bei online Spielen schwankender Ping, Trojaner?

#1 Hallo
ich hab bei online Spielen ein schwankenen Ping, aber das nur zwischen durch obwohl aussermir keiner im netzt ist. Könnte es sein das es ein Trojaner ist der immer was sendet und das dann auf meine leitung geht? Ich habe eine 3000 Leitung DSL von T-online.de
Ich hatte zuerst Antivira Freeware, jedoch war mir das nicht sicher genuch also habe ich mir noch als vollversion ESET NOD32 Antivirus geholt. dieses hat bei einem Volständigen scan bei aktuellem update nichts gefunden.
hab dann GMER ausgeführt der zeigt mir aber am anfang die Fehlermeldung "D:\Windows\system32\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderem Prozess verwendet wird" Ich habe Windows 7 kann es daran liegen?


Das kam bei Malwarebytes Raus:

Malwarebytes' Anti-Malware 1.42
Datenbank Version: 3427
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.12.2009 15:28:42
mbam-log-2009-12-25 (15-28-42).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 90348
Laufzeit: 4 minute(s), 11 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
D:\Windows\System32\SYSTEM32 (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Windows\System32\SYSTEM32\DRIVERS (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateien:
D:\Windows\System32\SYSTEM32\DRIVERS\rtl8187.sys (Trojan.Agent) -> Quarantined and deleted successfully.

Vieleicht hatte GMER deswegen Diese Fehlermeldung

GMER hatte keine system modifikation gefunden jedoch wurde aber auch keine


Hier mein Log File:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:01, on 25.12.2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Windows\vVX3000.exe
D:\Program Files (x86)\ICQ6.5\ICQ.exe
D:\Program Files (x86)\Valve\Steam\Steam.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
D:\Users\Fay\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
D:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Program Files (x86)\Logitech\G-series Software\Applets\LCDMedia.exe
D:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
D:\Program Files (x86)\Java\jre6\bin\jusched.exe
D:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE
D:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
D:\Program Files (x86)\Winamp\winampa.exe
D:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
D:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Windows\SysWOW64\notepad.exe
D:\Users\Fay\Downloads\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = D:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LifeCam] "D:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Kone] "D:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE"
O4 - HKLM\..\Run: [ASUSGamerOSD] D:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [amd_dc_opt] D:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "D:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ICQ] "D:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Steam] "d:\program files (x86)\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "D:\Users\Fay\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Skype] "D:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Speech Recognition] "D:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O8 - Extra context menu item: &Winamp Search - D:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - D:\Windows\System32\alg.exe (file missing)
O23 - Service: ASDR - Unknown owner - D:\Windows\SysWOW64\ASDR.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - D:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - D:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - D:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - D:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - D:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - D:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - D:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - D:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - D:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - D:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - D:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - D:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - D:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - D:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - D:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10150 bytes



Meine uninstall list:

3DMark06
50 FREE MP3s +1 Free Audiobook!
Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.1 - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Ultra CS3
Adobe Ultra CS3 - MSL Legacy Support
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Akamai NetSession Interface
ASUS Gamer OSD
ASUS Smart Doctor
ASUS VideoSecurity Online
CCleaner
Command & Conquer™ Alarmstufe Rot 3
Connect
Cool & Quiet
Counter-Strike(TM)
DAEMON Tools Toolbar
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
Driver Updater
Dual-Core Optimizer
EAX4 Unified Redist
EVEREST Home Edition v2.20
Free YouTube to Mp3 Converter version 3.1
Futuremark SystemInfo
G15_TeamSpeak (NSIS)
GIMP 2.6.7
ICQ6.5
Java(TM) 6 Update 17
kuler
LcdStudio 2.0 Build 806
Malwarebytes' Anti-Malware
Microsoft Corporation
Microsoft DirectX SDK (August 2009)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.6)
Norton Security Scan
NVIDIA ForceWare Network Access Manager
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
OpenOffice.org 3.1
PDF Settings CS4
PhotoScape
Photoshop Camera Raw
Realtek High Definition Audio Driver
REALTEK RTL8187 Wireless LAN Driver
ROCCAT Kone Mouse Driver
Skype™ 4.0
SoundMAX
Steam(TM)
Suite Shared Configuration CS4
TeamSpeak 2 RC2
TeamViewer 5
Tom Clancy's Splinter Cell Double Agent
Uninstall 1.0.0.1
VC80CRTRedist - 8.0.50727.4053
Winamp
Winamp Toolbar
Windows Media Player Firefox Plugin
WinRAR
XviD MPEG-4 Video Codec

Diese könnte aber nicht vollständig sein da ich 2 betriebsysteme auf meinem rechner habe XP und Win7 hinzukommt das einige programme nicht instaliert würde zum beispiel Spiele sondern von Lan´s gezogen wurden

hoffe ihr könnt mir weiter helfen

mfg Fay

#2 Welches AntivirenProgramm nutzt Du?

