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{29287775-3AAE-42F5-ACCF-EEDDDD9CAC6D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{2B6B82E2-33C2-46F0-8011-1AA8B5D0E18D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3002E910-617A-41D2-BCD4-02DE3DB6937E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{32A9B0C0-3328-4EF2-99F5-45725AF79396}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{35D30050-750E-4965-89F1-BD25F7D7E8EB}" = protocol=17 | dir=in | app=c:\program files\rapidsolution\tunebite\tunebitehelper.exe | 
"{366CC22E-4C59-4A16-B133-350A8D76B838}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{37A7DF64-36A3-4D8C-AD12-425BD33F50A9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{37F9A80E-AB14-4FB6-80BB-83042FB330D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3E406A99-38A7-4DD1-82F4-31D2ABA3E16F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{484ED170-FA3A-4297-AB43-21EB6A932152}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{4F19E599-7EDF-4693-9E59-3B38EF41D04C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{50609DF7-A855-4AEF-BB94-6946A62D194B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{5836142F-A31A-4DB8-9E77-8242EA0253FF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5ADCA79D-A19C-4214-86F4-630D56E950A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{69E03895-847B-4CBA-AD44-ADC38928F45D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{6AF16503-2C43-4E72-871B-2B97E9A9F4ED}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7E7F0DA6-E922-4B5E-AA59-2EB34D93FE98}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{801DD450-3B48-4427-A631-3D26075C6F7D}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{82C3ED57-F017-448D-97E1-E5F09F95361A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{859CF748-4058-4C8D-8863-58171D5BFABE}" = protocol=17 | dir=in | app=c:\program files\rapidsolution\tunebite\tunebitehelper.exe | 
"{862C63FA-9F96-4C9C-B6A3-D6EF307D4C04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8B268B36-89C9-48DD-B39A-0117431B6ECF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{8FBCA2D0-640A-470E-9310-BBF9BE183020}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{92D58357-BF43-49C2-A176-2F17B1432634}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{97B239B6-EE97-4098-93D9-54711711E023}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{98DFD67D-6E16-4554-B18E-6872B5830CA5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{9A8F83F3-AFAC-499C-A9C5-120826A86823}" = protocol=6 | dir=out | app=system | 
"{A4FA6836-92B7-4C59-8148-77AE4EA1AC9F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A5DDFDAD-807D-4277-8AD4-145F60F17651}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{AA63BF07-5669-4285-8090-B3A036A89BF8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{AECD6FD9-8CB1-4FED-A24B-206B803EBE2A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{AFEF601E-7CD0-47EE-8B81-0A9040FC6CD5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B1DFC0DE-9C98-42BA-8538-367010BBE5CA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B5F23A77-E202-41EF-AE02-CB5849DDD47B}" = protocol=6 | dir=in | app=c:\program files\rapidsolution\tunebite\tunebitehelper.exe | 
"{B668FE29-B602-434C-B041-88AC3298BBDE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B66A2CE9-A4C2-46A4-B1A3-C8D1FE0FB803}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B8AFBC9C-D294-45BA-AF6E-7DD742F93407}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{B91D1BE4-C5EC-4230-AA2A-B62A96C2FF71}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B99E26D6-396A-4D44-9234-DA91C18E087C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{BA2FA64E-7D00-4EF8-AF28-43DCAAE9541B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{BC8FD9B5-2553-4322-B1E6-97044C7C4E92}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{BCA6E49A-CCE4-497E-80F7-6B35EC836831}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{C177D883-E560-4568-9A49-B6BA92F6109D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\soulslasha@gmx.de\counter-strike\hl.exe | 
"{C65B51B0-EF0B-43AD-A3C6-C813137F7C9E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CB5578BB-F950-4D36-AADF-EB5005925490}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{CC7E319A-2B6E-4EBF-8871-9CD47DD864E8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CCE0BAA8-AA50-4B08-BBCC-4AFDF1BD5C59}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D1F823B6-BA90-40B7-9562-9EF78943292F}" = protocol=6 | dir=in | app=c:\program files\rapidsolution\tunebite\tunebitehelper.exe | 
"{DCE6F26F-A682-494E-BB08-266518DA443F}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{DEB56DCE-E744-4E4E-B335-AFCF9E243656}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{DED960DE-CDFF-4166-835A-C43AA81606D4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{EAC499B9-5CB8-439D-A58F-EC6006656ED3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{EE46F230-6ECF-4105-B8D8-79461DAE42D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F10C946A-C743-4677-B22B-035718DB5C29}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F3BD1010-363D-4B0A-90FB-3CDAFB07CDD8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FF374705-BEF7-4400-8EE3-B7A6F6058818}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"TCP Query User{0A298B9E-5F7D-47DA-8C4A-C72E40E87E10}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | 
"TCP Query User{11C93C16-B62D-49D9-BD9E-258088EDA425}C:\program files\flat out\flatout2.exe" = protocol=6 | dir=in | app=c:\program files\flat out\flatout2.exe | 
"TCP Query User{177F7D68-47C4-4778-A296-A17598A7BA8F}C:\ut\system\ut2003.exe" = protocol=6 | dir=in | app=c:\ut\system\ut2003.exe | 
"TCP Query User{23FF17B2-BCCD-4DF0-B7A0-988BCC63EFDC}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{2C3BFB17-67F6-40C2-B9F8-E45C65DA3002}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"TCP Query User{2EEE7853-A318-420A-AC6D-527AC7D1843E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{2EEE9451-DB73-497A-B901-AB4829C61982}C:\sierra\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\sierra\counter-strike\cstrike.exe | 
"TCP Query User{2FC8B355-5F56-4D6E-A2BF-A0D4E0731CCA}C:\program files\jeyo\jmc_windowsmobile\jmc_wm.exe" = protocol=6 | dir=in | app=c:\program files\jeyo\jmc_windowsmobile\jmc_wm.exe | 
"TCP Query User{3D0B945E-9563-4897-91E7-B5A60908A0EC}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe | 
"TCP Query User{45A6A42E-4025-40DD-ABEE-62525790A370}C:\program files\steam\steamapps\soulslasha@gmx.de\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\soulslasha@gmx.de\counter-strike\hl.exe | 
"TCP Query User{4725E7D3-262F-42EA-B26D-32C273B093E0}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{4DE8CADE-AE71-413F-BB0C-691160CD1218}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"TCP Query User{53473742-2E27-462D-8F81-25C5CFC5D00A}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"TCP Query User{56C42D75-D24B-4155-99B9-16068C816483}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{5823C092-1428-41F6-A7AD-B46F2B75E1F8}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{78E87C5F-AC79-4ECF-A7F2-87037638B4ED}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe | 
"TCP Query User{7AC3E2F4-1637-4787-81E2-DBD7A68F04DD}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{96B3666A-7B54-4F89-8741-CFB5CDEBEF8C}C:\program files\the ship\the ship\ship.exe" = protocol=6 | dir=in | app=c:\program files\the ship\the ship\ship.exe | 
"TCP Query User{A603B789-E708-4D3E-A58F-A7563E781A66}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | 
