Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Hallo ihr lieben. Seit schätzungsweise 3-4 Wochen läuft mein DSL 6000 Anschluss bloß noch mit ca. 600kbps/Download. Es ist auch beim Seitenaufbau spürbar langsamer. Code:
ATTFilter Malwarebytes' Anti-Malware www.malwarebytes.org Datenbank Version: 6077 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 16.03.2011 16:44:52 mbam-log-2011-03-16 (16-44-52).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 159122 Laufzeit: 4 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 1 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Infizierte Verzeichnisse: c:\spy.qwas (Trojan.SpyEyes) -> Quarantined and deleted successfully. Infizierte Dateien: c:\$Recycle.Bin\s-1-5-21-393008859-4233259207-2664862976-1000\$RY9M8CE.exe\moonxxxxxx.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\spy.qwas\config.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully. Code:
ATTFilter OTL logfile created on: 16.03.2011 16:53:09 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Manuel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,69 Gb Total Space | 310,69 Gb Free Space | 68,18% Space Free | Partition Type: NTFS Drive D: | 10,07 Gb Total Space | 1,38 Gb Free Space | 13,67% Space Free | Partition Type: NTFS Drive M: | 465,76 Gb Total Space | 332,68 Gb Free Space | 71,43% Space Free | Partition Type: NTFS Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Manuel\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Programme\VideoLAN\VLC\vlc.exe () PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\D-Link\DWA-140 revB\ANIWConnService.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Sandboxie\SbieSvc.exe (tzuk) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor) ========== Modules (SafeList) ========== MOD - C:\Users\Manuel\Downloads\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (D-Link Wireless N DWA-140_WPS) -- C:\Programme\D-Link\DWA-140 revB\ANIWConnService.exe () SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (tzuk) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH) DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (dtsoftbus01) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (MBAMSwissArmy) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (netr28u) -- C:\WINDOWS\System32\drivers\Dnetr28u.sys (Ralink Technology Corp.) DRV - (ivusb) -- C:\WINDOWS\System32\drivers\ivusb.sys (Initio Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (tzuk) DRV - (anodlwf) -- C:\WINDOWS\System32\drivers\anodlwf.sys () DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (COMMONFX.DLL) -- C:\WINDOWS\System32\COMMONFX.DLL (Creative Technology Ltd) DRV - (CT20XUT.DLL) -- C:\WINDOWS\System32\CT20XUT.DLL (Creative Technology Ltd.) DRV - (CTHWIUT.DLL) -- C:\WINDOWS\System32\CTHWIUT.DLL (Creative Technology Ltd.) DRV - (CTEXFIFX.DLL) -- C:\WINDOWS\System32\CTEXFIFX.DLL (Creative Technology Ltd.) DRV - (CTEDSPSY.DLL) -- C:\WINDOWS\System32\CTEDSPSY.DLL (Creative Technology Ltd) DRV - (CTEDSPIO.DLL) -- C:\WINDOWS\System32\CTEDSPIO.DLL (Creative Technology Ltd) DRV - (CTEDSPFX.DLL) -- C:\WINDOWS\System32\CTEDSPFX.DLL (Creative Technology Ltd) DRV - (CTERFXFX.DLL) -- C:\WINDOWS\System32\CTERFXFX.DLL (Creative Technology Ltd) DRV - (CTEAPSFX.DLL) -- C:\WINDOWS\System32\CTEAPSFX.DLL (Creative Technology Ltd) DRV - (CTSBLFX.DLL) -- C:\WINDOWS\System32\CTSBLFX.DLL (Creative Technology Ltd) DRV - (CTAUDFX.DLL) -- C:\WINDOWS\System32\CTAUDFX.DLL (Creative Technology Ltd) DRV - (ctsfm2k) -- C:\WINDOWS\System32\drivers\ctsfm2k.sys (Creative Technology Ltd) DRV - (ossrv) -- C:\WINDOWS\System32\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV - (hap17v2k) -- C:\WINDOWS\System32\drivers\haP17v2k.sys (Creative Technology Ltd) DRV - (hap16v2k) -- C:\WINDOWS\System32\drivers\haP16v2k.sys (Creative Technology Ltd) DRV - (ha10kx2k) -- C:\WINDOWS\System32\drivers\ha10kx2k.sys (Creative Technology Ltd) DRV - (emupia) -- C:\WINDOWS\System32\drivers\emupia2k.sys (Creative Technology Ltd) DRV - (ctprxy2k) -- C:\WINDOWS\System32\drivers\ctprxy2k.sys (Creative Technology Ltd) DRV - (ctdvda2k) -- C:\WINDOWS\System32\drivers\ctdvda2k.sys (Creative Technology Ltd) DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\System32\drivers\ctaud2k.sys (Creative Technology Ltd) DRV - (ctac32k) -- C:\WINDOWS\System32\drivers\ctac32k.sys (Creative Technology Ltd) DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Firefox Add-ons" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.07 23:31:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.07 23:31:16 | 000,000,000 | ---D | M] [2011.01.28 17:10:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions [2011.03.15 23:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\4cijg6v7.default\extensions [2011.01.31 01:53:56 | 000,000,000 | ---D | M] ("Split Browser") -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\4cijg6v7.