>>>
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

>Doppelklick auf die OTL.exe
-->Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
>Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
>Unter Extra Registry, wähle bitte Use SafeList
>Klicke nun auf Run Scan links oben
>Wenn der Scan beendet wurde werden 2 Logfiles erstellt
>Poste die Logfiles in Code-Tags hier in den Thread.

#3 Also vorher hatte ich Avira Antivirus benutzt bin aber jetzt umgestiegen auf ESET NOD32 Antivirus, wie oben schon erwähnt. Das hatte auch welche entdeckt die ich dann gelöscht habe oder eher gesäubert gelöscht hab ich nur eine Datei von 6.

Die OTL datei:

Code

OTL logfile created on: 25.12.2009 23:37:45 - Run 1
OTL by OldTimer - Version 3.1.20.1     Folder = D:\Users\Fay\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 19,53 Gb Total Space | 3,75 Gb Free Space | 19,20% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 64,83 Gb Free Space | 50,06% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 46,53 Gb Free Space | 23,82% Space Free | Partition Type: NTFS
Drive F: | 270,44 Gb Total Space | 75,52 Gb Free Space | 27,92% Space Free | Partition Type: NTFS
Drive G: | 6,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FAY-PC
Current User Name: Fay
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - D:\Users\Fay\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - D:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - D:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - D:\Program Files (x86)\Valve\Steam\Steam.exe (Valve Corporation)
PRC - D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - D:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
PRC - D:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - D:\Windows\SysWOW64\ASDR.exe ()
PRC - D:\Program Files (x86)\Winamp\winampa.exe ()
PRC - D:\Windows\vVX3000.exe (Microsoft Corporation)
PRC - D:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - D:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe (Skype Technologies)
PRC - D:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
PRC - D:\Users\Fay\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
PRC - D:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe (ROCCAT)
PRC - D:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - D:\Program Files (x86)\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - D:\Users\Fay\Desktop\OTL.exe (OldTimer Tools)
MOD - D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (FLEXnet Licensing Service 64) -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:[b]64bit:[/b] - (EhttpSrv) -- D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV:[b]64bit:[/b] - (ekrn) -- D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:[b]64bit:[/b] - (MSCamSvc) -- D:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WwanSvc) -- D:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WbioSrvc) -- D:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (UmRdpService) -- D:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Power) -- D:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Themes) -- D:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (sppuinotify) -- D:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (SensrSvc) -- D:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (PeerDistSvc) -- D:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (PNRPsvc) -- D:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (p2pimsvc) -- D:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (HomeGroupProvider) -- D:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (RpcEptMapper) -- D:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (PNRPAutoReg) -- D:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (HomeGroupListener) -- D:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (FontCache) -- D:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Dhcp) -- D:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (defragsvc) -- D:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (CscService) -- D:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (bthserv) -- D:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (BDESVC) -- D:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AxInstSV) -- D:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppMgmt) -- D:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppIDSvc) -- D:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (wbengine) -- D:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (sppsvc) -- D:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Fax) -- D:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (ATKFUSService) -- D:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.)
SRV - (Steam Client Service) -- D:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- d:\program files (x86)\common files\akamai\rswin_3629.dll ()
SRV - (TeamViewer5) -- D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service) -- D:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (PnkBstrB) -- D:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- D:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Stereo Service) -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SandraAgentSrv) -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe (SiSoftware)
SRV - (ASDR) -- D:\Windows\SysWOW64\ASDR.exe ()
SRV - (VSS) -- D:\Windows\Vss [2009.07.14 04:20:14 | 00,000,000 | ---D | M]
SRV - (MSDTC) -- D:\Windows\SysWOW64\Msdtc [2009.07.14 04:20:14 | 00,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- D:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- D:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- D:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- D:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- D:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- D:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (IDriverT) -- D:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (sptd) -- D:\Windows\SysNative\drivers\sptd.sys ()