"TCP Query User{AE1CDFD8-6D0B-477A-BD0F-2438937E03ED}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"TCP Query User{B2EEE755-F51C-416C-9390-9286C40FE880}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{C0C03308-62E5-4B23-906F-B28D8032DF02}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{D6754C92-A213-4FEF-BC81-BD4657AF4208}C:\program files\cs 1.6 (patch)\hl.exe" = protocol=6 | dir=in | app=c:\program files\cs 1.6 (patch)\hl.exe | 
"TCP Query User{DC533369-35FA-4326-9DE6-1434FB441970}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{03E3FAE6-2EDD-4645-9A0A-EB9066899DED}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{1FC890D8-AE43-44AD-926C-29F05BC6DFD3}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | 
"UDP Query User{38E25209-25E2-451B-8895-F0EEAF8D42C1}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{39BB9E9E-4DF4-4E86-BF76-3A3EEBF4F529}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{414F18A3-299B-4112-AEE0-3A3794A4D2B5}C:\program files\the ship\the ship\ship.exe" = protocol=17 | dir=in | app=c:\program files\the ship\the ship\ship.exe | 
"UDP Query User{436A2801-8076-4A2C-98F2-CD5FB8051EEB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{5498AE08-9AB9-4F7B-9C09-480851C48246}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{5AE6E9CE-2B11-4496-933A-4E2427A649EA}C:\program files\jeyo\jmc_windowsmobile\jmc_wm.exe" = protocol=17 | dir=in | app=c:\program files\jeyo\jmc_windowsmobile\jmc_wm.exe | 
"UDP Query User{5D1A3D02-E3B8-456B-BF15-DCC49C07D508}C:\program files\flat out\flatout2.exe" = protocol=17 | dir=in | app=c:\program files\flat out\flatout2.exe | 
"UDP Query User{612BCA1F-2613-4123-9FEC-F32D85645424}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | 
"UDP Query User{6C6C69DA-0813-4E31-9AB5-B0C8C4CD5719}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{7256CAE4-E813-4688-A5B0-F2DDE9E98C75}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"UDP Query User{7F6BF3BA-03C2-48F0-9210-4CCD9372AEA7}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{92784CC8-1882-4049-B57E-4F286A193AC4}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe | 
"UDP Query User{97372139-E8C2-4A7E-B685-C1B98432FD16}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"UDP Query User{A39237CD-0174-4A0E-AB3E-03820B5253EF}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe | 
"UDP Query User{B33BDE52-FDA5-4944-A015-FB41B0524FDB}C:\program files\cs 1.6 (patch)\hl.exe" = protocol=17 | dir=in | app=c:\program files\cs 1.6 (patch)\hl.exe | 
"UDP Query User{B5F5F818-B26D-4600-88AC-0DB919E76073}C:\ut\system\ut2003.exe" = protocol=17 | dir=in | app=c:\ut\system\ut2003.exe | 
"UDP Query User{BBD7A580-613F-4DC0-8B3B-25F6EA7503A3}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{C0183796-C45C-465B-A547-9A00D5395DFE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{C6BF03EA-AE19-4970-A6E2-94701CB866E8}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{D54D68AF-9FBE-4BA0-9CD5-C5602B3B3E3C}C:\sierra\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\sierra\counter-strike\cstrike.exe | 
"UDP Query User{E6768AC9-8635-4C76-A7EE-F1F13C8DFA1B}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"UDP Query User{EDB1C76F-5388-4280-B538-1535D2ECA407}C:\program files\steam\steamapps\soulslasha@gmx.de\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\soulslasha@gmx.de\counter-strike\hl.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.4700
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055B9AD2-48E1-462E-9992-814123063C46}" = Lenovo_ATK_Package
"{061A431C-86E7-4DB4-92B8-36DE783865CF}" = Integrated Camera
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}" = Corel Snapfire
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{11bfac10-b260-45a1-8453-ae662b66f71a}" = Nero 9 Trial
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{1439F7FF-6389-4593-8227-76E7BE4730C9}" = MXAir Tutorial
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{1A3696A0-31B9-4D2F-A5B6-FF6DD56BDE9D}_is1" = MyMenu 1.3
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22ED657C-942A-4B73-A3A3-595740CE44B1}" = Tunebite
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2FAAD1C5-2D9D-4EDB-BCD1-FF6573986439}" = Mobile Broadband Connect
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F963A06-7C18-4039-9789-9644B3266AE7}" = Verizon Wireless BroadbandAccess Self Activation
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{44E9D4C2-946C-4378-9354-558803C47A68}" = Client Security - Password Manager
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{4AB5764A-3894-49A2-BAA8-C4665F74CD4C}" = Registry patch to improve USB device detection on resume from sleep for Windows Vista
"{4BD295B9-0190-4C54-B08E-33A6ECA922DF}" = ThinkVantage Access Connections
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}" = Cisco Systems VPN Client 5.0.04.0300
"{54971F17-9D16-4D43-95D6-3A86E3D20EDB}" = Office-Bibliothek 4.0
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{588DF486-DF7A-11D5-82B4-000374890932}" = Turnierplaner
"{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}" = Adobe Flash Player 9 ActiveX
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A1084A3-79B7-480C-9275-D8AA0CCEFA52}" = RUBICon
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Ergänzung zu Lenovo Care
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{668ACF05-E455-4932-A2D2-5822A8206FEB}" = Camera Center
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" = 
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7E4C16B8-8F76-4940-8505-98E93C00BF19}" = Rescue and Recovery
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90FABD40-E741-446F-839D-CEAE905D63BE}" = ThinkPad Mobility Center Customization
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CECB23C-F4BC-4FDA-A306-E544A216176A}" = ThinkVantage Status Gadget
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9F98C9F8-9B49-411C-AFB9-AF633249FA7C}" = ThinkVantage Fingerprint Software 5.8
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Intel(R) PROSet/Wireless WiFi-Software
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FA62B4C2-6CFD-462F-9B59-68A730001AB3}" = Product Recovery Disc Burning Utility
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"1&1 Upload-Manager" = 1&1 Upload-Manager
"414DA9DB2E84AAFAD2D2715FD9BABFAB2D209FFD" = Windows Driver Package - Lenovo 1.44 (05/14/2008 1.44)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Counter-Strike: Source v17" = Counter-Strike: Source v17
"Dartuoso" = Dartuoso
"Dipmon" = Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EPSON Scanner" = EPSON Scan
"FPIRPOn" = Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista 
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Google Chrome" = Google Chrome
"Half-Life: Counter-Strike" = Half-Life: Counter-Strike
"HLSW_is1" = HLSW v1.3.0
"Lenovo Registration" = Lenovo Registration
"Lenovo Welcome_is1" = Lenovo Welcome v1.0.24.3
"LENOVO.SMIIF" = Lenovo System Interface Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OnScreenDisplay" = Anzeige am Bildschirm
"Power Management Driver" = ThinkPad Power Management Driver for SL Series
"ProInst" = Intel PROSet Wireless
"SopCast" = SopCast 3.0.3
"Starcraft" = Starcraft
"Steam" = Steam
"Steam App 130" = Half-Life: Blue Shift
"Steam App 30" = Day of Defeat
"Steam App 40" = Deathmatch Classic
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"SystemRequirementsLab" = System Requirements Lab
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TomTom HOME" = TomTom HOME
"Uninstall_is1" = Uninstall 1.0.0.1
"USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement
"VLC media player" = VLC media player 1.0.5
"Windows Mobile Device Handbook" = Windows Mobile®-Gerätehandbuch
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E97552A-D0D2-47E3-B4A0-82E5A57A4198}_is1" = Bild Albelli Fotoservice
"ff3052b039fbeb03" = DigitalPrintLab3
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---


und OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.12.2010 14:42:04 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\SouLy\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,65 Gb Total Space | 10,08 Gb Free Space | 4,55% Space Free | Partition Type: NTFS
Drive Q: | 9,77 Gb Total Space | 3,57 Gb Free Space | 36,56% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,68 Gb Free Space | 46,12% Space Free | Partition Type: NTFS
 
Computer Name: SOULYSORC | User Name: SouLy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\SouLy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
PRC - c:\Programme\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe (Lenovo)
PRC - C:\Programme\HLSW\hlsw.exe (Stripf Software)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\ThinkVantage Fingerprint Software\upeksvr.exe (UPEK Inc.)
PRC - C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe (Lenovo)
PRC - c:\Programme\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - c:\Programme\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Windows\System32\TPHDEXLG.exe (Lenovo.)
PRC - C:\Windows\System32\ibmpmsvc.exe (Lenovo)
PRC - C:\Programme\Lenovo\ATK Hotkey\LFKA.exe (Lenovo)
PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\ATK Hotkey\LControl.exe (ATK0101)
PRC - C:\Programme\Lenovo\ATK Hotkey\LFKAS.exe ()
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\ATK Hotkey\GFNEXSrv.exe ()
PRC - C:\Programme\Lenovo\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\SouLy\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (SessionLauncher) -- C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe File not found
SRV - (RoxLiveShare10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe File not found
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (SUService) -- C:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo)
SRV - (TVT_UpdateMonitor) -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe (Lenovo Group Limited)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (TSSCoreService) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (Lenovo)
SRV - (ThinkVantage Registry Monitor Service) -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (TVT Backup Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (TVT Scheduler) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (TPHDEXLGSVC) -- C:\Windows\System32\TPHDEXLG.exe (Lenovo.)
SRV - (IBMPMSVC) -- C:\Windows\System32\ibmpmsvc.exe (Lenovo)
SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV - (LFKAS) -- C:\Programme\Lenovo\ATK Hotkey\LFKAS.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Programme\Lenovo\ATK Hotkey\GFNEXSrv.exe ()
SRV - (ASLDRService) -- C:\Programme\Lenovo\ATK Hotkey\ASLDRSrv.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (btwl2cap) -- C:\Windows\System32\DRIVERS\btwl2cap.sys File not found
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (SCR3XX2K) -- C:\Windows\System32\drivers\SCR3XX2K.sys (SCM Microsystems Inc.)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (tvtfilter) -- C:\Windows\System32\drivers\tvtfilter.sys (Lenovo)
DRV - (TPPWRIF) -- C:\Windows\System32\drivers\TPPWR32V.SYS ()
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (psadd) -- C:\Windows\System32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (DCamUSBGene) -- C:\Windows\System32\drivers\USBSTK.sys ()
DRV - (ui11rdr) -- C:\Windows\System32\drivers\ui11rdr.SYS (1&1 Internet AG)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (tvtumon) -- C:\Windows\System32\drivers\tvtumon.sys (Lenovo)
DRV - (Shockprf) -- C:\Windows\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\Windows\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (IBMPMDRV) -- C:\Windows\System32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Programme\Lenovo\ATK Hotkey\ASMMAP.sys ()
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\A0101V32.sys (ATK0100)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.11 19:02:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 19:04:50 | 000,000,000 | ---D | M]
 