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2011.01.31 01:53:56 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\4cijg6v7.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C} [2011.01.31 01:53:57 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\4cijg6v7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.03.13 12:58:05 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\4cijg6v7.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011.01.31 01:46:45 | 000,001,632 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\4cijg6v7.default\searchplugins\firefox-add-ons.xml [2011.02.28 07:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.02.21 04:06:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.02.21 04:06:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.02.28 07:34:53 | 000,000,000 | ---D | M] (OneClick YouTube Downloader) -- C:\PROGRAM FILES\ORBITDOWNLOADER\ADDONS\ONECLICKYOUTUBEDOWNLOADER [2011.02.01 03:02:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.02.21 04:06:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2011.03.07 23:31:13 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.03.07 23:31:13 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2011.03.07 23:31:13 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.03.07 23:31:13 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.03.07 23:31:13 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.02.22 12:51:24 | 000,430,103 | R--- | M]) - C:\WINDOWS\System32\drivers\etc\hosts O1 - Hosts: localhost O1 - Hosts: ::1 localhost O1 - Hosts: activate.adobe.com O1 - Hosts: practivate.adobe.com O1 - Hosts: ereg.adobe.com O1 - Hosts: www.007guard.com O1 - Hosts: 007guard.com O1 - Hosts: 008i.com O1 - Hosts: www.008k.com O1 - Hosts: 008k.com O1 - Hosts: www.00hq.com O1 - Hosts: 00hq.com O1 - Hosts: 010402.com O1 - Hosts: www.032439.com O1 - Hosts: 032439.com O1 - Hosts: www.0scan.com O1 - Hosts: 0scan.com O1 - Hosts: 1000gratisproben.com O1 - Hosts: www.1000gratisproben.com O1 - Hosts: 1001namen.com O1 - Hosts: www.1001namen.com O1 - Hosts: 100888290cs.com O1 - Hosts: www.100888290cs.com O1 - Hosts: www.100sexlinks.com O1 - Hosts: 100sexlinks.com O1 - Hosts: 14807 more lines... O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img25.jpg O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img25.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.11.28 14:48:09 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{bea9b6a1-2afd-11e0-b690-001e8c4e85e3}\Shell - "" = AutoRun O33 - MountPoints2\{bea9b6a1-2afd-11e0-b690-001e8c4e85e3}\Shell\AutoRun\command - "" = L:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.16 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Malwarebytes [2011.03.16 16:36:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.03.16 16:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.03.16 16:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.03.16 16:36:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.03.16 16:36:35 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.03.16 16:30:45 | 000,000,000 | ---D | C] -- C:\Programme\TCPView [2011.03.15 17:10:16 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\viovio2011 [2011.03.09 14:41:07 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Application Data [2011.03.09 06:57:25 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011.03.09 06:57:25 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011.03.09 06:57:25 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011.03.09 06:57:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2011.03.07 23:30:09 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\Projekte [2011.03.07 20:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager [2011.03.07 20:50:21 | 000,000,000 | ---D | C] -- C:\Programme\Intel [2011.03.07 20:48:38 | 004,874,240 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [2011.03.07 20:48:38 | 002,156,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011.03.07 20:48:38 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe [2011.03.07 20:48:38 | 000,636,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011.03.07 20:48:38 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011.03.07 20:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard [2011.03.07 20:44:07 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\System32\vorbis.acm [2011.03.07 20:13:45 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\HpUpdate [2011.03.07 20:13:08 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard [2011.02.28 20:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link [2011.02.28 20:28:08 | 000,849,248 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\System32\drivers\Dnetr28u.sys [2011.02.28 20:28:08 | 000,238,880 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll [2011.02.28 20:28:07 | 000,000,000 | ---D | C] -- C:\Programme\D-Link [2011.02.28 07:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit [2011.02.25 03:02:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2011.02.25 03:00:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2011.02.25 03:00:48 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2011.02.25 03:00:48 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2011.02.25 03:00:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2011.02.25 03:00:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2011.02.25 03:00:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2011.02.25 03:00:46 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2011.02.25 03:00:46 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2011.02.25 03:00:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2011.02.25 03:00:46 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2011.02.25 03:00:46 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2011.02.25 03:00:41 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2011.02.25 03:00:41 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2011.02.25 03:00:41 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2011.02.25 03:00:41 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2011.02.25 03:00:41 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2011.02.22 02:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.02.22 02:07:58 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2011.02.22 02:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.02.21 20:19:45 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\GrabPro [2011.02.21 20:17:25 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\ProgSense [2011.02.21 20:17:25 | 000,000,000 | ---D | C] -- C:\Downloads [2011.02.21 20:17:16 | 000,000,000 | ---D | C] -- C:\Programme\Orbitdownloader [2011.02.21 20:17:15 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Orbit [2011.02.21 04:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.02.21 04:06:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.02.21 04:06:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.02.21 04:06:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.02.21 04:06:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.02.21 02:18:19 | 000,000,000 | ---D | C] -- C:\Programme\IVONA [2011.02.21 02:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA [2011.02.21 01:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antares Audio Technologies [2011.02.21 01:36:35 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Antares [2011.02.21 01:36:34 | 000,000,000 | ---D | C] -- C:\Programme\Antares Audio Technologies [2011.02.21 01:20:29 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\IVONA_INST [2011.02.20 21:23:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{69B9EA9A-2B6B-4DD3-A8F9-ED88FA739388} [2011.02.20 21:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments [2011.02.20 21:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments [2011.02.20 17:33:46 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments FM8 [2011.02.20 17:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments FM8 [2011.02.20 13:29:49 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments FM7 [2011.02.20 13:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments FM7 [2011.02.20 13:29:44 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000 [2011.02.20 13:29:44 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.002 [2011.02.20 13:29:44 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.003 [2011.02.20 13:29:44 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001 [2011.02.17 00:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011.02.16 23:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011.02.16 23:40:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2011.02.16 23:35:44 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Media Player [2011.02.16 23:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011.02.16 23:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5 [2011.02.16 23:33:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR [2011.02.16 23:17:27 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2011.02.16 23:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.02.16 23:17:26 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Skype [2011.02.16 23:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.02.16 00:29:23 