DRV:[b]64bit:[/b] - (EIO64) -- D:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:[b]64bit:[/b] - (ESLvnic1) -- D:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV:[b]64bit:[/b] - (epfwwfpr) -- D:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:[b]64bit:[/b] - (ehdrv) -- D:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:[b]64bit:[/b] - (eamon) -- D:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:[b]64bit:[/b] - (LGBusEnum) -- D:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (amdsata) -- D:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- D:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdsbs) -- D:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (KSecPkg) -- D:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- D:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (hwpolicy) -- D:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (FsDepends) -- D:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- D:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (WIMMount) -- D:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vhdmp) -- D:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vmbus) -- D:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (storflt) -- D:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vdrvroot) -- D:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (storvsc) -- D:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- D:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (rdyboost) -- D:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (pcw) -- D:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (CNG) -- D:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (fvevol) -- D:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (rdpbus) -- D:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RDPREFMP) -- D:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RasAgileVpn) WAN Miniport (IKEv2) -- D:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WfpLwf) -- D:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NdisCap) -- D:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vwifibus) -- D:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (1394ohci) -- D:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HdAudAddService) -- D:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UmPass) -- D:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (usbaudio) USB-Audiotreiber (WDM) -- D:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WinUsb) -- D:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mshidkmdf) -- D:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WudfPf) -- D:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MTConfig) -- D:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (CompositeBus) -- D:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Beep) -- D:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (AppID) -- D:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (scfilter) -- D:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (s3cap) -- D:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (VMBusHID) -- D:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (discache) -- D:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HidBatt) -- D:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (CmBatt) -- D:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (AcpiPmi) -- D:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (CSC) -- D:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (AmdPPM) -- D:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (VX3000) -- D:\Windows\SysNative\drivers\VX3000.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RTL8187B) RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s) -- D:\Windows\SysNative\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:[b]64bit:[/b] - (NVENETFD) -- D:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- D:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- D:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- D:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- D:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (MTsensor) -- D:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:[b]64bit:[/b] - (NVNET) -- D:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (atkdisplf) -- D:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV:[b]64bit:[/b] - (asusgsb) -- D:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:[b]64bit:[/b] - (KoneFltr) -- D:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd)
DRV:[b]64bit:[/b] - (ENTECH64) -- D:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan)
DRV:[b]64bit:[/b] - (adfs) -- D:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:[b]64bit:[/b] - (SiFilter) -- D:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc)
DRV:[b]64bit:[/b] - (SiRemFil) -- D:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc)
DRV:[b]64bit:[/b] - (SI3132) -- D:\Windows\SysNative\drivers\SI3132.sys (Silicon Image, Inc)
DRV:[b]64bit:[/b] - (ADIHdAudAddService) -- D:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:[b]64bit:[/b] - (RTL8187) -- D:\Windows\SysNative\drivers\RTL8187.sys (Realtek Semiconductor Corporation                           )
DRV:[b]64bit:[/b] - (AmdTools) -- D:\Windows\SysNative\drivers\AmdTools64.sys (AMD, Inc.)
DRV - (CSC) -- D:\Windows\CSC [2009.11.05 17:42:38 | 00,000,000 | ---D | M]
DRV - (SANDRA) -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x64\sandra.sys (SiSoftware)
DRV - (WIMMount) -- D:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinUsb) -- D:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (NetBIOS) -- D:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (VX3000) -- D:\Windows\SysWOW64\VX3000.dll (Microsoft Corporation)
DRV - (mpsdrv) -- D:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- D:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (adfs) -- D:\Windows\SysWOW64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (SED133x) -- D:\Program Files (x86)\LcdStudio\SED133x.sys ()
DRV - (T6963C) -- D:\Program Files (x86)\LcdStudio\T6963c.sys ()
DRV - (LC7981) -- D:\Program Files (x86)\LcdStudio\LC7981.sys ()
DRV - (n3900) -- D:\Program Files (x86)\LcdStudio\n3900.sys ()
DRV - (KS0108) -- D:\Program Files (x86)\LcdStudio\ks0108.sys ()
DRV - (AsIO) -- D:\Windows\SysWOW64\drivers\AsIO.sys ()
DRV - (RTL8187) -- D:\Windows\SysWOW64\drivers\rtl8187.sys (Realtek Semiconductor Corporation                           )
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 00 CF EC DF 7F CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2009.12.17 11:47:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2009.12.17 11:47:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.12.13 23:12:53 | 00,000,000 | ---D | M]
 
