| |
| |||||||
Log-Analyse und Auswertung: PC nach dem Windowsstartup langsam, 100% CPU auslastungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.12.2011, 14:04
| #1 |
 |  PC nach dem Windowsstartup langsam, 100% CPU auslastung Einen schönen guten Tag, Ich bin neu hier in dem Board und bin begeister, mit wieviel Power ihr euch um die belangen der Leute kümmert. Großen Respekt dafür. Zu meinem Problem: Ich habe dieses Problem eigentlich jetzt schon seit mehreren Jahren, wobei ich das immer versucht habe den PC zu starten und erst zu nutzen, wenn dieses "Laggen" weg war. Das war im Schnitt nach etwa 1 Stunde der Fall. Jetzt hab ich mich hingesetzt um herauszufinden warum dies der Fall ist. Bei mir liegt die hohe CPU Auslastung an dem Prozess svchost.exe. Davon sind im Schnitt 12 Stück vorhanden und diese wechseln sich jeweils ab. Ich hab leider im Forum nichts gefunden, was genau den selben Sachbestand besitzt. Ich hab meiner Meinung nach sehr viel versucht, vom Prozess ausfindig machen und versuchen zu beenden bis hin zu irgendwelchen Programm die es nur Analysieren(!). Wollte selber nicht in der Registry etc ändern um nichts Kaputt zu machen. und zu dem noch ein Bild von dem Prozess svchost.exe zugehörigen Services.OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.12.2011 02:42:53 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 59,34% Memory free 9,65 Gb Paging File | 8,22 Gb Available in Paging File | 85,12% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS Drive D: | 108,46 Gb Total Space | 12,21 Gb Free Space | 11,25% Space Free | Partition Type: NTFS Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 1825,76 Gb Total Space | 1625,79 Gb Free Space | 89,05% Space Free | Partition Type: NTFS Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32 Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe PRC - [2011.11.09 02:48:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe PRC - [2011.02.02 15:25:04 | 001,051,264 | ---- | M] (Genie-soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe PRC - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE ========== Modules (No Company Name) ========== MOD - [2011.11.09 02:48:14 | 001,989,592 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011.10.15 00:54:26 | 000,265,536 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll MOD - [2010.09.06 12:50:38 | 000,072,192 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll MOD - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll ========== Win32 Services (SafeList) ========== SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService) SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32) SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010.01.03 19:28:18 | 000,118,784 | ---- | M] () [Disabled | Stopped] -- D:\Program Files\CPUCooL\CooLSRV.exe -- (CPUCooLServer) SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService) SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService) SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX) DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH) DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2010.09.23 10:11:28 | 000,316,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.01.03 19:28:18 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiopnp.sys -- (ntiopnp) DRV - [2010.01.03 19:28:18 | 000,011,392 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiomin.sys -- (ntiomin) DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock) DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006.10.20 11:57:20 | 000,012,352 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiowp.sys -- (ntiowp) DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA) DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Bing" FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin" FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.11.15 19:42:09 | 000,000,000 | ---D | M] [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions [2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net [2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml [2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2009.10.27 04:32:54 | 000,000,000 | ---D | M] (BearShare MediaBar) -- D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} () (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI [2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2008.01.08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.12 05:14:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.08.12 05:19:37 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 wsuplay.ubi.com O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 15004 more lines... O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - Unable to obtain root file information for disk G:\ O32 - Unable to obtain root file information for disk H:\ O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell - "" = AutoRun O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell\AutoRun\command - "" = F:\INSTALL.EXE O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell - "" = AutoRun O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell\AutoRun\command - "" = I:\Autorun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - D:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - D:\Windows\system32\Rundll32.exe D:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297) ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - D:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - D:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - - File not found MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - - File not found MsConfig - StartUpFolder: D:^Users^DooM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - - File not found MsConfig - StartUpReg: Adobe ARM - hkey= - key= - D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) MsConfig - StartUpReg: BCSSync - hkey= - key= - D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig - StartUpReg: CmCardRun - hkey= - key= - File not found MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - D:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) MsConfig - StartUpReg: DivXUpdate - hkey= - key= - D:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: H2O - hkey= - key= - D:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O) MsConfig - StartUpReg: iCloudServices - hkey= - key= - D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) MsConfig - StartUpReg: iPhone Explorer Launcher - hkey= - key= - D:\Program Files\Software4u\iPhone Explorer\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de) MsConfig - StartUpReg: iTunesHelper - hkey= - key= - D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: Kernel and Hardware Abstraction Layer - hkey= - key= - D:\Windows\KHALMNPR.Exe (Logitech Inc.) MsConfig - StartUpReg: msnmsgr - hkey= - key= - D:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig - StartUpReg: MultiScreen - hkey= - key= - File not found MsConfig - StartUpReg: Pando Media Booster - hkey= - key= - D:\Program Files\Pando Networks\Media Booster\PMB.exe () MsConfig - StartUpReg: PCSuiteTrayApplication - hkey= - key= - File not found MsConfig - StartUpReg: QuickTime Task - hkey= - key= - D:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: RGSC - hkey= - key= - G:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) MsConfig - StartUpReg: SoundMAX - hkey= - key= - D:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.) MsConfig - StartUpReg: SoundMAXPnP - hkey= - key= - D:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - D:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: swg - hkey= - key= - File not found MsConfig - StartUpReg: UsbBoost - hkey= - key= - D:\Program Files\UsbBoost\TurboHddUsb.exe (FNet Co., Ltd.) MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 MsConfig - State: "bootini" - 0 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes [2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes [2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys [2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas [2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner [2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings [2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared [2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games [2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games [2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE [2011.11.15 18:19:08 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod [2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes [2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim [2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll [2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher [2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen [2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver [2011.11.04 02:13:34 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Akamai [1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.01 02:36:42 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMSDaily.job [2011.12.01 02:33:49 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.01 02:33:48 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.01 02:27:44 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job [2011.12.01 02:26:12 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2011.12.01 02:26:00 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys [2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl [2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.24 23:32:11 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2011.11.24 23:32:11 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:19:08 | 000,000,893 | ---- | M] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk [2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable [2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav [2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma [2011.11.15 18:19:08 | 000,000,893 | ---- | C] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk [2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb [2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.11 02:36:29 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMS.job [2011.11.11 02:36:28 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMSDaily.job [2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F} [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe [2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL [2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys [2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D} [2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396} [2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB} [2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514} [2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini [2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys [2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI [2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll [2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys [2010.04.29 02:54:23 | 000,011,832 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp64.sys [2010.04.29 02:54:23 | 000,010,216 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp32.sys [2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys [2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll [2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db [2010.01.03 19:28:18 | 000,012,800 | ---- | C] () -- D:\Windows\System32\drivers\ntiopnp.sys [2010.01.03 19:28:18 | 000,011,392 | ---- | C] () -- D:\Windows\System32\drivers\ntiomin.sys [2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat [2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe [2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat [2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll [2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll [2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll [2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll [2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe [2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll [2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll [2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe [2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll [2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe [2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe [2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe [2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll [2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll [2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll [2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db [2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys [2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys [2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI [2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll [2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini [2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat [2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll [2006.10.20 11:57:20 | 000,012,352 | ---- | C] () -- D:\Windows\System32\drivers\ntiowp.sys [2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe [2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe [2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll [2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe [2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll [2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE [2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys ========== LOP Check ========== [2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon [2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage [2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare [2011.11.28 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BitTorrent [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BitTorrent DNA [2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4 [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design [2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite [2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing [2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft [2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla [2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter [2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft [2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver [2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo [2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient [2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite [2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster [2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT [2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w [2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg [2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player [2011.09.20 03:25:49 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\SystemRequirementsLab [2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer [2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom [2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client [2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft [2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft [2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode [2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess [2011.12.01 02:27:44 | 000,000,214 | ---- | M] () -- D:\Windows\Tasks\AutoKMS.job [2011.12.01 02:36:42 | 000,000,214 | ---- | M] () -- D:\Windows\Tasks\AutoKMSDaily.job [2011.11.28 23:35:50 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.04.01 13:42:34 | 000,000,000 | -HSD | M] -- D:\$Recycle.Bin [2010.05.12 17:05:29 | 000,000,000 | ---D | M] -- D:\10a4703e961a458f36 [2008.06.29 22:47:23 | 000,000,000 | ---D | M] -- D:\1a672a40987deaae5b3a7c [2008.06.29 12:17:43 | 000,000,000 | ---D | M] -- D:\3e5b44590ca684fa83c25ff2ed314f [2010.04.08 00:18:57 | 000,000,000 | ---D | M] -- D:\AC Saves [2007.11.15 18:56:01 | 000,000,000 | ---D | M] -- D:\Armin mukke [2007.11.14 14:22:04 | 000,000,000 | ---D | M] -- D:\AudioADI610x6100_Vista [2011.11.27 03:13:30 | 000,000,000 | -H-D | M] -- D:\Config.Msi [2010.04.08 00:18:53 | 000,000,000 | ---D | M] -- D:\cundc [2010.10.13 15:19:22 | 000,000,000 | ---D | M] -- D:\Desktop [2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- D:\Documents and Settings [2007.02.24 19:18:55 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen [2010.04.01 05:54:32 | 000,000,000 | ---D | M] -- D:\Downloads [2011.11.12 02:32:43 | 000,000,000 | ---D | M] -- D:\fire download [2007.12.17 01:28:17 | 000,000,000 | ---D | M] -- D:\HANDY [2011.01.10 00:14:33 | 000,000,000 | ---D | M] -- D:\Intel [2007.11.06 21:05:32 | 000,000,000 | RH-D | M] -- D:\MSOCache [2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- D:\perflogs [2011.11.30 02:09:15 | 000,000,000 | R--D | M] -- D:\Program Files [2011.11.29 21:56:40 | 000,000,000 | -H-D | M] -- D:\ProgramData [2011.11.16 00:52:11 | 000,000,000 | ---D | M] -- D:\Programme [2009.10.27 05:19:32 | 000,000,000 | -HSD | M] -- D:\Recovery [2007.10.29 20:43:54 | 000,000,000 | -HSD | M] -- D:\RECYCLER [2011.08.17 03:43:26 | 000,000,000 | ---D | M] -- D:\Riot Games [2011.12.01 02:52:36 | 000,000,000 | -HSD | M] -- D:\System Volume Information [2007.05.17 22:49:48 | 000,000,000 | ---D | M] -- D:\Teamspeak2_RC2 [2008.03.12 14:52:11 | 000,000,000 | ---D | M] -- D:\Temp [2011.09.20 14:05:08 | 000,000,000 | R--D | M] -- D:\Users [2011.11.28 23:23:58 | 000,000,000 | ---D | M] -- D:\Windows [2011.12.01 02:41:40 | 000,000,000 | ---D | M] -- D:\wow patch [2010.06.17 22:02:23 | 000,000,000 | ---D | M] -- D:\WoW-LanguagePack-3.x.x-enGB [2007.02.18 18:53:47 | 000,000,000 | ---D | M] -- D:\WUTemp < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- D:\Windows\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- D:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- D:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\System32\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\System32\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\System32\winlogon.exe [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-27 01:14:42 ========== Files - Unicode (All) ========== [2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 [2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty < End of report > Geändert von Grap (02.12.2011 um 14:14 Uhr) Grund: OTL direktpost |
|
02.12.2011, 15:47
| #2 | ||
| /// Helfer-Team    | PC nach dem Windowsstartup langsam, 100% CPU auslastung Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. ** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
2. erneut einen Systemscan mit OTL
3. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
kira
__________________ |
|
02.12.2011, 23:35
| #3 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung Hey,
__________________viele dank erst einmal für deine Zeit hier alle logfiles: MWB logfile: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 12/02/2011 at 06:58 PM
Application Version : 5.0.1136
Core Rules Database Version : 8008
Trace Rules Database Version: 5820
Scan type : Complete Scan
Total Scan Time : 03:22:31
Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC On - Administrator
Memory items scanned : 742
Memory threats detected : 0
Registry items scanned : 40435
Registry threats detected : 0
File items scanned : 344397
File threats detected : 453
Adware.Tracking Cookie
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\HBRVIR4C.txt [ /adfarm1.adition.com ]
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\PMENMI2Z.txt [ /imrworldwide.com ]
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\AWW2CCXN.txt [ /adserver.adtechus.com ]
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\UXMAGCVG.txt [ /invitemedia.com ]
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\DE3ZIIC3.txt [ /ad.yieldmanager.com ]
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\BB79LY4L.txt [ /ad3.adfarm1.adition.com ]
D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\KLGCUQXH.txt [ /revsci.net ]
D:\USERS\DOOM\Cookies\HBRVIR4C.txt [ Cookie:doom@adfarm1.adition.com/ ]
D:\USERS\DOOM\Cookies\PMENMI2Z.txt [ Cookie:doom@imrworldwide.com/cgi-bin ]
D:\USERS\DOOM\Cookies\UXMAGCVG.txt [ Cookie:doom@invitemedia.com/ ]
D:\USERS\DOOM\Cookies\DE3ZIIC3.txt [ Cookie:doom@ad.yieldmanager.com/ ]
D:\USERS\DOOM\Cookies\BB79LY4L.txt [ Cookie:doom@ad3.adfarm1.adition.com/ ]
D:\USERS\DOOM\Cookies\KLGCUQXH.txt [ Cookie:doom@revsci.net/ ]
.atdmt.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.atdmt.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.fastclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.msnportal.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.partypoker.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
de.partypoker.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
statse.webtrendslive.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
rts.pgmediaserve.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.advertising.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
www1.addfreestats.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.imrworldwide.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.imrworldwide.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.bs.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
adserver.71i.de [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.buzznet.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.msnbc.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.youporn.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
track.webtrekk.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
track.webtrekk.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.xiti.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.criticalmass.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.rambler.ru [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
rotabanner2.rian.ru [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.e-2dj6wfkoejcpcao.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
partners.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.guthyrenker.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
stat.onestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
stat.onestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
stat.onestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.softonic.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
www.3dstats.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
media.adrevolver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
ads.revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.adopt.specificclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.realmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.realmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.realmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.hamburgerabendblatt.122.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.sevenloadgmbh.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