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\Electronic Arts [2011.02.15 23:51:10 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\mein2011 [2011.02.15 23:30:52 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\Wochenberichte [2011.02.15 18:15:30 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE [2011.02.15 18:15:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2011.02.15 18:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2011.02.15 18:07:29 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts [2007.04.09 12:32:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll [2007.04.09 12:19:16 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe ========== Files - Modified Within 30 Days ========== [2011.03.16 16:54:12 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\jbwfp.sys [2011.03.16 16:44:41 | 000,022,016 | ---- | M] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.16 15:42:48 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.03.16 15:15:34 | 000,633,342 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.03.16 15:15:34 | 000,599,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.03.16 15:15:34 | 000,128,590 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.03.16 15:15:34 | 000,105,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.03.16 15:10:32 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.16 15:10:32 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.16 15:10:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.16 15:10:17 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys [2011.03.16 07:51:20 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000001-00000000-00000000-00001102-00000004-20021102}.rfx [2011.03.16 07:51:20 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXState-{00000001-00000000-00000000-00001102-00000004-20021102}.rfx [2011.03.16 07:51:20 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXCtrlState-{00000001-00000000-00000000-00001102-00000004-20021102}.rfx [2011.03.16 07:51:20 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXBkpCtrlState-{00000001-00000000-00000000-00001102-00000004-20021102}.rfx [2011.03.16 07:51:20 | 000,011,564 | ---- | M] () -- C:\Windows\System32\DVCState-{00000001-00000000-00000000-00001102-00000004-20021102}.rfx [2011.03.13 22:31:13 | 000,000,132 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011.03.13 20:33:25 | 000,000,970 | ---- | M] () -- C:\Users\Manuel\Desktop\Adobe Bridge CS5.lnk [2011.03.09 02:42:11 | 000,000,577 | ---- | M] () -- C:\Users\Manuel\Desktop\Ivona Text to Speech - Verknüpfung.lnk [2011.03.08 22:46:44 | 001,050,157 | ---- | M] () -- C:\Users\Manuel\Desktop\Photo Mrz 08, 10 47 01 nachm..jpg [2011.03.08 22:46:19 | 001,147,410 | ---- | M] () -- C:\Users\Manuel\Desktop\Photo Mrz 08, 10 46 26 nachm..jpg [2011.03.07 20:48:40 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2011.03.03 22:12:02 | 005,026,000 | ---- | M] () -- C:\Users\Manuel\Desktop\LoesungenBasiswissen.pdf [2011.02.24 12:09:44 | 011,824,396 | ---- | M] () -- C:\Users\Manuel\Desktop\stoffsammlung.pdf [2011.02.22 12:51:24 | 000,430,103 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.02.22 12:49:34 | 000,430,103 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110222-125124.backup [2011.02.22 12:38:10 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm [2011.02.22 12:38:10 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm [2011.02.22 11:05:55 | 000,430,103 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110222-124934.backup [2011.02.21 04:05:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.02.21 04:05:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.02.21 04:05:57 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.02.21 04:05:57 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.02.17 16:53:12 | 003,749,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.02.17 00:01:06 | 000,001,439 | ---- | M] () -- C:\Users\Manuel\Desktop\Adobe Illustrator CS5.lnk [2011.02.17 00:01:06 | 000,001,008 | ---- | M] () -- C:\Users\Manuel\Desktop\Adobe Photoshop CS5.lnk [2011.02.17 00:01:06 | 000,000,996 | ---- | M] () -- C:\Users\Manuel\Desktop\Adobe InDesign CS5.lnk [2011.02.15 00:51:00 | 000,000,279 | ---- | M] () -- C:\Users\Manuel\Desktop\8000 (M) - Verknüpfung.lnk ========== Files Created - No Company Name ========== [2011.03.13 22:31:13 | 000,000,132 | ---- | C] () -- C:\Users\Manuel\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011.03.13 20:33:25 | 000,000,970 | ---- | C] () -- C:\Users\Manuel\Desktop\Adobe Bridge CS5.lnk [2011.03.09 02:42:11 | 000,000,577 | ---- | C] () -- C:\Users\Manuel\Desktop\Ivona Text to Speech - Verknüpfung.lnk [2011.03.08 23:02:57 | 000,017,408 | ---- | C] () -- C:\Windows\System32\minimp3.exe [2011.03.08 22:46:37 | 001,050,157 | ---- | C] () -- C:\Users\Manuel\Desktop\Photo Mrz 08, 10 47 01 nachm..jpg [2011.03.08 22:46:01 | 001,147,410 | ---- | C] () -- C:\Users\Manuel\Desktop\Photo Mrz 08, 10 46 26 nachm..jpg [2011.03.07 20:49:33 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss [2011.03.07 20:47:32 | 000,001,933 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Advisor.lnk [2011.03.03 22:12:02 | 005,026,000 | ---- | C] () -- C:\Users\Manuel\Desktop\LoesungenBasiswissen.pdf [2011.02.28 20:28:08 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2011.02.28 20:28:08 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\anodlwf.sys [2011.02.25 03:00:42 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2011.02.25 03:00:42 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2011.02.25 03:00:42 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2011.02.24 12:09:28 | 011,824,396 | ---- | C] () -- C:\Users\Manuel\Desktop\stoffsammlung.pdf [2011.02.17 18:54:18 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2011.02.17 00:01:06 | 000,001,439 | ---- | C] () -- C:\Users\Manuel\Desktop\Adobe Illustrator CS5.lnk [2011.02.17 00:01:06 | 000,001,008 | ---- | C] () -- C:\Users\Manuel\Desktop\Adobe Photoshop CS5.lnk [2011.02.17 00:01:06 | 000,000,996 | ---- | C] () -- C:\Users\Manuel\Desktop\Adobe InDesign CS5.lnk [2011.02.16 23:33:13 | 000,000,876 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011.02.15 19:05:50 | 000,000,785 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Miroslav Philharmonik CE.lnk [2011.02.15 00:51:00 | 000,000,279 | ---- | C] () -- C:\Users\Manuel\Desktop\8000 (M) - Verknüpfung.lnk [2011.02.11 20:08:58 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys [2011.02.05 03:10:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.02.04 17:31:34 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.02.04 17:31:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.01.30 13:48:26 | 000,000,016 | ---- | C] () -- C:\Windows\System32\msvcsv60.dll [2011.01.30 13:48:26 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat [2011.01.30 12:18:13 | 000,022,016 | ---- | C] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.28 19:40:30 | 000,002,608 | ---- | C] () -- C:\Windows\Sandboxie.ini [2007.11.28 22:39:07 | 000,633,342 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2007.11.28 22:39:07 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2007.11.28 22:39:07 | 000,128,590 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2007.11.28 22:39:07 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.11.28 14:40:29 | 000,111,448 | ---- | C] () -- C:\Windows\hpqins13.dat [2007.11.28 14:24:55 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe [2007.11.28 14:22:09 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll [2007.11.28 14:22:09 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll [2007.04.12 08:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\System32\APOMgrH.dll [2007.04.09 12:55:14 | 000,097,785 | ---- | C] () -- C:\Windows\System32\instwdm.ini [2007.04.09 12:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini [2007.04.09 12:33:50 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBurst.dll [2007.04.09 12:32:32 | 000,037,888 | ---- | C] () -- C:\Windows\System32\psconv.exe [2007.04.09 12:24:30 | 000,325,821 | ---- | C] () -- C:\Windows\System32\ctdlang.dat [2007.04.09 12:24:30 | 000,046,273 | ---- | C] () -- C:\Windows\System32\ctdnlstr.dat [2007.04.09 12:21:44 | 000,048,128 | ---- | C] () -- C:\Windows\System32\regplib.exe [2007.04.09 12:21:28 | 000,149,838 | ---- | C] () -- C:\Windows\System32\ctbas2w.dat [2007.04.09 12:19:44 | 000,274,587 | ---- | C] () -- C:\Windows\System32\ctsbas2w.dat [2007.04.09 12:19:36 | 000,241,084 | ---- | C] () -- C:\Windows\System32\CTSBASW.DAT [2007.04.09 12:19:36 | 000,115,166 | ---- | C] () -- C:\Windows\System32\CTBASICW.DAT [2007.04.09 12:19:20 | 000,313,207 | ---- | C] () -- C:\Windows\System32\ctstatic.dat [2007.04.09 12:19:20 | 000,053,932 | ---- | C] () -- C:\Windows\System32\ctdaught.dat [2007.04.09 12:19:18 | 000,005,120 | ---- | C] () -- C:\Windows\System32\enlocstr.exe [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 003,749,008 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,599,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,105,816 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.10.02 09:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\System32\kill.ini [2006.04.17 18:45:38 | 000,155,648 | ---- | C] () -- C:\Windows\System32\LEXPING.EXE [2006.01.30 13:42:22 | 000,000,270 | ---- | C] () -- C:\Windows\System32\lxczcoin.ini [2005.06.16 10:17:16 | 000,071,680 | ---- | C] () -- C:\Windows\System32\ctmmactl.dll [2002.11.13 08:40:22 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll [2001.01.19 08:50:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE < End of report > Code:
ATTFilter OTL Extras logfile created on: 16.03.2011 16:53:09 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Manuel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,69 Gb Total Space | 310,69 Gb Free Space | 68,18% Space Free | Partition Type: NTFS Drive D: | 10,07 Gb Total Space | 1,38 Gb Free Space | 13,67% Space Free | Partition Type: NTFS Drive M: | 465,76 Gb Total Space | 332,68 Gb Free Space | 71,43% Space Free | Partition Type: NTFS Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{64E4F4F6-1177-49BC-AB66-DD60E60B4256}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{6FD937CD-5801-4C47-BBC7-A4740B0455BF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7A4D4780-F174-4B03-9528-4C82009A4874}" = protocol=17 | dir=in | app=c:\users\manuel\appdata\roaming\dropbox\bin\dropbox.exe | "{9A4DF377-A368-4218-ADE1-E614A9E3200C}" = protocol=6 | dir=in | app=c:\users\manuel\appdata\roaming\dropbox\bin\dropbox.exe | "{F85FC163-CE8F-4E22-93DD-175FCFE37894}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "TCP Query User{364D0A55-2C06-4D4A-8329-3435D71DD33B}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | "TCP Query User{F3E31B2F-A65D-4146-9202-13AAEA5188B0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{730C7612-32FA-412C-B139-8E9EFBFE1074}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{A0DB5814-F869-4427-BD25-5F42074D7A03}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{22717ED3-0869-4A88-8F87-4737CDE7144C}" = Native Instruments Traktor S4 "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8ED43CF1-5E56-4D0C-AEB1-A9F9C164B9BC}" = Miroslav Philharmonik CE "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{982773C6-CCA0-441A-9067-830A40A35E51}" = Scrabble3D "{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.0 - Deutsch "{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BA0D0121-A3BA-487D-9C78-7AB0E676C722}" = Miroslav Philharmonik "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link DWA-140 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software "{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1 "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Antares Autotune Evo VST RTAS_is1" = Antares Autotune Evo VST RTAS v6.0.9 "ASIO4ALL" = ASIO4ALL "Atmosphere_is1" = Atmosphere "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Lite" = DAEMON Tools Lite "Drumaxx" = Drumaxx "ENTERPRISE" = Microsoft Office Enterprise 2007 "FL Studio 9.8" = FL Studio 9.8 "FL Studio 9.9" = FL Studio 9.9 "Hardcore" = Hardcore "HP Photosmart Essential" = HP Photosmart Essential 2.5 "IL Download Manager" = IL Download Manager "IL Harmless" = IL Harmless "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "IVONA 2" = IVONA 2 "Korg Legacy Collection v1.1.9" = Korg Legacy Collection v1.1.9 "Lennar Digital Sylenth VSTi v1.2.1" = Lennar Digital Sylenth VSTi v1.2.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "Native Instruments FM7 Sounds Vol.1" = Native Instruments FM7 Sounds Vol.1 "Native Instruments FM7 VSTi DXI RTAS v1.1.3.4" = Native Instruments FM7 VSTi DXI RTAS v1.1.3.4 "Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS" = Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS "Native Instruments Guitar Rig 2" = Native Instruments Guitar Rig 2 "Native Instruments Massive" = Native Instruments Massive "Native Instruments Traktor S4" = Native Instruments Traktor S4 "NVIDIA Drivers" = NVIDIA Drivers "OfficeTrial" = Testversion von Microsoft Office Home and Student 2007 "Orbit_is1" = Orbit Downloader "OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator "PC-Doctor 5 for Windows" = Hardware Diagnose Tools "PoiZone" = PoiZone "Sakura" = Sakura "Sandboxie" = Sandboxie 3.39.02 "Sawer" = Sawer "Toxic Biohazard" = Toxic Biohazard "Trilogy_is1" = Trilogy "TuneUp Utilities" = TuneUp Utilities "VLC media player" = VLC media player 1.1.6 "WildTangent hp Master Uninstall" = My HP Games "WinRAR archiver" = WinRAR Archivierer ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich. "Dropbox" = Dropbox ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22.02.2011 04:52:32 | Computer Name = Manuel-PC | Source = EventSystem | ID = 4609 Description = Error - 22.02.2011 04:52:32 | Computer Name = Manuel-PC | Source = EventSystem | ID = 4609 Description = Error - 22.02.2011 09:20:39 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung plugin-container.exe, Version, Zeitstempel 0x4cf928fc, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel 0x4cb73436, Ausnahmecode 0xc0000005, Fehleroffset 0x00048822, Prozess-ID 