[2009.11.05 22:07:28 | 00,000,000 | ---D | M] -- D:\Users\Fay\AppData\Roaming\mozilla\Extensions
[2009.12.25 00:53:24 | 00,000,000 | ---D | M] -- D:\Users\Fay\AppData\Roaming\mozilla\Firefox\Profiles\tl2ugbhg.default\extensions
[2009.11.20 14:42:15 | 00,000,000 | ---D | M] (Winamp Toolbar) -- D:\Users\Fay\AppData\Roaming\mozilla\Firefox\Profiles\tl2ugbhg.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.11.21 19:46:51 | 00,000,000 | ---D | M] -- D:\Users\Fay\AppData\Roaming\mozilla\Firefox\Profiles\tl2ugbhg.default\extensions\DTToolbar@toolbarnet.com
[2009.11.21 19:46:38 | 00,002,059 | ---- | M] () -- D:\Users\Fay\AppData\Roaming\Mozilla\FireFox\Profiles\tl2ugbhg.default\searchplugins\daemon-search.xml
[2009.11.20 15:48:16 | 00,001,196 | ---- | M] () -- D:\Users\Fay\AppData\Roaming\Mozilla\FireFox\Profiles\tl2ugbhg.default\searchplugins\winamp-search.xml
[2009.12.15 17:17:36 | 00,000,000 | ---D | M] -- D:\Program Files (x86)\mozilla firefox\extensions
[2009.12.12 13:02:44 | 00,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.12.12 13:02:44 | 00,002,344 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2009.12.12 13:02:44 | 00,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.12.12 13:02:44 | 00,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.12.12 13:02:44 | 00,000,801 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: (2005 bytes) - D:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:     127.0.0.1    activate.adobe.com
O1 - Hosts:     127.0.0.1    activate.adobe.com
O1 - Hosts:     127.0.0.1     practivate.adobe.com
O1 - Hosts:     127.0.0.1     ereg.adobe.com
O1 - Hosts:     127.0.0.1     activate.wip3.adobe.com
O1 - Hosts:     127.0.0.1     wip3.adobe.com
O1 - Hosts:     127.0.0.1     3dns-3.adobe.com
O1 - Hosts:     127.0.0.1     3dns-2.adobe.com
O1 - Hosts:     127.0.0.1     adobe-dns.adobe.com
O1 - Hosts:     127.0.0.1     adobe-dns-2.adobe.com
O1 - Hosts:     127.0.0.1     adobe-dns-3.adobe.com
O1 - Hosts:     127.0.0.1     ereg.wip3.adobe.com
O1 - Hosts:     127.0.0.1     activate-sea.adobe.com
O1 - Hosts:     127.0.0.1     wwis-dubc1-vip60.adobe.com
O1 - Hosts:     127.0.0.1     activate-sjc0.adobe.com
O1 - Hosts:     127.0.0.1     hl2rcv.adobe.com
O1 - Hosts:     127.0.0.1     2O7.net
O1 - Hosts:     127.0.0.1     192.168.112.2O7.net
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:[b]64bit:[/b] - HKLM..\Run: []  File not found
O4:[b]64bit:[/b] - HKLM..\Run: [egui] D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCDMon] D:\Program Files\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LGDCore] D:\Program Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VX3000] D:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] D:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] D:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ASUSGamerOSD] D:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [Kone] D:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [LifeCam] D:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] D:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] D:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Driver Updater]  File not found
O4 - HKCU..\Run: [ICQ] D:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Octoshape Streaming Services] D:\Users\Fay\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Skype] D:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Speech Recognition] D:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] d:\program files (x86)\valve\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: &Winamp Search - D:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Search - D:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Windows\SysNative\nvLsp.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\Windows\SysNative\nvLsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - D:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.15 18:59:17 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