[2008.10.19 11:38:20 | 000,000,000 | ---D | M] -- C:\Users\SouLy\AppData\Roaming\mozilla\Extensions
[2008.10.19 11:38:20 | 000,000,000 | ---D | M] -- C:\Users\SouLy\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.12.12 14:19:04 | 000,000,000 | ---D | M] -- C:\Users\SouLy\AppData\Roaming\mozilla\Firefox\Profiles\48wf5y93.default\extensions
[2010.05.14 18:46:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\SouLy\AppData\Roaming\mozilla\Firefox\Profiles\48wf5y93.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.05 19:33:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\SouLy\AppData\Roaming\mozilla\Firefox\Profiles\48wf5y93.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.02 18:37:36 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2008.12.19 00:30:20 | 000,106,128 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npstrlnk.dll
[2010.10.11 12:56:24 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.11 12:56:24 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.11 12:56:24 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.11 12:56:24 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.11 12:56:24 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.50.140.246 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll -  File not found
O24 - Desktop WallPaper: C:\SWTOOLS\Wallpaper\BlackMap1680X1050.jpg
O24 - Desktop BackupWallPaper: C:\SWTOOLS\Wallpaper\BlackMap1680X1050.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.06.10 17:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008.06.02 23:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{42860065-9ef2-11df-96b2-bd5612f5f6f3}\Shell\AutoRun\command - "" = D:\Menu.exe -- File not found
O33 - MountPoints2\{876d02b3-e54f-11dd-bd98-001fe2e523b3}\Shell\Open\command - "" = D:\resycled\boot.com -- File not found
O33 - MountPoints2\{8a2f17d7-7592-11dd-8387-0022159a37cc}\Shell - "" = AutoRun
O33 - MountPoints2\{8a2f17d7-7592-11dd-8387-0022159a37cc}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.29 23:37:58 | 000,180,224 | -HS- | M] ()
O33 - MountPoints2\{9c3490e3-7543-11dd-b831-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9c3490e3-7543-11dd-b831-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 17:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{da065477-9dc6-11dd-ad75-001fe2e523b3}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.12 14:29:55 | 000,000,000 | ---D | C] -- C:\Users\SouLy\AppData\Roaming\Malwarebytes
[2010.12.12 14:29:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.12 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.12 14:29:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.12 14:29:48 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.12 13:12:27 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Essentials
[2010.12.11 19:22:09 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.12.11 19:06:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010.12.11 19:04:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2010.12.11 19:04:42 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2010.12.11 19:04:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2010.12.11 19:04:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2010.12.11 19:04:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2010.12.11 19:04:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2010.12.11 19:04:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2010.12.11 19:04:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2010.12.11 19:04:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2010.12.11 19:04:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2010.12.11 19:04:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2010.12.11 19:04:30 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2010.12.11 19:04:30 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2010.12.11 19:04:30 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2010.12.11 19:04:30 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2010.12.11 19:04:30 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2010.12.11 19:03:44 | 000,675,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2010.12.11 17:48:30 | 004,177,272 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\SouLy\Desktop\procexp.exe
[2010.12.11 15:23:23 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.12.11 15:21:22 | 000,000,000 | ---D | C] -- C:\Users\SouLy\AppData\Local\Sunbelt Software
[2010.12.11 15:17:50 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.12.11 15:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.12.11 15:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.12.11 15:09:07 | 000,000,000 | ---D | C] -- C:\Users\SouLy\AppData\Roaming\Uniblue
[2010.12.11 15:08:36 | 000,000,000 | ---D | C] -- C:\Users\SouLy\AppData\Local\PackageAware
[2010.12.11 15:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.12.10 15:16:15 | 000,000,000 | ---D | C] -- C:\Users\SouLy\Desktop\Gutscheine
[2010.11.28 19:01:45 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.11.28 19:01:44 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.11.26 15:40:04 | 000,000,000 | ---D | C] -- C:\Users\SouLy\AppData\Local\Unity
[2010.11.21 16:18:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Camera Device
[2010.11.21 11:06:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.11.21 11:06:37 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.11.17 19:58:43 | 000,000,000 | ---D | C] -- C:\Users\SouLy\AppData\Roaming\DivX
[2010.11.17 19:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.12 14:35:16 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{517A91EB-6947-4E13-B08D-60B0079DE088}.job
[2010.12.12 14:29:52 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.12 14:11:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.12 14:05:23 | 000,689,222 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.12 14:05:23 | 000,645,608 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.12 14:05:23 | 000,150,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.12 14:05:23 | 000,122,436 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.12 14:02:32 | 000,235,507 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.12.12 14:01:37 | 000,235,507 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.12.12 14:01:18 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.12 14:00:15 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.12 14:00:14 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.12 14:00:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.12 14:00:03 | 3220,492,288 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.12 13:12:28 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.12.11 19:22:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.12.11 19:22:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.12.11 19:19:45 | 000,380,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.11 19:16:04 | 000,000,256 | ---- | M] () -- C:\Windows\wininit.ini
[2010.12.11 18:34:43 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.12.11 18:15:42 | 000,000,194 | ---- | M] () -- C:\Users\Public\Documents\BluetoothLog.html
[2010.12.11 16:16:20 | 000,361,728 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\TuneUpDefragService.exe
[2010.12.11 15:23:23 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.12.10 17:18:04 | 000,000,680 | ---- | M] () -- C:\Users\SouLy\AppData\Local\d3d9caps.dat
[2010.12.10 17:16:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2010.12.09 22:12:50 | 000,154,624 | ---- | M] () -- C:\Users\SouLy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.09 18:10:38 | 000,053,521 | ---- | M] () -- C:\Users\SouLy\Documents\wirelesskeyview.zip
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.28 19:02:41 | 000,001,674 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.11.22 11:35:13 | 000,047,616 | ---- | M] () -- C:\Users\SouLy\Desktop\Wolters_20101117.doc
[2010.11.22 11:07:54 | 000,048,128 | ---- | M] () -- C:\Users\SouLy\Desktop\Jurgeleit_20101117.doc
[2010.11.22 10:59:04 | 004,177,272 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\SouLy\Desktop\procexp.exe
[2010.11.21 12:46:39 | 000,054,501 | ---- | M] () -- C:\Users\SouLy\Desktop\Fifa 11 - Spezialbewegungen.pdf
[2010.11.21 11:29:50 | 000,039,283 | ---- | M] () -- C:\Users\SouLy\Documents\Rechnung.August.Detlef.pdf
[2010.11.18 15:15:25 | 000,053,760 | ---- | M] () -- C:\Users\SouLy\Desktop\Erker_20101117.doc
 