sitestat.nokia.de [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
sitestat.nokia.de [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.microsoftwga.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.track.asus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
.track.asus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@ACCOUNT.LIVE[2].TXT [ /ACCOUNT.LIVE ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@ATDMT[2].TXT [ /ATDMT ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@EHG-YOUTUBE.HITBOX[1].TXT [ /EHG-YOUTUBE.HITBOX ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@HITBOX[2].TXT [ /HITBOX ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MICROSOFTWGA.112.2O7[1].TXT [ /MICROSOFTWGA.112.2O7 ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MSNACCOUNTSERVICES.112.2O7[1].TXT [ /MSNACCOUNTSERVICES.112.2O7 ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@WEBORAMA[2].TXT [ /WEBORAMA ]
C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@XITI[1].TXT [ /XITI ]
googleads.g.doubleclick.net [ D:\USERS\DOOM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KPSXPHBX ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.twittercounter.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.naiadsystems.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.naiadsystems.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.overture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffichaus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.overture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mediadakine.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adserver.twitpic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads2.zeusclicks.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
3d-pornos.biz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.3d-pornos.biz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.3d-pornos.biz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
free3dpornonly.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
my3dsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
enter.pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
stat.jowood.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.xlstat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.xlstat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.de.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.track.webgains.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.ventivmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.zeusclicks.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.voosex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.voosex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.3dporn3dporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adult4d.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adult4d.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornhubpremium.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornhubpremium.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.pornhubpremium.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.markussexblog.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.markussexblog.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adserver1.mokono.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
live.counterstation.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.cnetasiapacific.122.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
teufel-media.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.sanyo.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.overture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
d.mediadakine.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.leetmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.stats.paste2.org [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.stats.paste2.org [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.eporner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.eporner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.eporner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.sexkiste.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.sexkiste.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.sexkiste.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.viewablemedia.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.backbeatmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.tldadserv.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
count.asnetworks.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmysjajego.stats.esomniture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adserver.ip-phone-forum.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
pfatracking.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Malintent
C:\PROGRAMME\WINRAR\DEFAULT.SFX
D:\PROGRAM FILES\WINRAR\DEFAULT.SFX
|
|
02.12.2011, 23:36
| #4 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung OTL logfile: Code:
ATTFilter OTL logfile created on: 02.12.2011 23:01:08 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,96% Memory free 9,65 Gb Paging File | 8,24 Gb Available in Paging File | 85,35% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS Drive D: | 108,46 Gb Total Space | 10,39 Gb Free Space | 9,58% Space Free | Partition Type: NTFS Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 1825,76 Gb Total Space | 1625,45 Gb Free Space | 89,03% Space Free | Partition Type: NTFS Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32 Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Users\DooM\Desktop\OTL.exe (OldTimer Tools) PRC - D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) PRC - D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - D:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - D:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - D:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - D:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - D:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com) PRC - D:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - D:\Users\DooM\AppData\Local\Apps\2.0\VZ1BGWTE.MKJ\NBQXGJY0.TAZ\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe (Curse) PRC - D:\Windows\explorer.exe (Microsoft Corporation) PRC - D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft) PRC - D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe (Genie-Soft) PRC - D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe (The PHP Group) PRC - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) PRC - D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA) PRC - D:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - D:\Windows\System32\dxdiag.exe (Microsoft Corporation) PRC - D:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - D:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) ========== Modules (No Company Name) ========== MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll () MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll () MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL () MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\168c6417c92bdddd10809791ed32be3e\Microsoft.VisualBasic.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\6d859463c9e6a7423ddb335211a79dda\System.Core.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\545f2e1ca544c2a8a39cbf8565e1c709\CustomMarshalers.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8dba8803fad87c39c0afbdce6c19fdd0\System.Runtime.Serialization.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9123843fd33a30164ceb951c98b7ca2a\SMDiagnostics.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\cc3d9cb5c17d1863e3146c2a0d5c9e86\System.ServiceModel.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\9be84470118f84e965ff0f142701efc6\System.Deployment.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5a95ba97100404e2ab26b5a9ab9ef965\System.Web.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\9b8dcad25a3be7d4a3f3b8b384f3190a\System.Security.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll () MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll () MOD - D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll () MOD - D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll () MOD - D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () MOD - D:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll () MOD - D:\Program Files\WinRAR\RarExt.dll () MOD - D:\Program Files\LinkShellExtension\RockallDLL.dll () ========== Win32 Services (SafeList) ========== SRV - (Akamai) -- d:\program files\common files\akamai/netsession_win_d768ebc.dll () SRV - (nvUpdatusService) -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (NAUpdate) -- D:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (TeamViewer6) -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (!SASCORE) -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) SRV - (GenieTimelineService) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe (Genie-Soft) SRV - (S3DSvc32) S3D Service (Win32) -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe (iZ3D Inc.) SRV - (Microsoft SharePoint Workspace Audit Service) -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (CPUCooLServer) -- D:\Program Files\CPUCooL\CooLSRV.exe () SRV - (AfaService) -- D:\Windows\System32\afasrv32.exe () SRV - (Steam Client Service) -- D:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (UpdateCenterService) -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA) SRV - (nTuneService) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) SRV - (SensrSvc) -- D:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- D:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- D:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AEADIFilters) -- D:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (SBSDWSCService) -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WcesComm) -- D:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- D:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (nvlddmkm) -- D:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avipbb) -- D:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- D:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- D:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (FNETURPX) -- D:\Windows\System32\drivers\FNETURPX.SYS (FNet Co., Ltd.) DRV - (FNETTBOH) -- D:\Windows\System32\drivers\FNETTBOH.SYS (FNet Co., Ltd.) DRV - (SASDIFSV) -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (NVHDA) -- D:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (SWDUMon) -- D:\Windows\System32\drivers\SWDUMon.sys () DRV - (iZ3DInjectionDriver) -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys () DRV - (yukonw7) -- D:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (ssmdrv) -- D:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (ntiopnp) -- D:\Windows\System32\drivers\ntiopnp.sys () DRV - (ntiomin) -- D:\Windows\System32\drivers\ntiomin.sys () DRV - (atksgt) -- D:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- D:\Windows\System32\drivers\lirsgt.sys () DRV - (sptd) -- D:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (nvoclock) -- D:\Windows\System32\drivers\nvoclock.sys (NVIDIA Corp.) DRV - (AsIO) -- D:\Windows\System32\drivers\AsIO.sys () DRV - (MTsensor) -- D:\Windows\System32\drivers\ASACPI.sys () DRV - (vmbus) -- D:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- D:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- D:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation) DRV - (WinUsb) -- D:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (s3cap) -- D:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- D:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (MagicTune) -- D:\Windows\system32\drivers\MTiCtwl.sys (Samsung Electronics, Inc. ) DRV - (MHIKEY10) -- D:\Windows\System32\drivers\MHIKEY10.sys (Generic USB smartcard reader) DRV - (LUsbFilt) -- D:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.) DRV - (LMouFilt) -- D:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- D:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (ntiowp) -- D:\Windows\System32\drivers\ntiowp.sys () DRV - (speedfan) -- D:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider) DRV - (MR97310_VGA_DUAL_CAMERA) -- D:\Windows\System32\drivers\mr97310v.sys (Mars Semiconductor Corp.) DRV - (UMSSSTOR) -- D:\Windows\System32\drivers\Umss.SYS (C-Media Corporation) DRV - (giveio) -- D:\Windows\system32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Bing" FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin" FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.11.15 19:42:09 | 000,000,000 | ---D | M] [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions [2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net [2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml [2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2009.10.27 04:32:54 | 000,000,000 | ---D | M] (BearShare MediaBar) -- D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} () (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI [2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2008.01.08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.12 05:14:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.08.12 05:19:37 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 wsuplay.ubi.com O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 15004 more lines... O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - Unable to obtain root file information for disk G:\ O32 - Unable to obtain root file information for disk H:\ O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell - "" = AutoRun O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell\AutoRun\command - "" = F:\INSTALL.EXE O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell - "" = AutoRun O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell\AutoRun\command - "" = I:\Autorun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com [2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware [2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test [2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes [2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes [2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys [2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas [2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner [2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe [2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys [2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings [2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared [2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games [2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games [2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE [2011.11.15 18:19:08 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod [2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes [2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim [2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll [2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll [2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll [2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll [2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll [2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll [2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll [2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll [2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll [2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll [2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll [2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll [2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll [2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll [2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll [2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll [2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys [2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll [2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll [2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll [2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher [2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen [2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver [2011.11.04 02:13:34 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Akamai [1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.02 22:55:35 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.02 22:55:35 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.02 22:50:10 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job [2011.12.02 22:48:48 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2011.12.02 22:48:37 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys [2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.02 02:36:01 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMSDaily.job [2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl [2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.24 23:32:11 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2011.11.24 23:32:11 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:19:08 | 000,000,893 | ---- | M] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk [2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable [2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav [2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma [2011.11.15 18:19:08 | 000,000,893 | ---- | C] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk [2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb [2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.11 02:36:29 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMS.job [2011.11.11 02:36:28 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMSDaily.job [2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F} [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe [2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL [2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys [2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D} [2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396} [2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB} [2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514} [2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini [2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys [2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI [2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll [2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys [2010.04.29 02:54:23 | 000,011,832 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp64.sys [2010.04.29 02:54:23 | 000,010,216 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp32.sys [2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys [2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll [2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db [2010.01.03 19:28:18 | 000,012,800 | ---- | C] () -- D:\Windows\System32\drivers\ntiopnp.sys [2010.01.03 19:28:18 | 000,011,392 | ---- | C] () -- D:\Windows\System32\drivers\ntiomin.sys [2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat [2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe [2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat [2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll [2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll [2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll [2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll [2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe [2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll [2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll [2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe [2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll [2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe [2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe [2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe [2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll [2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll [2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll [2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db [2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys [2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys [2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI [2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll [2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini [2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat [2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll [2006.10.20 11:57:20 | 000,012,352 | ---- | C] () -- D:\Windows\System32\drivers\ntiowp.sys [2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe [2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe [2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll [2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe [2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll [2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE [2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys ========== Files - Unicode (All) ========== [2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 [2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty < End of report > Code:
ATTFilter OTL Extras logfile created on: 02.12.2011 23:01:08 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,96% Memory free
9,65 Gb Paging File | 8,24 Gb Available in Paging File | 85,35% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,39 Gb Free Space | 9,58% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1625,45 Gb Free Space | 89,03% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2C675E-8040-431B-99C4-137DF4FBF75A}" = Thermal Analysis Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AC76BA86-7AD7-5670-0000-800000000003}" = Korean Fonts Support For Adobe Reader 8
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"C-Media Card Reader Driver" = C-Media USB Mass Storage Driver
"CPUCooL" = CPUCooL (remove only)
"CPUFSB" = CPUFSB (remove only)
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"FLV Player2.0 " = FLV Player
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"HardlinkShellExt" = Link Shell Extension
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"Skype™ for Windows Mobile_is1" = Skype™ for Windows Mobile 3.0
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"BitTorrent" = BitTorrent
"BitTorrent DNA" = BitTorrent DNA
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
02.12.2011, 23:37
| #5 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung CCleaner inhalt: Code:
ATTFilter Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 26.10.2009 10.0.22.87
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 26.11.2011 6,00MB 11.1.102.55
Adobe Reader 8.1.0 - Deutsch Adobe Systems Incorporated 07.10.2011 97,9MB 8.1.0
Adobe Reader X (10.0.1) - Deutsch Adobe Systems Incorporated 24.03.2011 115,8MB 10.0.1