[b]64bit:[/b] O35 - comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2009.12.25 23:35:41 | 00,513,536 | ---- | C] (OldTimer Tools) -- D:\Users\Fay\Desktop\OTL.exe
[2009.12.25 21:03:58 | 00,000,000 | ---D | C] -- D:\Users\Fay\AppData\Local\ESET
[2009.12.25 15:11:00 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.12.25 15:10:57 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.12.23 14:09:28 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Fraunhofer IIS
[2009.12.13 23:12:51 | 00,000,000 | ---D | C] -- D:\Programme\ESET
[2009.12.13 23:12:51 | 00,000,000 | ---D | C] -- D:\ProgramData\ESET
[2009.12.13 21:50:30 | 00,000,000 | ---D | C] -- D:\Users\Fay\AppData\Roaming\TeamViewer
[2009.12.13 21:50:23 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\TeamViewer
[2009.12.13 21:49:47 | 00,000,000 | ---D | C] -- D:\Users\Fay\temp
[2009.12.13 17:03:51 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Realtek
[2009.12.13 17:03:49 | 00,000,000 | -H-D | C] -- D:\Program Files (x86)\Temp
[2009.12.13 17:03:47 | 00,540,672 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\RtlExUpd.dll
[2009.12.09 16:28:37 | 00,082,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysNative\msfeedsbs.dll
[2009.12.09 16:28:37 | 00,064,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedsbs.dll
[2009.12.08 21:51:56 | 00,000,000 | ---D | C] -- D:\Users\Fay\AppData\Roaming\skypePM
[2009.12.08 21:49:47 | 00,000,000 | ---D | C] -- D:\Users\Fay\AppData\Roaming\Skype
[2009.12.08 21:49:26 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Skype
[2009.12.08 21:49:25 | 00,000,000 | R--D | C] -- D:\Program Files (x86)\Skype
[2009.12.08 21:49:17 | 00,000,000 | ---D | C] -- D:\ProgramData\Skype
[2009.12.07 17:08:24 | 00,000,000 | ---D | C] -- D:\Users\Fay\Application Data
[2009.12.07 17:05:09 | 00,000,000 | ---D | C] -- D:\Programme\Adobe
[2009.12.07 16:53:47 | 00,000,000 | ---D | C] -- D:\Programme\Common Files\Macrovision Shared
[2009.12.06 02:40:52 | 00,000,000 | ---D | C] -- D:\Users\Fay\AppData\Roaming\gtk-2.0
[2009.12.05 18:16:47 | 00,000,000 | ---D | C] -- D:\Windows\SysWow64\spool
[2009.12.05 18:16:20 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Adobe Media Player
[2009.12.05 18:14:52 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Adobe AIR
[2009.12.05 18:12:48 | 00,000,000 | ---D | C] -- D:\Programme\Common Files\Adobe
[2009.12.05 18:01:42 | 00,000,000 | ---D | C] -- D:\Users\Fay\Desktop\Adobe CS4
[2009.12.05 17:08:32 | 00,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Akamai
[3 D:\ProgramData\*.tmp files -> D:\ProgramData\*.tmp -> ]
[3 D:\ProgramData\*.tmp files -> D:\ProgramData\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2009.12.25 23:39:13 | 04,980,736 | -HS- | M] () -- D:\Users\Fay\NTUSER.DAT
[2009.12.25 23:36:10 | 00,513,536 | ---- | M] (OldTimer Tools) -- D:\Users\Fay\Desktop\OTL.exe
[2009.12.25 21:14:23 | 00,016,944 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.12.25 21:14:23 | 00,016,944 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.12.25 21:07:11 | 00,000,006 | -H-- | M] () -- D:\Windows\tasks\SA.DAT
[2009.12.25 21:07:08 | 00,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2009.12.25 21:06:45 | 24,147,31264 | -HS- | M] () -- D:\hiberfil.sys
[2009.12.25 21:04:55 | 06,291,456 | -H-- | M] () -- D:\Users\Fay\AppData\Local\IconCache.db
[2009.12.25 15:11:03 | 00,001,018 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.22 18:58:38 | 00,001,773 | ---- | M] () -- D:\Users\Fay\Desktop\2009Decoder - Verknüpfung.lnk
[2009.12.20 19:11:00 | 01,472,002 | ---- | M] () -- D:\Windows\SysNative\PerfStringBackup.INI
[2009.12.20 19:11:00 | 00,643,628 | ---- | M] () -- D:\Windows\SysNative\perfh007.dat
[2009.12.20 19:11:00 | 00,606,992 | ---- | M] () -- D:\Windows\SysNative\perfh009.dat