========== Files Created - No Company Name ==========
 
[2010.12.12 14:29:52 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.12 14:00:03 | 3220,492,288 | -HS- | C] () -- C:\hiberfil.sys
[2010.12.12 13:12:28 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.12.11 19:22:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.12.11 19:22:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.12.11 19:22:13 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.12.11 19:04:32 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010.12.11 19:04:32 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010.12.11 19:04:32 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010.12.11 17:48:30 | 000,072,268 | ---- | C] () -- C:\Users\SouLy\Desktop\procexp.chm
[2010.12.10 17:16:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2010.12.09 18:10:35 | 000,053,521 | ---- | C] () -- C:\Users\SouLy\Documents\wirelesskeyview.zip
[2010.11.28 19:02:41 | 000,001,674 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.11.22 11:08:26 | 000,047,616 | ---- | C] () -- C:\Users\SouLy\Desktop\Wolters_20101117.doc
[2010.11.21 12:46:39 | 000,054,501 | ---- | C] () -- C:\Users\SouLy\Desktop\Fifa 11 - Spezialbewegungen.pdf
[2010.11.21 11:29:50 | 000,039,283 | ---- | C] () -- C:\Users\SouLy\Documents\Rechnung.August.Detlef.pdf
[2010.11.18 15:17:11 | 000,048,128 | ---- | C] () -- C:\Users\SouLy\Desktop\Jurgeleit_20101117.doc
[2010.11.18 14:45:09 | 000,053,760 | ---- | C] () -- C:\Users\SouLy\Desktop\Erker_20101117.doc
[2010.09.12 22:13:27 | 000,017,408 | ---- | C] () -- C:\Users\SouLy\AppData\Local\WebpageIcons.db
[2010.08.02 17:26:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.09.25 18:53:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.13 18:39:40 | 000,000,952 | ---- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009.04.25 23:54:41 | 000,000,760 | ---- | C] () -- C:\Users\SouLy\AppData\Roaming\setup_ldm.iss
[2009.04.02 15:42:41 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.01.11 09:45:12 | 000,000,680 | ---- | C] () -- C:\Users\SouLy\AppData\Local\d3d9caps.dat
[2008.11.20 14:30:05 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.11.20 14:20:10 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX3800G.ini
[2008.11.16 17:25:31 | 000,000,005 | ---- | C] () -- C:\ProgramData\DragToDiscUserNameE.txt
[2008.11.10 17:17:23 | 000,000,080 | ---- | C] () -- C:\Windows\sierra.ini
[2008.11.06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.10.28 21:54:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.10.15 18:08:14 | 000,154,624 | ---- | C] () -- C:\Users\SouLy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.29 12:58:26 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2008.08.28 22:25:27 | 000,012,080 | ---- | C] () -- C:\Windows\System32\drivers\TPPWR32V.SYS
[2008.08.28 22:25:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AABATT.dll
[2008.08.28 22:21:18 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.08.28 22:21:18 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.08.28 22:21:18 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.08.28 22:21:18 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.08.28 22:21:18 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.08.28 22:21:18 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.08.28 22:18:56 | 000,000,256 | ---- | C] () -- C:\Windows\wininit.ini
[2008.08.28 22:11:14 | 000,235,507 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.08.28 22:11:12 | 000,235,507 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.08.28 22:06:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.08.28 22:04:11 | 000,522,256 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK1.sys
[2008.08.28 22:04:11 | 000,299,920 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK0.sys
[2008.08.28 22:04:11 | 000,173,584 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK.sys
[2008.08.28 22:04:11 | 000,145,424 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK2.sys
[2008.08.28 22:04:11 | 000,025,616 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK3.sys
[2008.06.09 22:30:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2007.12.03 10:46:16 | 000,000,000 | ---- | C] () -- C:\ProgramData\f7129022-a000-4847-db07-470265a73c4f
[2007.08.23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >
         
--- --- ---
Angehängte Dateien
Dateityp: txt hijackthis.txt (9,3 KB, 200x aufgerufen)
Dateityp: txt mbam-log-2010-12-12 (14-35-12).txt (1,0 KB, 198x aufgerufen)

Geändert von SouLySoRc (12.12.2010 um 14:38 Uhr)

Alt 13.12.2010, 10:22   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 13.12.2010, 15:18   #3
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Leider keine Ergebnisse:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5299

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

12.12.2010 17:12:26
mbam-log-2010-12-12 (17-12-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 377475
Laufzeit: 2 Stunde(n), 13 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Zudem auch Microsoft Security Essentials ohne Ergebnis.

76 Prozesse laufen auf diesem Rechner und ich kann sie nicht wirklich zuordnen.
Zudem ist mir aufgefallen, dass wenn ich zB auf einen Server connecte (bzgl Ping) auf dem keiner drauf ist kaum Ping Peaks sind.
Sind allerdings einige Spieler auf dem Server so springt der Ping dauerhaft..

Was kann ich sonst noch tun ??
__________________

Alt 13.12.2010, 21:14   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
SRV - (SessionLauncher) -- C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe File not found
SRV - (RoxLiveShare10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe File not found
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.06.10 17:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008.06.02 23:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{42860065-9ef2-11df-96b2-bd5612f5f6f3}\Shell\AutoRun\command - "" = D:\Menu.exe -- File not found
O33 - MountPoints2\{876d02b3-e54f-11dd-bd98-001fe2e523b3}\Shell\Open\command - "" = D:\resycled\boot.com -- File not found
O33 - MountPoints2\{8a2f17d7-7592-11dd-8387-0022159a37cc}\Shell - "" = AutoRun
O33 - MountPoints2\{8a2f17d7-7592-11dd-8387-0022159a37cc}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.29 23:37:58 | 000,180,224 | -HS- | M] ()
O33 - MountPoints2\{9c3490e3-7543-11dd-b831-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9c3490e3-7543-11dd-b831-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 17:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{da065477-9dc6-11dd-ad75-001fe2e523b3}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.12.2010, 15:24   #5
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



All processes killed
========== OTL ==========
Service SessionLauncher stopped successfully!
Service SessionLauncher deleted successfully!
File C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe File not found not found.
Service RoxLiveShare10 stopped successfully!
Service RoxLiveShare10 deleted successfully!
File C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe File not found not found.
C:\autoexec.bat moved successfully.
Q:\AUTORUN.INF moved successfully.
S:\AUTORUN.INF moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42860065-9ef2-11df-96b2-bd5612f5f6f3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42860065-9ef2-11df-96b2-bd5612f5f6f3}\ not found.
File D:\Menu.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{876d02b3-e54f-11dd-bd98-001fe2e523b3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{876d02b3-e54f-11dd-bd98-001fe2e523b3}\ not found.
File D:\resycled\boot.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a2f17d7-7592-11dd-8387-0022159a37cc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a2f17d7-7592-11dd-8387-0022159a37cc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a2f17d7-7592-11dd-8387-0022159a37cc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a2f17d7-7592-11dd-8387-0022159a37cc}\ not found.
S:\LenovoSDrive.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c3490e3-7543-11dd-b831-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9c3490e3-7543-11dd-b831-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c3490e3-7543-11dd-b831-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9c3490e3-7543-11dd-b831-806e6f6e6963}\ not found.
Q:\LenovoQDrive.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da065477-9dc6-11dd-ad75-001fe2e523b3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da065477-9dc6-11dd-ad75-001fe2e523b3}\ not found.
File F:\InstallTomTomHOME.exe not found.
ADS C:\ProgramData\TEMPFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: SouLy
->Temp folder emptied: 1312802 bytes
->Temporary Internet Files folder emptied: 2958226 bytes
->Java cache emptied: 43234571 bytes
->FireFox cache emptied: 79726566 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4401 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 740779 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 122,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12142010_161858

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Ich muss zu meiner Schande gestehen, dass ich einige Progz deinstalliert habe seitdem und nen RegCleaner habe laufen lassen.
Sorry 8[
Hoffe das Ergebnis trübt sich nicht dadurch.


Alt 14.12.2010, 15:47   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
--> Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich

Alt 14.12.2010, 20:42   #7
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Combofix Logfile:
Code:
ATTFilter
ComboFix 10-12-14.01 - SouLy 14.12.2010  21:21:55.1.2 - x86
Microsoft® Windows Vista™ Business   6.0.6002.2.1252.49.1031.18.3070.2091 [GMT 1:00]
ausgeführt von:: c:\users\SouLy\Desktop\cofi.exe.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Thumbs.db

.
(((((((((((((((((((((((   Dateien erstellt von 2010-11-14 bis 2010-12-14  ))))))))))))))))))))))))))))))
.