Akamai NetSession Interface 03.11.2011
Akamai NetSession Interface Service 03.11.2011
Apple Application Support Apple Inc. 11.10.2011 61,2MB 2.1.5
Apple Mobile Device Support Apple Inc. 13.11.2011 24,1MB 4.0.0.97
Apple Software Update Apple Inc. 06.07.2011 2,38MB 2.1.3.127
Assassin's Creed Brotherhood Ubisoft 07.08.2011 1.01
Avira Free Antivirus Avira 29.10.2011 104,5MB 12.0.0.861
BitTorrent BitTorrent, Inc 26.10.2009 6.0
BitTorrent DNA 26.10.2009 2.0.0
Bonjour Apple Inc. 11.10.2011 1,02MB 3.0.0.10
C-Media USB Mass Storage Driver 15.08.2010
CCleaner Piriform 26.11.2011 3.12
Counter-Strike Valve 26.10.2009
CPUCooL (remove only) 28.04.2010
CPUFSB (remove only) 28.04.2010
Curse Client Curse 05.07.2011 4.0.1.112
DivX-Setup DivX, LLC 14.11.2011 2.6.0.34
DotAzilla Dota-League.com 02.02.2010
Download Direct SenBit 21.12.2008 6,94MB 1.0
Eusing Free Registry Cleaner 29.04.2010
EVEREST Home Edition v2.20 Lavalys Inc 26.10.2009 2.20
EVGA OC Scanner 1.7.3 EVGA 16.09.2011 2,13MB
EVGA Precision 2.0.4 EVGA Corporation 16.09.2011 2.0.4
fahrschule-weichert.de 28.08.2010
ffdshow v1.1.3892 [2011-06-20] 23.09.2011 12,8MB 1.1.3892.0
FLV Player Applian Technologies Inc. 26.10.2009 2.0
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 04.04.2011 10,7MB
Free Audio Dub version 1.7.8.426 DVDVideoSoft Limited. 31.05.2011 22,5MB
Free Video Flip and Rotate version 1.5 DVDVideoSoft Limited. 23.01.2010
Free YouTube Download version 3.0.16.923 DVDVideoSoft Ltd. 08.10.2011 39,0MB
Free YouTube to iPhone Converter version 2.10.31.305 DVDVideoSoft Limited. 23.03.2011 30,5MB
Free YouTube to MP3 Converter version 3.10.6.727 DVDVideoSoft Limited. 01.08.2011 44,9MB
Haali Media Splitter 23.09.2011
Host OpenAL (ADI) 19.09.2011
HyperCam 2 26.10.2009
iCloud Apple Inc. 16.10.2011 23,6MB 1.0.1.29
iPhone Explorer Marx Softwareentwicklung 19.10.2011 7,04MB 0.9.28.4
IsoBuster 2.2 Smart Projects 25.11.2007 2.2
iTunes Apple Inc. 13.11.2011 169,7MB 10.5.1.42
iZ3D Driver Remove iZ3D Inc. 22.09.2011 50,7MB 1.12(4016)
Java(TM) 6 Update 29 Sun Microsystems, Inc. 21.12.2008 94,4MB 6.0.290
JDownloader AppWork UG (haftungsbeschränkt) 30.03.2010 0.89
Korean Fonts Support For Adobe Reader 8 Adobe Systems 17.05.2010 10,0MB 8.0.0
LaCie Genie Timeline 2.1 Genie-Soft 07.10.2011 2.1
League of Legends Riot Games 16.08.2011 1.02.0000
Link Shell Extension 12.10.2011
MagicTunePremium Samsung Electronics Ltd. 10.11.2011 4.0.14
Malwarebytes' Anti-Malware Version 1.51.2.1300 Malwarebytes Corporation 28.11.2011 13,8MB 1.51.2.1300
Marvell Miniport Driver Marvell 09.01.2011 11.30.1.3
Media Manager for WALKMAN 1.1 Sony 29.04.2008 57,9MB 1.1.464
Messenger Plus! Live Yuna Software 03.11.2010 4.90.0.392
Microsoft .NET Compact Framework 3.5 Microsoft Corporation 11.10.2009 81,7MB 3.5.7283
Microsoft .NET Framework 1.1 26.10.2009
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.06.2010 38,8MB 4.0.30319
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 14.11.2011 32,5MB 2.0.672.0
Microsoft Office File Validation Add-In Microsoft Corporation 07.07.2011 7,92MB 14.0.5130.5003
Microsoft Office Professional Plus 2010 Microsoft Corporation 10.11.2011 14.0.4734.1000
Microsoft Phone Data Manager (beta) Microsoft Corporation 23.10.2009 3,39MB 2.0.1001.0
Microsoft Silverlight Microsoft Corporation 23.06.2011 218MB 4.0.60531.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 10.04.2011 1,70MB 3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 29.08.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 23.06.2011 0,29MB 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 02.02.2010 0,20MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 23.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 21.04.2010 4,32MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 01.02.2010 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.10.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 23.06.2011 0,59MB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09.10.2011 11,1MB 10.0.40219
MobileMe Control Panel Apple Inc. 16.10.2011 12,9MB 3.1.8.0
Mozilla Firefox 8.0 (x86 de) Mozilla 08.11.2011 40,9MB 8.0
MultiScreen Samsung Electronics Ltd. 10.11.2011 1.00.0000
Nero Burning ROM 11 Nero AG 09.10.2011 265MB 11.0.10400
NVIDIA 3D Vision Controller Driver 285.62 NVIDIA Corporation 11.11.2011 285.62
NVIDIA 3D Vision Driver 285.62 NVIDIA Corporation 11.11.2011 285.62
NVIDIA 3D Vision Video Player NVIDIA Corporation 23.09.2011 7,24MB 1.6.2
NVIDIA Drivers NVIDIA Corporation 06.09.2011 63,0MB 1.10
NVIDIA Graphics Driver 285.62 NVIDIA Corporation 11.11.2011 285.62
NVIDIA HD Audio Driver 1.2.24.0 NVIDIA Corporation 11.11.2011 1.2.24.0
NVIDIA Performance NVIDIA Corporation 18.04.2010 18,8MB 6.5
NVIDIA PhysX System Software 9.11.0621 NVIDIA Corporation 16.09.2011 9.11.0621
NVIDIA System Monitor NVIDIA Corporation 18.04.2010 18,1MB 6.5
NVIDIA System Update NVIDIA Corporation 18.04.2010 3,60MB 3.00
NVIDIA Update 1.5.20 NVIDIA Corporation 11.11.2011 1.5.20
Pando Media Booster Pando Networks Inc. 16.08.2011 5,47MB 2.3.6.0
PC Inspector File Recovery 06.04.2010 4.0
PC Probe II ASUSTeK Computer Inc. 28.04.2010 1.04.87
Picasa 3 Google, Inc. 30.08.2011 3.8
PokerStars.net PokerStars.net 29.04.2010
QuickTime Apple Inc. 25.08.2011 73,0MB 7.70.80.34
RAR Password Cracker 4.12 dnSoft Research Group 21.04.2010
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 19.09.2011 6.0.1.6449
Recuva Piriform 07.04.2010 1.36
Rockstar Games Social Club Rockstar Games 14.11.2011 1.00.0000
Samsung_MonSetup Samsung 11.11.2011 1.00.0000
Skype web features Skype Technologies S.A. 28.12.2009 4,32MB 1.0.3971
Skype™ 4.1 Skype Technologies S.A. 28.12.2009 31,1MB 4.1.179
Skype™ for Windows Mobile 3.0 Skype Limited 31.10.2010 3.0.0.256
SoundMAX Analog Devices 19.09.2011 6.10.1.6585
SpeedFan (remove only) 28.04.2010
Spybot - Search & Destroy Safer Networking Limited 06.10.2010 1.6.2
Steam Valve 29.09.2008 1,31MB 1.0.0.0
Stereoscopic Player 3dtv.at 22.09.2011 15,5MB 1.7.4
SUPERAntiSpyware SUPERAntiSpyware.com 01.12.2011 70,8MB 5.0.1136
Switch Uninstall 26.10.2009
SyncroSoft Emu (Remove only) 26.10.2009
Syncrosofts Lizenz Kontrolle Syncrosoft Hard- Und Software GmbH 26.10.2009
System Requirements Lab for Intel Husdawg, LLC 19.09.2011 0,75MB 4.4.24.0
TeamSpeak 3 Client TeamSpeak Systems GmbH 26.05.2010
Thermal Analysis Tool Intel Corporation 28.04.2010 2.05.2006.0427
Ubisoft Game Launcher UBISOFT 07.08.2011 1.0.0.0
UsbBoost 08.10.2011
VideoLAN VLC media player 0.8.6d VideoLAN Team 26.10.2009 0.8.6d
Warcraft III 26.10.2009
Warcraft III: All Products 26.10.2009
Warkeys 1.14.1.0b 12.12.2009 1.14.1.0b
WavePad Sound Editor NCH Software 26.10.2009
Winamp Nullsoft, Inc 26.10.2009 5.52
Windows Live Essentials Microsoft Corporation 11.04.2011 15.4.3508.1109
Windows Live Favorites für Windows Live Toolbar Microsoft Corporation 07.11.2007 1,80MB 03.01.0146
Windows Media Encoder 9-Reihe 26.10.2009
Windows Media Player Firefox Plugin Microsoft Corp 18.01.2008 0,29MB 1.0.0.8
Windows Mobile Device Center Microsoft Corporation 10.03.2009 27,5MB 6.1.6965.0
Windows Mobile Device Center Driver Update Microsoft Corporation 08.03.2009 42,4MB 6.1.6965.0
WinRAR 26.10.2009
Wisdom-soft AutoScreenRecorder 2.0 Free Wisdom Software Inc. 26.10.2009
World of Logs Client (4.2) Digibites Technology 06.09.2011
World of Warcraft Blizzard Entertainment 19.11.2011 4.3.0.15005
World of Warcraft Public Test Blizzard Entertainment 19.11.2011 0.0.0.0
XMedia Recode 3.0.0.5 Sebastian Dörfler 07.07.2011 3.0.0.5
Zattoo 3.3.4 Beta Zattoo Inc. 11.01.2010 3.3.4 Beta
Zattoo4 4.0.3 Zattoo Inc. 22.02.2010 4.0.3
|
|
03.12.2011, 23:43
| #6 | ||||
| /// Helfer-Team | PC nach dem Windowsstartup langsam, 100% CPU auslastung 1. Zitat:
alte Version, kannst deinstallieren: Zitat:
BitTorrent/DNA: gilt als unsicher und sollte daher nicht eingesetzt werden. Was ist BitTorrent/DNA 4. Messenger Plus! Live: Zur Kategorie des Unsicheren gehört! Hast Du während der Installation der von Programm "zusätzlich" angebotenen Software abgewählt? Nämlich da neben der eigentlichen Software auch Adware -Programm wird (mit)installiert Wenn du unbedingt möchtest (nicht empfohlen, da es absolut nicht nötig ist und dein MSN davon nicht betroffen), kannst du nochmal installieren, aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc möglichst abwählen![/b][/size][/quote] Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte. es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen! 5. Zitat:
Code:
ATTFilter :OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
[2009.10.27 04:32:54 | 000,000,000 | ---D | M] (BearShare MediaBar) -- D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
[2008.01.08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.08.12 05:14:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.08.12 05:19:37 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell - "" = AutoRun
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell - "" = AutoRun
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.02.25 03:09:34 | 002,834,432 | R--- | M] ()
[2011.12.02 22:50:10 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2011.12.02 02:36:01 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMSDaily.job
:Commands
[purity]
[emptytemp]
6. erneut einen Scan mit OTL:
Zitat:
__________________ --> PC nach dem Windowsstartup langsam, 100% CPU auslastung |
|
04.12.2011, 20:17
| #7 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung Hey und danke für die Antwort. -> Hab die falsche Logdatei gepostet. Dementsprechend hab ichs jetzt neu durchlaufen lassen. Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8300
Windows 6.1.7600
Internet Explorer 9.0.8112.16421
04.12.2011 05:09:35
mbam-log-2011-12-04 (05-09-35).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 520523
Laufzeit: 2 Stunde(n), 43 Minute(n), 1 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
2. -> Adobe Reader 8.1.0 hab ich jetzt gelöscht. 3. -> Bittorrent gelöscht, DNA ist anscheinend der serverschnittpunkt dazu gewesen, dementsprechend auch mitgelöscht. 4. -> Messenger Plus Live! entfernt, MSN nutz ich nichtmehr. Hatte jedoch auch vorher immer alle Toolbars deaktiviert, da ich immer eine benutzerdefinierte Installation durchführe. 5. -> Fixen mit OTL Code:
ATTFilter All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "Bing" removed from browser.search.defaultenginename
Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from browser.search.defaulturl
Prefs.js: "Bing" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ not found.
Folder D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
File D:\Program Files\mozilla firefox\plugins\npbittorrent.dll not found.
File D:\Program Files\mozilla firefox\searchplugins\bing.xml not found.
File D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ not found.
File F:\INSTALL.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b2e7413-f348-11e0-999c-d52372774303}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b2e7413-f348-11e0-999c-d52372774303}\ not found.
File I:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
D:\Windows\Tasks\AutoKMS.job moved successfully.
D:\Windows\Tasks\AutoKMSDaily.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: DooM
->Temp folder emptied: 2302364 bytes
->Temporary Internet Files folder emptied: 9352840 bytes
->Java cache emptied: 11755033 bytes
->FireFox cache emptied: 691158839 bytes
->Google Chrome cache emptied: 6761191 bytes
->Flash cache emptied: 1497419 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1576360 bytes