[2009.12.20 19:11:00 | 00,126,188 | ---- | M] () -- D:\Windows\SysNative\perfc007.dat
[2009.12.20 19:11:00 | 00,103,370 | ---- | M] () -- D:\Windows\SysNative\perfc009.dat
[2009.12.17 13:23:35 | 00,023,631 | ---- | M] () -- D:\Users\Fay\Documents\weihnachtsandacht.odt
[2009.12.17 11:50:41 | 00,030,406 | ---- | M] () -- D:\Users\Fay\Documents\AWDFLASH132.zip
[2009.12.13 21:50:27 | 00,001,171 | ---- | M] () -- D:\Users\Public\Desktop\TeamViewer 5.lnk
[2009.12.08 21:51:56 | 00,000,056 | -H-- | M] () -- D:\ProgramData\ezsidmv.dat
[2009.12.08 21:49:27 | 00,002,517 | ---- | M] () -- D:\Users\Public\Desktop\Skype.lnk
[2009.12.08 10:22:45 | 02,891,584 | ---- | M] () -- D:\Windows\SysNative\FNTCACHE.DAT
[2009.12.06 21:56:54 | 00,004,878 | ---- | M] () -- D:\Users\Fay\.recently-used.xbel
[2009.12.03 17:47:37 | 00,018,655 | ---- | M] () -- D:\Users\Fay\Documents\Reich Gottes.odt
[2009.12.03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.12.03 16:13:58 | 00,022,104 | ---- | M] (Malwarebytes Corporation) -- D:\Windows\SysNative\drivers\mbam.sys
[3 D:\ProgramData\*.tmp files -> D:\ProgramData\*.tmp -> ]
[3 D:\ProgramData\*.tmp files -> D:\ProgramData\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2009.12.25 15:11:03 | 00,001,018 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.22 18:58:38 | 00,001,773 | ---- | C] () -- D:\Users\Fay\Desktop\2009Decoder - Verknüpfung.lnk
[2009.12.17 11:52:48 | 00,015,416 | ---- | C] () -- D:\Windows\SysNative\drivers\ASACPI.sys
[2009.12.17 11:50:39 | 00,030,406 | ---- | C] () -- D:\Users\Fay\Documents\AWDFLASH132.zip
[2009.12.16 21:06:56 | 00,023,631 | ---- | C] () -- D:\Users\Fay\Documents\weihnachtsandacht.odt
[2009.12.13 21:50:27 | 00,001,171 | ---- | C] () -- D:\Users\Public\Desktop\TeamViewer 5.lnk
[2009.12.08 21:51:56 | 00,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.08 21:49:27 | 00,002,517 | ---- | C] () -- D:\Users\Public\Desktop\Skype.lnk
[2009.12.06 21:56:54 | 00,004,878 | ---- | C] () -- D:\Users\Fay\.recently-used.xbel
[2009.12.03 17:47:37 | 00,018,655 | ---- | C] () -- D:\Users\Fay\Documents\Reich Gottes.odt
[2009.11.21 17:34:17 | 00,004,608 | ---- | C] () -- D:\Windows\SysWow64\lgLcdLibWrapper.dll
[2009.11.20 15:24:10 | 11,923,456 | ---- | C] () -- D:\ProgramData\sandra.mda
[2009.11.20 10:40:44 | 00,761,856 | ---- | C] () -- D:\Windows\SysWow64\xvidcore.dll
[2009.11.20 10:40:44 | 00,180,224 | ---- | C] () -- D:\Windows\SysWow64\xvidvfw.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\asrussian.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\askorean.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\asjapan.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\asgerman.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\asfrench.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\aseng.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\ASCHT.dll
[2009.11.20 10:40:44 | 00,053,248 | ---- | C] () -- D:\Windows\SysWow64\aschs.dll
[2009.11.16 22:53:37 | 00,024,576 | ---- | C] () -- D:\Windows\SysWow64\AsIO.dll
[2009.11.16 22:53:37 | 00,014,392 | ---- | C] () -- D:\Windows\SysWow64\drivers\AsIO.sys
[2009.11.16 22:53:34 | 00,011,832 | ---- | C] () -- D:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.11.16 22:53:34 | 00,010,216 | ---- | C] () -- D:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.11.07 12:37:13 | 00,021,504 | ---- | C] () -- D:\Windows\jestertb.dll
[2009.11.06 15:28:24 | 00,004,940 | ---- | C] () -- D:\ProgramData\mtbjfghn.xbe
[2009.08.03 00:21:54 | 00,197,912 | ---- | C] () -- D:\Windows\SysWow64\physxcudart_20.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 00,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009.06.26 17:24:18 | 00,015,498 | ---- | C] () -- D:\Windows\VX3000.ini
[2004.10.11 11:19:00 | 00,092,672 | ---- | C] () -- D:\Windows\SysWow64\ASUSASV2.DLL
[2004.04.27 08:26:48 | 00,005,824 | ---- | C] () -- D:\Windows\SysWow64\drivers\ASUSHWIO.SYS
< End of report >