2010-12-14 20:31 . 2010-12-14 20:34	--------	d-----w-	c:\users\SouLy\AppData\Local\temp
2010-12-14 15:18 . 2010-12-14 15:18	--------	d-----w-	C:\_OTL
2010-12-14 15:16 . 2010-11-09 19:33	6273872	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7CD49C3-9C02-4AE1-8EF9-AE6E128512B6}\mpengine.dll
2010-12-13 16:14 . 2010-12-13 16:14	--------	d-----w-	c:\users\SouLy\AppData\Local\Microsoft_Corporation
2010-12-12 19:06 . 2010-11-09 19:33	6273872	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-12 14:45 . 2010-12-12 14:45	--------	d-----w-	c:\program files\CCleaner
2010-12-12 14:43 . 2010-12-14 16:45	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-12-12 14:43 . 2010-12-12 22:18	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2010-12-12 13:29 . 2010-12-12 13:29	--------	d-----w-	c:\users\SouLy\AppData\Roaming\Malwarebytes
2010-12-12 13:29 . 2010-12-12 13:29	--------	d-----w-	c:\programdata\Malwarebytes
2010-12-12 13:29 . 2010-11-29 16:42	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-12 13:29 . 2010-12-12 13:29	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-12-12 13:29 . 2010-11-29 16:42	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-12-12 12:12 . 2010-12-12 12:12	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-12-11 18:22 . 2009-07-14 17:45	445008	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2010-12-11 18:22 . 2009-07-14 17:45	38480	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2010-12-11 18:03 . 2009-06-03 23:56	675152	----a-w-	c:\windows\system32\gpprefcl.dll
2010-12-11 14:23 . 2010-12-11 14:23	98392	------w-	c:\windows\system32\drivers\SBREDrv.sys
2010-12-11 14:21 . 2010-12-11 14:21	--------	d-----w-	c:\users\SouLy\AppData\Local\Sunbelt Software
2010-12-11 14:17 . 2010-12-11 18:08	--------	d-----w-	c:\programdata\Lavasoft
2010-12-11 14:17 . 2010-12-11 14:17	--------	d-----w-	c:\program files\Lavasoft
2010-12-11 14:09 . 2010-12-11 14:09	--------	d-----w-	c:\users\SouLy\AppData\Roaming\Uniblue
2010-12-11 14:08 . 2010-12-11 14:08	--------	d-----w-	c:\users\SouLy\AppData\Local\PackageAware
2010-12-11 14:01 . 2010-12-11 17:47	--------	d-----w-	c:\programdata\SecTaskMan
2010-12-10 14:23 . 2010-11-10 04:33	6273872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E734315-80A5-471C-80E0-FD16B3B39970}\mpengine.dll
2010-11-28 18:01 . 2010-11-28 18:01	--------	d-----w-	c:\program files\iPod
2010-11-28 18:01 . 2010-11-28 18:02	--------	d-----w-	c:\program files\iTunes
2010-11-26 14:40 . 2010-12-11 14:11	--------	d-----w-	c:\users\SouLy\AppData\Local\Unity
2010-11-24 08:39 . 2010-10-19 04:27	7680	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2010-11-21 15:18 . 2010-11-21 15:18	--------	d-----w-	c:\programdata\PC Camera Device
2010-11-21 10:06 . 2010-11-21 10:06	--------	d-----w-	c:\program files\Common Files\Skype
2010-11-21 10:06 . 2010-11-21 10:06	--------	d-----r-	c:\program files\Skype
2010-11-17 18:58 . 2010-11-20 01:45	--------	d-----w-	c:\users\SouLy\AppData\Roaming\DivX
2010-11-17 18:51 . 2010-12-11 16:31	--------	d-----w-	c:\programdata\DivX

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-11 15:16 . 2009-04-13 12:40	361728	------w-	c:\windows\system32\TuneUpDefragService.exe
2010-10-19 20:51 . 2009-10-10 18:20	222080	------w-	c:\windows\system32\MpSigStub.exe
2010-09-28 14:44 . 2010-09-28 14:44	41984	------w-	c:\windows\system32\drivers\usbaapl.sys
2010-09-28 14:44 . 2010-09-28 14:44	4184352	------w-	c:\windows\system32\usbaaplrc.dll
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2008-06-24 15:31	95496	------w-	c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]
2008-08-07 11:23	431392	------w-	c:\program files\ThinkPad\ConnectUtilities\ACTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54	91520	------w-	c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
2008-10-27 01:37	214576	------w-	c:\progra~1\ThinkPad\UTILIT~1\BTVLOGEX.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CameraApplicationLauncher]
2008-08-12 12:47	16384	------w-	c:\program files\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2006-08-04 09:00	462336	------w-	c:\program files\Corel\Corel Snapfire\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
2008-06-25 10:14	3077432	------w-	c:\program files\Lenovo\Client Security Solution\cssauth.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2008-06-04 17:36	242976	------w-	c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 13:32	56080	------w-	c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPMailChecker]
2008-06-08 18:00	124248	------w-	c:\progra~1\Lenovo\LENOVO~2\LPMLCHK.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
2008-06-08 18:00	165208	------w-	c:\progra~1\Lenovo\LENOVO~2\LPMGR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44	3883840	------w-	c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-06-19 18:03	13543968	------w-	c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-06-19 18:03	92704	------w-	c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWMTRV]
2008-10-27 01:37	632096	------w-	c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07	2260480	--sha-r-	c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-09 04:19	148888	------w-	c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-19 21:29	39408	------w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
2008-07-30 19:00	60192	------w-	c:\progra~1\Lenovo\NPDIRECT\tpfnf7sp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TpShocks]
2008-06-06 16:21	181536	------w-	c:\windows\System32\TpShocks.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
2008-05-24 14:49	487424	------w-	c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 07:21	648072	------w-	c:\windows\WindowsMobile\wmdcBase.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25	202240	------w-	c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"RoxioDragToDisc"="c:\program files\Lenovo\Drag-to-Disc\DrgToDsc.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NapsterShell"=c:\program files\Napster\napster.exe /systray
"Windows Mobile-based device management"=%windir%\WindowsMobile\wmdSync.exe
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"