0x884, Anwendungsstartzeit 01cbd286eb98add5. Error - 27.02.2011 08:45:43 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung FL (extended memory).exe, Version, Zeitstempel 0x4a6c0d56, fehlerhaftes Modul GuitarRig 2.dll_unloaded, Version, Zeitstempel 0x4542122a, Ausnahmecode 0xc0000005, Fehleroffset 0x10112fd0, Prozess-ID 0xa58, Anwendungsstartzeit 01cbd67c34a67a5c. Error - 28.02.2011 15:30:40 | Computer Name = Manuel-PC | Source = VSS | ID = 8194 Description = Error - 07.03.2011 15:14:23 | Computer Name = Manuel-PC | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Error - 07.03.2011 16:43:01 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung FL.exe, Version, Zeitstempel 0x4d3574e7, fehlerhaftes Modul FLEngine.dll, Version, Zeitstempel 0x4d68e2b5, Ausnahmecode 0xc0000005, Fehleroffset 0x000e799d, Prozess-ID 0x17dc, Anwendungsstartzeit 01cbdd044f4dc493. Error - 07.03.2011 17:38:57 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung FL.exe, Version, Zeitstempel 0x4d3574e7, fehlerhaftes Modul nvoglv32.dll, Version, Zeitstempel 0x478624e1, Ausnahmecode 0xc0000005, Fehleroffset 0x0010d56f, Prozess-ID 0x1274, Anwendungsstartzeit 01cbdd087651e0e3. Error - 08.03.2011 05:25:36 | Computer Name = Manuel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 08.03.2011 05:31:18 | Computer Name = Manuel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ System Events ] Error - 31.01.2011 22:25:55 | Computer Name = Manuel-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.02.2011 14:01:17 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7011 Description = Error - 01.02.2011 19:33:17 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.02.2011 19:33:22 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.02.2011 19:33:27 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.02.2011 19:33:32 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.02.2011 19:33:37 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.02.2011 19:33:42 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.02.2011 19:33:47 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 03.02.2011 02:42:11 | Computer Name = Manuel-PC | Source = DCOM | ID = 10010 Description = < End of report > Ich hoffe, ich habe sämtlich regeln beachtet und ihr könnte die Daten auswerten. Vielen Dank im Voraus. |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL)Zitat:
![]() Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Danke für den Hinweis, Cosinus.
Hoffentlich tangiert mein Anliegen nun mehr. Code:
ATTFilter Malwarebytes' Anti-Malware www.malwarebytes.org Datenbank Version: 6077 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 16.03.2011 20:53:10 mbam-log-2011-03-16 (20-53-10).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 360424 Laufzeit: 56 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
| ![]() Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL)Zitat:
Beim ersten Durchlauf fand es vier Dateien, die es daraufhin löschte. Edit: Sehe gerade, es gibt eine neuere Version. Führe einen erneuten Scan durch. Geändert von forsch (16.03.2011 um 23:35 Uhr) Grund: Softwareaktualisierung |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL)Code:
ATTFilter Malwarebytes' Anti-Malware www.malwarebytes.org Datenbank Version: 6080 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 17.03.2011 00:51:12 mbam-log-2011-03-17 (00-51-12).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|M:\|) Durchsuchte Objekte: 409187 Laufzeit: 1 Stunde(n), 17 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: xxx (Malware.Packer.Gen) -> Quarantined and deleted successfully. Geändert von forsch (17.03.2011 um 01:38 Uhr) Grund: privat |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL)
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL)
![]() | #9 |
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #10 |
![]() | #11 |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Offensichtlich liegt der Fehler beim Anbieter. Habe den Speedtest (über WLAN) mit meinem Handy durchgeführt und die selbe Rate erzielt.
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Nagut. Evtl. hilft auch ein Routerreset, aber den Einsatz von Keygens unterstütze ich in keinster Weise
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Danke Cosinus, werde den Reset mal versuchen. Muss ich danach die Zugangsdaten von neuem eingeben oder erst bei meinem Nachbar einbrechen? Scherz am Rande- sämtliche KeyGens und auch die dazupassende Software wurden gelöscht. Man muss die Kids im Auge behalten.
![]() | #14 |
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
Internet deutlich langsamer (DSLtest=700DSL, ich habe=6000DSL) Du bist mein Mann, Cosinus. Der Reset hat's gebracht. Danke!