Und Die Extra Datei

Code

OTL Extras logfile created on: 25.12.2009 23:37:45 - Run 1
OTL by OldTimer - Version 3.1.20.1     Folder = D:\Users\Fay\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 19,53 Gb Total Space | 3,75 Gb Free Space | 19,20% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 64,83 Gb Free Space | 50,06% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 46,53 Gb Free Space | 23,82% Space Free | Partition Type: NTFS
Drive F: | 270,44 Gb Total Space | 75,52 Gb Free Space | 27,92% Space Free | Partition Type: NTFS
Drive G: | 6,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FAY-PC
Current User Name: Fay
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- D:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{339F0642-FDC6-4DD3-8EF0-22FC8D0FD3E6}" = ESET NOD32 Antivirus
"{3705C708-1B8A-43A3-8E94-6BAB33A3384B}" = Logitech G-series Keyboard Software
"{3E061CBA-1DBB-45DD-8873-D100072ADCAD}" = Microsoft LifeCam
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP4
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06FE1146-4FF8-45DF-B0D9-CBA8E38C708C}" = REALTEK RTL8187 Wireless LAN Driver
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{765443B7-555F-4E8C-9C96-A52409AE4E4A}" = Utility
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver
"{995237D9-6E24-45D9-9B06-C13AA62F518B}" = Adobe Ultra CS3 - MSL Legacy Support
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E907A385-B00D-4D03-8B16-B64F10938CE6}" = Adobe Ultra CS3
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"[url="http://www.ccleaner.de"]CCleaner[/url]" = [url="http://www.ccleaner.de"]CCleaner[/url]
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"G15_TeamSpeak" = G15_TeamSpeak (NSIS)
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"InstallShield_{995237D9-6E24-45D9-9B06-C13AA62F518B}" = Adobe Ultra CS3 - MSL Legacy Support
"InstallShield_{E907A385-B00D-4D03-8B16-B64F10938CE6}" = Adobe Ultra CS3
"LcdStudio" = LcdStudio 2.0 Build 806
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 5" = TeamViewer 5
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
"xvid" = XviD MPEG-4 Video Codec
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"QIP 2005" = QIP 2005 8095
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

hoffe auf antwort danke

#4 Schauen wir einmal ob das mit Win7 geht:

Download LopSD zum Desktop
Doppelklick um es zu starten, Tippe D (Deutsch), [Enter] und tippe 1.
Poste anschliessend die Datei LopR.txt

Falls nicht, dann mache bitte folgendes:

Wende CureIT an und poste das Log:
http://board.protecus.de/t29350.htm

#5 Mal abgesehen von einem möglischen befall
das dein ping schwank oder schlecht ist wundert mich weniger

D:\Users\Fay\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

Dieses Programm kann erheblichen traffic verursachen und für deine ping Probleme verantwortlisch sein. Ausserdem hast du etlische Programme im Autostart bzw Helper elements

D:\Program Files (x86)\Winamp\winampa.exe
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files (x86)\Winamp\winampa.exe"

D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "D:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

D:\Program Files (x86)\Skype\Phone\Skype.exe

Könnte dir helfen mal alles nicht benötigte über den taskmanager zu beenden
und dann mal zu testen ob deine ping Probleme weg sind

#6 Hab alle unnötige Systemstart programmme deaktiviert.
das LopSD hat leider unter Win7 nicht geklappt das andere schon das hatte dann auch was gefunden.

Code

splinter_cell_double_agent_1_02a.exe/data001\system/PCCompiler_D.dll;D:\Documents and Settings\Fay\Downloads\splinter_cell_double_agent_1_02a\splinter_cell_double_agent_1_02a\splinter_cell_double_;Trojan.DownLoader.origin;;
data001;D:\Documents and Settings\Fay\Downloads\splinter_cell_double_agent_1_02a\splinter_cell_double_agent_1_02a;Archiv enthält infizierte Objekte;;
splinter_cell_double_agent_1_02a.exe;D:\Documents and Settings\Fay\Downloads\splinter_cell_double_agent_1_02a\splinter_cell_double_agent_1_02a;Container enthält infizierte Objekte;Verschoben.;
splinter_cell_double_agent_1_02a.exe/data001\system/PCCompiler_D.dll;D:\Dokumente und Einstellungen\Fay\DoctorWeb\Quarantine\splinter_cell_double_agent_1_02a.exe/data001;Trojan.DownLoader.origin;;
data001;D:\Dokumente und Einstellungen\Fay\DoctorWeb\Quarantine;Archiv enthält infizierte Objekte;;
splinter_cell_double_agent_1_02a.exe;D:\Dokumente und Einstellungen\Fay\DoctorWeb\Quarantine;Container enthält infizierte Objekte;Verschoben.;
Check for Quake III Arena Updates.exe\unvised_3.bin;E:\Q3\Check for Quake III Arena Updates.exe;Tool.Reboot;;
Check for Quake III Arena Updates.exe;E:\Q3;Archiv enthält infizierte Objekte;Verschoben.;