R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-05-24 48192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2010-01-06 57856]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 gupdate1ca0936c2de0bd8;Google Update Service (gupdate1ca0936c2de0bd8);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 133104]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-02 691696]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2008-05-14 19496]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 LFKAS;Service of LFKA;c:\program files\Lenovo\ATK Hotkey\LFKAS.exe [2008-03-19 208896]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2008-10-27 66848]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [2008-06-24 12560]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-06-06 520192]
S3 DCamUSBGene;Integrated Camera;c:\windows\system32\DRIVERS\usbstk.sys [2008-07-31 173584]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-06-26 3662848]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-06-19 43040]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
bthsvcs	REG_MULTI_SZ   	BthServ
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
2008-02-25 10:55	7680	------w-	c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners

2010-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 12:36]

2010-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 12:36]

2010-12-14 c:\windows\Tasks\User_Feed_Synchronization-{517A91EB-6947-4E13-B08D-60B0079DE088}.job
- c:\windows\system32\msfeedssync.exe [2010-10-13 04:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\SouLy\AppData\Roaming\Mozilla\Firefox\Profiles\48wf5y93.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSConfigStartUp-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
MSConfigStartUp-EPSON Stylus DX3800 Series - c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
MSConfigStartUp-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSConfigStartUp-TPHOTKEY - c:\program files\Lenovo\HOTKEY\LVOSDSVC.exe
MSConfigStartUp-Windows Mobile Device Center - c:\windows\WindowsMobile\wmdc.exe



**************************************************************************
Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(4068)
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\ThinkVantage Fingerprint Software\upeksvr.exe
c:\windows\system32\rundll32.exe
c:\program files\Lenovo\ATK Hotkey\ASLDRSrv.exe
c:\program files\Lenovo\ATK Hotkey\GFNEXSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\System32\TPHDEXLG.exe
c:\program files\Lenovo\Client Security Solution\tvttcsd.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\program files\Lenovo\ATK Hotkey\LCONTROL.exe
c:\program files\Lenovo\ATK Hotkey\LFKA.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-12-14  21:39:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-12-14 20:39

Vor Suchlauf: 16 Verzeichnis(se), 35.195.969.536 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 39.278.419.968 Bytes frei

- - End Of File - - 54342B4E37A66C13AA0ACCC122E730C5
         
--- --- ---


Danke schonmal
Hoffe, es findet sich was :]

Alt 15.12.2010, 10:51   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.12.2010, 18:38   #9
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Text zu lang.
Logfiles im Anhang.

Siehst du denn schon was ?

Danke für die Hilfe.

OSAM

OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 19:32:25 on 15.12.2010

OS: Windows Vista Business Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.13

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
"TpShCPL.cpl" - "Lenovo." - C:\Windows\system32\TpShCPL.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\MLCFG32.CPL
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl
"ProtectorSuiteInfoPanel" - "UPEK Inc." - C:\Program Files\ThinkVantage Fingerprint Software\infopnl.cpl
"wmdConn.cpl" - "Microsoft Corporation" - C:\Windows\WindowsMobile\wmdConn.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"APS Digitizer Activity Monitor" (TPDIGIMN) - "Lenovo." - C:\Windows\System32\DRIVERS\ApsHM86.sys
"ASMMAP" (ASMMAP) - ? - C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys
"Bluetooth L2CAP Service" (btwl2cap) - ? - C:\Windows\System32\DRIVERS\btwl2cap.sys  (File not found)
"catchme" (catchme) - ? - C:\cofi.exe\catchme.sys  (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\Windows\system32\Drivers\CVPNDRVA.sys
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"fxdiqpod" (fxdiqpod) - ? - C:\Users\SouLy\AppData\Local\Temp\fxdiqpod.sys  (Hidden registry entry, rootkit activity | File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"Lavasoft helper driver" (Lavasoft Kernexplorer) - ? - C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"Shockprf" (Shockprf) - "Lenovo." - C:\Windows\System32\DRIVERS\Apsx86.sys
"SMI Helper Driver (smihlp)" (smihlp) - "UPEK Inc." - C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"TPPWRIF" (TPPWRIF) - ? - C:\Windows\System32\drivers\Tppwr32v.sys  (File signed by Microsoft | File found, but it contains no detailed information)
"tvtfilter" (tvtfilter) - "Lenovo" - C:\Windows\System32\DRIVERS\tvtfilter.sys
"tvtumon" (tvtumon) - "Lenovo" - C:\Windows\System32\DRIVERS\tvtumon.sys
"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{61E3FE32-07B9-4563-A3E0-2DE2D620FE10} "PixiePack Codec Pack 0.10.6.0" - ? - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe  (File found, but it contains no detailed information)
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech Inc." - C:\Program Files\Logitech\SetPoint\kbcplext.dll
{B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech Inc." - C:\Program Files\Logitech\SetPoint\mcplext.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\MLSHEXT.DLL
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? -   (File not found | COM-object registry key not found)
<binary data> "{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{D0C0F75C-683A-4390-A791-1ACFD5599AB8} "Oberon Flash Game Host" - "Oberon Media, Inc." - C:\Windows\Downloaded Program Files\OberonGameHost.dll / hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} "ClsidExtension" - "Lenovo Group Limited" - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
"ICQ6" - "ICQ, LLC." - C:\Program Files\ICQ6.5\ICQ.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} "IePasswordManagerHelper Class" - "Lenovo Group Limited" - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\SouLy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"MSSE" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"EPSON Stylus DX3800 Series 2KMonitor5E" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\E_FLMACE.DLL

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\System32\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software GmbH" - C:\Windows\System32\TuneUpDefragService.exe
"@%windir%\WindowsMobile\wcescomm.dll,-40079" (WcesComm) - "Microsoft Corporation" - C:\Windows\WindowsMobile\wcescomm.dll
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Ac Profile Manager Service" (AcPrfMgrSvc) - "Lenovo" - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
"Access Connections Main Service" (AcSvc) - "Lenovo" - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
"ASLDR Service" (ASLDRService) - ? - C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
"ATKGFNEX Service" (ATKGFNEXSrv) - ? - C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"Power Manager DBC Service" (Power Manager DBC Service) - "Lenovo" - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Service of LFKA" (LFKAS) - ? - C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
"SQL Server (MSSMLBIZ)" (MSSQL$MSSMLBIZ) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
"SQL Server-Browser" (SQLBrowser) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
"SQL Server-Startdienst für Business Contact Manager" (BcmSqlStartupSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"System Update" (SUService) - "Lenovo Group Limited" - C:\Program Files\Lenovo\System Update\SUService.exe
"ThinkPad HDD APS Logging Service" (TPHDEXLGSVC) - "Lenovo." - C:\Windows\System32\TPHDEXLG.exe
"ThinkVantage Registry Monitor Service" (ThinkVantage Registry Monitor Service) - "Lenovo Group Limited" - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
"TSS Core Service" (TSSCoreService) - "Lenovo" - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
"TVT Backup Protection Service" (TVT Backup Protection Service) - ? - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
"TVT Backup Service" (TVT Backup Service) - "Lenovo Group Limited" - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
"TVT Scheduler" (TVT Scheduler) - "Lenovo Group Limited" - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
"TVT Windows Update Monitor" (TVT_UpdateMonitor) - "Lenovo Group Limited" - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"GinaDLL" - "UPEK Inc." - C:\Windows\system32\vrlogon.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"psfus" - "UPEK Inc." - C:\Windows\system32\psqlpwd.dll
"ScCertProp" - ? - wlnotify.dll  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Angehängte Dateien
Dateityp: txt MBRCheck_12.15.10_19.33.09.txt (13,9 KB, 208x aufgerufen)