RecycleBin emptied: 203608478 bytes
Total Files Cleaned = 885,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 12042011_060334
Files\Folders moved on Reboot...
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry entries deleted on Reboot...
OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.12.2011 16:12:48 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,28% Memory free 9,65 Gb Paging File | 8,30 Gb Available in Paging File | 85,96% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS Drive D: | 108,46 Gb Total Space | 10,48 Gb Free Space | 9,66% Space Free | Partition Type: NTFS Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 1825,76 Gb Total Space | 1623,92 Gb Free Space | 88,94% Space Free | Partition Type: NTFS Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32 Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe PRC - [2011.02.02 15:25:04 | 001,051,264 | ---- | M] (Genie-soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe PRC - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE ========== Modules (No Company Name) ========== MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll MOD - [2010.09.06 12:50:38 | 000,072,192 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll MOD - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll ========== Win32 Services (SafeList) ========== SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService) SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32) SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService) SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService) SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX) DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH) DRV - [2011.09.14 14:58:38 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock) DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA) DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin" FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.12.04 05:27:45 | 000,000,000 | ---D | M] [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions [2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net [2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml [2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI [2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 wsuplay.ubi.com O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 15004 more lines... O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - Unable to obtain root file information for disk G:\ O32 - Unable to obtain root file information for disk H:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.04 05:27:42 | 000,000,000 | ---D | C] -- D:\_OTL [2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com [2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware [2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test [2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes [2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes [2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys [2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas [2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner [2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe [2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys [2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings [2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared [2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games [2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games [2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE [2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod [2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes [2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim [2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll [2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll [2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll [2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll [2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll [2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll [2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll [2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll [2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll [2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll [2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll [2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll [2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll [2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll [2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll [2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll [2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys [2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll [2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll [2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll [2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher [2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen [2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver ========== Files - Modified Within 30 Days ========== [2011.12.04 15:01:14 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.04 15:01:13 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.04 14:54:26 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2011.12.04 14:54:14 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys [2011.12.04 08:16:16 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2011.12.04 08:16:16 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl [2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable [2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav [2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma [2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb [2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F} [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe [2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL [2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys [2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D} [2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396} [2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB} [2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514} [2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini [2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys [2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI [2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll [2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys [2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys [2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll [2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db [2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat [2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe [2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat [2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll [2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll [2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll [2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll [2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe [2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll [2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll [2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe [2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll [2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe [2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe [2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe [2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll [2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll [2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll [2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db [2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys [2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys [2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI [2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll [2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini [2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat [2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll [2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe [2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe [2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll [2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe [2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll [2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE [2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys ========== LOP Check ========== [2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon [2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage [2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare [2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4 [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design [2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite [2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing [2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft [2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla [2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter [2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft [2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver [2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo [2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient [2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite [2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster [2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT [2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w [2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg [2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player [2011.09.20 03:25:49 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\SystemRequirementsLab [2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer [2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom [2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client [2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft [2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft [2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode [2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess [2011.11.28 23:35:50 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 [2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty < End of report > OTL extra: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.12.2011 16:12:48 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,28% Memory free
9,65 Gb Paging File | 8,30 Gb Available in Paging File | 85,96% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,48 Gb Free Space | 9,66% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1623,92 Gb Free Space | 88,94% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2C675E-8040-431B-99C4-137DF4FBF75A}" = Thermal Analysis Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"FLV Player2.0 " = FLV Player
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"HardlinkShellExt" = Link Shell Extension
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"Skype™ for Windows Mobile_is1" = Skype™ for Windows Mobile 3.0
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
05.12.2011, 15:33
| #8 | ||
| /// Helfer-Team | PC nach dem Windowsstartup langsam, 100% CPU auslastung 1. Zitat:
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"... 2. Zitat:
Code:
ATTFilter :OTL
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.)