hoffe ihr werdet daraus schlau xD

Danke schonmal vielmals halt alles schon sehr viel gebracht zumindest läuft der pc noch schneller

#7 Da hast Du wohl am falschen Ort gedownloaded. Bezüglich Check for Quake III Arena Updates.exe.
http://www.threatexpert.com/report.aspx?md5=557018f8fa73d90259cc7683eca4ff11

Zitat

Keystroke Spy is a keylogger that monitors and records all kind of computer activities on users computers.

Weisst Du noch woher Du die Datei hast? Bitte poste hier nicht den Link davon nur den Namen der Seite.

Man kann sich nun fragen ob es Sinn machen würde das ganze System neu aufzusetzen. Das grosse Problem zudem ist das es schwer ist, Tools für die Reinigung zu finden, welche mit WIN7 64Bit funktioniert.

Falls Du Dich gegen das Neuaufsetzen entscheidest, dann versuche einmal noch Onlinescan:

http://board.protecus.de/t38113.htm

#8 Also die Datei hab ich von einem kolegen bekommen da wir quake spielen wollten und dafür die gleiche version brauchten also weiß ich leider nicht wo er die exe-Datei her hat.

Also neu aufsetzten würd nicht so gerne machen also bin eher dafür das wir ihn so vieleicht retten können.

hab OnlineScan ausgeführt hatte auch 44 objekte gefunden und dann bereiningt gab dazu auch ein protokol wenn ja wo find ich das dann und soll ich das posten?

Ach ja soll ich die dateien die von Dr.Web gefunden wurden und in quarantäne verschoben wurden löschen ?

#9 Ja lösche die Dateien bei CureIT.

Ist das Logfile nirgends auf dem Desktop oder auf C:/ zu finden?

#10 hab ein zweiten durchlauf gemacht da hat er das gefunden

Code

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/27/2009 at 06:37 PM

Application Version : 4.31.1000

Core Rules Database Version : 4413
Trace Rules Database Version: 2243

Scan type       : Complete Scan
Total Scan Time : 01:13:11

Memory items scanned      : 459
Memory threats detected   : 0
Registry items scanned    : 5696
Registry threats detected : 0
File items scanned        : 50395
File threats detected     : 7

Adware.Tracking Cookie
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\fay@bluestreak[1].txt
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\fay@doubleclick[1].txt
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\fay@advertising[1].txt
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\fay@atwola[1].txt
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\fay@bs.serving-sys[1].txt
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\fay@serving-sys[2].txt
    D:\Users\Fay\AppData\Roaming\Microsoft\Windows\Cookies\Low\fay@2o7[2].txt

den ersten bericht finde ich nicht wo sol der denn genau sein ?

#11 Melde mich am Abend

#12 Hmmm weiss leider auch nicht wo es zu finden ist.

Hat sich seit dem Du Dich hier gemeldet hast, etwas verändert?

Und was meinst Du zum Beitrag von Audiopower:
http://board.protecus.de/t38608.htm#332381

#13 Also mein Pc läuft auf jeden fall schneller, hab alle unötigen Programme,die Audipower erwähnt hat, deaktiviert und ja hat geholfen. leider hab ich immer noch zwischen durch ping schwankungen kann aber leider nicht sagen ob das jetzt am W-lan geliegen hatte weil ich gestern keine lan verbindung hatt. ich werde das weiter beobachten und mich dann nochmal melden aber danke für die programme die haben shcon einiges an Viren getötet xD

MFG Fay

#14 Wichtig noch. Ändere Alle Passwörter. Vorallem die bei Ebanking. Danach immer vorsichtig bei Datein von Kollegen

Melde Dich wenns wieder Probleme gibt.