Alt 15.12.2010, 18:39   #10
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



GMER ist zu groß als txt für den Anhang

und für das Posting auch

(Der Text, den Sie eingegeben haben, besteht aus 435214 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 135120 Zeichen.) Soll ich es in 4 Teile splitten ?
In Word ist es 485 KB groß, lediglich 112 Seiten...

Alt 16.12.2010, 09:35   #11
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



HAb die Datei nun mal geuploaded:

hxxp://www.file-upload.net/download-3053093/GMER.txt.html

HOffe das ist legitim?
Wenn nicht bitte link löschen.

Alt 16.12.2010, 14:31   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Zitat:
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 7A531F3AF968125488B242F7AEE861FBD4BCDFBD
Hast Du noch andere Betriebssysteme außer Vista installiert?

Wenn nicht: Schau mal hier => Vista Notfall/Recovery-CD 32-Bit - Dr. Windows

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten).

Falls Du eine normale Vista-Installations-DVD hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der Vista-DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.12.2010, 11:45   #13
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Ich habe eine Partition die laut systemmelsung zum Booten benötigt wird und nicht verändert werden darf.
Zudem habe ich eine Partition auf der die werkseitogen Einstellungen gespeichert sind. Von der habe ich mir einst eine image erstellt. Quasi ne Recovery Partition.
Beides war werkseitig vorhanden.
Ich habe dem Grunde nach aber nur 1 OS, nämlich Vista.
Demnach werde ich deine Anleitung mal durchfuhren??!

Alt 17.12.2010, 12:36   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Ja bitte ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.12.2010, 15:33   #15
SouLySoRc
 
Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Standard

Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich



Danke soweit schonmal. Habe alles wie angewiesen durchgeführt und beide Male von der Konsole die Bestätigung erhalten dass der Vorgang erfolgreich durchgeführt wurde.
Und nun ?

Das Ping Peak Problem besteht immer noch

€dit:
Auf manchen Servern sind die Peaks weniger stark ausgeprägt als auf anderen ist mir aufgefallen.
Auf ganz wenigen Servern sind kaum Peaks. Sehr seltsam..

Geändert von SouLySoRc (18.12.2010 um 15:45 Uhr)

Antwort

Themen zu Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich
adblock, alternate, anhang, corp./icp, counter-strike source, deaktivieren, dienste, document, excel.exe, explorer, festplatte, firefox.exe, frage, gfnexsrv.exe, gmx.de, google chrome, hijack, hijackthis, hijackthis logfile, iastor.sys, install.exe, lenovo, location, logfile, malwarebytes, microsoft, microsoft office 2003, microsoft office word, microsoft security, nicht möglich, nichts, nvlddmkm.sys, nvstor.sys, office 2007, oldtimer, online, online games, otl.exe, otl.txt, platte, problem, process, programdata, saver, scan, sched.exe, searchplugins, shell32.dll, sierra, skype.exe, spiele, spielen, sptd.sys, ständiger, thinkvantage registry monitor service, vista, vista 32bit, vlc media player, windows, windows vista, wsearch, zugriff



Ähnliche Themen: Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich


  1. Ping nicht möglich und Probleme mit IPFire "pakfire unreachable"
    Netzwerk und Hardware - 09.07.2015 (0)
  2. Hoher Ping (bemerkbar nur bei Online-Spielen)
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (3)
  3. Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)
    Plagegeister aller Art und deren Bekämpfung - 09.06.2014 (48)
  4. keine Online Updates aus Programmen möglich
    Log-Analyse und Auswertung - 24.05.2013 (3)
  5. Ständiger Festplattenzugriff, Firefox Umleitung, usw. (mit Logs)
    Log-Analyse und Auswertung - 13.04.2013 (21)
  6. Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 17.02.2013 (10)
  7. Problem mit 100% CPU peaks (hardware interrupts)
    Alles rund um Windows - 26.04.2011 (13)
  8. Online Banking nicht möglich. Seite verlangt 20 TAN
    Plagegeister aller Art und deren Bekämpfung - 31.01.2011 (3)
  9. Beim Versuch Online zu spielen hab ich das Problem dass mein Ping/ Latenz immer zu hoch ist!
    Log-Analyse und Auswertung - 29.09.2010 (0)
  10. Pc laggs und hoher ping bei Online Spielen
    Log-Analyse und Auswertung - 27.12.2009 (1)
  11. Ständiger Festplattenzugriff Virus?
    Log-Analyse und Auswertung - 20.08.2009 (4)
  12. Festplattenzugriff nur über Explorer; Virensoftware JEDER Art kann nicht zu starten!
    Plagegeister aller Art und deren Bekämpfung - 09.04.2009 (61)
  13. Hohe Ping in Online Game möglicherweise durch virus?
    Log-Analyse und Auswertung - 08.12.2008 (0)
  14. Vista Sp1 ständiger Festplattenzugriff
    Log-Analyse und Auswertung - 22.06.2008 (12)
  15. unnormal hoher ping in online spielen
    Log-Analyse und Auswertung - 24.03.2007 (4)
  16. svchost zu 99% ausgelastet, Ping ins www möglich, kein Seitenaufbau !!
    Log-Analyse und Auswertung - 09.07.2005 (5)
  17. Kein Online Update mit AD-AWARE möglich
    Plagegeister aller Art und deren Bekämpfung - 15.07.2004 (8)

Zum Thema Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich - Hallo liebe Community, ich habe einen permanenten ca. sekündlichen Festplattenzugriff zu beklagen bei meinem Windows Vista 32bit Betriebssystem. Google spuckte das Problem öfter aus, aber das Deaktivieren aller möglichen Dienste - Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich...
Archiv
Du betrachtest: Ständiger Festplattenzugriff und Ping Peaks, Online Gaming nicht möglich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.