[2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty
:Commands
[purity]
[emptytemp]
3. reinige dein System mit Ccleaner:
4. erneut einen Scan mit OTL:
5.
6. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< 7. erneut einen Scan mit OTL:
► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
06.12.2011, 11:02
| #9 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung Hey, Spybot werd ich gleich löschen. Änderungen musste ich bis jetzt keine machen. Otl Fix: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.
D:\Program Files\BitTorrent_DNA\npbtdna.dll moved successfully.
D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File not found.
File not found.
ADS D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: DooM
->Temp folder emptied: 209978 bytes
->Temporary Internet Files folder emptied: 210161 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77728090 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1067 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 840 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 75,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 12052011_165303
Files\Folders moved on Reboot...
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Otl: Code:
ATTFilter OTL logfile created on: 05.12.2011 17:30:16 - Run 5 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,50% Memory free 9,65 Gb Paging File | 8,49 Gb Available in Paging File | 87,97% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS Drive D: | 108,46 Gb Total Space | 10,00 Gb Free Space | 9,22% Space Free | Partition Type: NTFS Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 1825,76 Gb Total Space | 1623,23 Gb Free Space | 88,91% Space Free | Partition Type: NTFS Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32 Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe PRC - [2011.02.02 15:25:04 | 001,051,264 | ---- | M] (Genie-soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe PRC - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE ========== Modules (No Company Name) ========== MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll MOD - [2010.09.06 12:50:38 | 000,072,192 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll MOD - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll ========== Win32 Services (SafeList) ========== SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService) SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32) SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService) SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService) SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX) DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH) DRV - [2011.09.14 14:58:38 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock) DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA) DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin" FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.12.04 05:27:45 | 000,000,000 | ---D | M] [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions [2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net [2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI [2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 wsuplay.ubi.com O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 15004 more lines... O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - Unable to obtain root file information for disk G:\ O32 - Unable to obtain root file information for disk H:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.05 01:14:06 | 000,000,000 | ---D | C] -- D:\Windows\Panther [2011.12.04 05:27:42 | 000,000,000 | ---D | C] -- D:\_OTL [2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com [2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware [2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test [2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes [2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes [2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys [2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas [2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner [2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe [2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys [2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings [2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared [2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games [2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games [2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE [2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod [2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes [2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim [2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll [2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll [2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll [2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll [2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll [2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll [2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll [2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll [2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll [2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll [2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll [2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll [2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll [2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll [2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll [2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll [2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys [2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll [2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll [2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll [2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher [2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen [2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver ========== Files - Modified Within 30 Days ========== [2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.05 17:14:59 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2011.12.05 17:14:47 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys [2011.12.05 17:10:40 | 000,001,026 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg [2011.12.05 17:09:53 | 000,032,370 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg [2011.12.05 16:53:15 | 000,003,136 | ---- | M] () -- D:\Users\DooM\Documents\Anfrage.eml [2011.12.04 08:16:16 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2011.12.04 08:16:16 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl [2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2011.12.05 17:10:38 | 000,001,026 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg [2011.12.05 17:09:46 | 000,032,370 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg [2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable [2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav [2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma [2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb [2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F} [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe [2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL [2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys [2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D} [2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396} [2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB} [2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514} [2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini [2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys [2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI [2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll [2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys [2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys [2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll [2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db [2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat [2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe [2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat [2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll [2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll [2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll [2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll [2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe [2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll [2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll [2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe [2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll [2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe [2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe [2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe [2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll [2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll [2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll [2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db [2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys [2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys [2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI [2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll [2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini [2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat [2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll [2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe [2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe [2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll [2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe [2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll [2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE [2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys ========== LOP Check ========== [2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon [2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage [2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare [2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4 [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design [2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite [2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing [2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft [2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla [2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter [2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft [2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver [2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo [2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient [2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite [2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster [2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT [2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w [2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg [2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player [2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer [2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom [2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client [2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft [2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft [2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode [2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess [2011.12.04 20:36:53 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 [2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty < End of report > Code:
ATTFilter OTL Extras logfile created on: 05.12.2011 17:30:17 - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,50% Memory free
9,65 Gb Paging File | 8,49 Gb Available in Paging File | 87,97% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,00 Gb Free Space | 9,22% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1623,23 Gb Free Space | 88,91% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
06.12.2011, 11:03
| #10 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung SAS: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 12/06/2011 at 02:11 AM
Application Version : 5.0.1136
Core Rules Database Version : 8012
Trace Rules Database Version: 5824
Scan type : Complete Scan
Total Scan Time : 08:20:49
Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC On - Administrator
Memory items scanned : 813
Memory threats detected : 0
Registry items scanned : 40346
Registry threats detected : 1
File items scanned : 311170
File threats detected : 126
Adware.Tracking Cookie
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.traffichaus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ads2.zeusclicks.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.tldadserv.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.counter.sexsuche.tv [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
counter2.sexmoney.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
servestats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
servestats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
media.campartner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.toplist.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
System.BrokenFileAssociation
HKCR\.exe
ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0c0c0889ad187244a9f719802ad17a4e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-06 09:44:58
# local_time=2011-12-06 10:44:58 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 3237377 3237377 0 0
# compatibility_mode=5893 16776574 100 94 3730 74780500 0 0
# compatibility_mode=8192 67108863 100 0 3820 3820 0 0
# scanned=314375
# found=2
# cleaned=2
# scan_time=15389
C:\WINDOWS\KMSEmulator.exe a variant of Win32/HackKMS.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\wow patch\SoftonicDownloader_fuer_slimdrivers.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
Otl Log2: Code:
ATTFilter OTL logfile created on: 06.12.2011 10:48:57 - Run 6 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 53,39% Memory free 9,65 Gb Paging File | 7,89 Gb Available in Paging File | 81,76% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS Drive D: | 108,46 Gb Total Space | 9,63 Gb Free Space | 8,88% Space Free | Partition Type: NTFS Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe PRC - [2011.11.09 02:48:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011.11.07 19:04:36 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE ========== Modules (No Company Name) ========== MOD - [2011.12.05 17:47:57 | 000,052,736 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll MOD - [2011.12.05 17:47:56 | 000,063,488 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2011.12.02 15:31:00 | 000,117,760 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2011.12.02 15:31:00 | 000,052,224 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2011.11.09 02:48:14 | 001,989,592 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011.10.15 00:54:26 | 000,265,536 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll MOD - [2011.02.02 13:43:00 | 000,467,968 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSWatcher4.dll MOD - [2011.02.02 13:43:00 | 000,396,288 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSBackupManager.dll MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll MOD - [2011.01.10 15:00:20 | 000,048,128 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogManager.dll MOD - [2010.12.29 14:54:44 | 000,009,728 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\VSSEngine_Proxy.dll MOD - [2010.12.29 14:54:38 | 000,111,616 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\BlockLevel2.dll MOD - [2010.12.29 14:54:38 | 000,043,008 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLibrariesManager.dll MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll ========== Win32 Services (SafeList) ========== SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService) SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32) SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService) SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService) SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX) DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH) DRV - [2011.09.14 14:58:38 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock) DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA) DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin" FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.12.04 05:27:45 | 000,000,000 | ---D | M] [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions [2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions [2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com [2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net [2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI [2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 wsuplay.ubi.com O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 15004 more lines... O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.06 06:24:49 | 000,000,000 | ---D | C] -- D:\Program Files\ESET [2011.12.05 01:14:06 | 000,000,000 | ---D | C] -- D:\Windows\Panther [2011.12.04 05:27:42 | 000,000,000 | ---D | C] -- D:\_OTL [2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com [2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com [2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware [2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test [2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes [2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes [2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys [2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas [2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner [2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe [2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe [2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys [2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings [2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared [2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games [2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games [2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive [2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE [2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod [2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes [2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim [2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll [2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll [2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll [2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll [2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll [2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll [2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll [2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll [2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll [2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll [2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll [2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll [2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll [2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll [2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll [2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll [2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys [2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll [2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll [2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll [2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher [2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen [2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen [2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver ========== Files - Modified Within 30 Days ========== [2011.12.05 19:44:31 | 000,007,594 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.05 17:14:59 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2011.12.05 17:14:47 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys [2011.12.05 17:10:40 | 000,001,026 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg [2011.12.05 17:09:53 | 000,032,370 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg [2011.12.05 16:53:15 | 000,003,136 | ---- | M] () -- D:\Users\DooM\Documents\Anfrage.eml [2011.12.04 08:16:16 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2011.12.04 08:16:16 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe [2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl [2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe [2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll [2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2011.12.05 17:10:38 | 000,001,026 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg [2011.12.05 17:09:46 | 000,032,370 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg [2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe [2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable [2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg [2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk [2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav [2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma [2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk [2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk [2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb [2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk [2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F} [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe [2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL [2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys [2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D} [2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396} [2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB} [2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514} [2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini [2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys [2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI [2010.04.29 03:33:33 | 000,007,594 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg [2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll [2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys [2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys [2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll [2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db [2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat [2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe [2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat [2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll [2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll [2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll [2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll [2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe [2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll [2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll [2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe [2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll [2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe [2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe [2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe [2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll [2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll [2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll [2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db [2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys [2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys [2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI [2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll [2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini [2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat [2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll [2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe [2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe [2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll [2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe [2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll [2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE [2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys ========== LOP Check ========== [2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon [2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage [2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare [2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4 [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design [2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite [2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing [2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft [2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract [2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla [2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter [2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft [2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver [2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo [2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient [2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia [2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite [2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster [2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT [2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w [2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony [2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg [2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player [2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer [2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom [2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client [2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft [2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft [2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode [2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess [2011.12.04 20:36:53 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3 [2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 [2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty < End of report > Extra2 Code:
ATTFilter OTL Extras logfile created on: 06.12.2011 10:48:57 - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\DooM\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 53,39% Memory free
9,65 Gb Paging File | 7,89 Gb Available in Paging File | 81,76% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 9,63 Gb Free Space | 8,88% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
06.12.2011, 11:17
| #11 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung Das System ist schon ein wenig flüssiger geworden, hab jedoch trotzdem eine 100% CPU Auslastung. |
|
06.12.2011, 18:37
| #12 |
| /// Helfer-Team | PC nach dem Windowsstartup langsam, 100% CPU auslastung schau mal im Taskmanager (Strg+Alt+Entf), welches programm die hohe CPU-Auslastung verursacht ! 1. Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf: Code:
ATTFilter CCleaner
2. Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
3. Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes: Alle Systemwiederherstellungspunkte löschen, auch den Letzten 4. lade Dir HijackThis 2.0.4 von *von hier* herunter HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen" 5. MBR mit aswMBR von Avast prüfen Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin). XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten. Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen. Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen. Klicke Scan, um den Suchlauf zu starten. Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern. Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
07.12.2011, 03:37
| #13 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung Hey, hab jetzt nach dem genaueren Grund gesucht und nach einigen Stunden den Service "IP Helper" und "DNS Cache" als Ursache ausfindig gemacht. Hab die beiden daraufhin beim Systemstart deaktiviert und seitdem läuft alle ganz normal. Hab somit wieder eine Auslastung von etwa 0-3%. Jetzt frag ich mich halt nur, ob dieses Abschalten nicht vielleicht irgendwelche und seien es noch so kleine Nachteile bringen könnten. Hab mir über CMD -> ipconfig /displaydns auch den DNS Cache angeguckt. Dieser besteht zum größten Teil aus Ominösen Homepagelinks. Ein Beispiel hab ich in Bildform angehängt. Hier zu dem die Logfiles: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 03:27:03, on 07.12.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: D:\Windows\system32\Dwm.exe D:\Windows\Explorer.EXE D:\Windows\system32\taskhost.exe D:\Program Files\NVIDIA Corporation\Display\nvtray.exe D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe D:\Program Files\Avira\AntiVir Desktop\avgnt.exe D:\Program Files\UsbBoost\TurboHddUsb.exe D:\Program Files\Analog Devices\Core\smax4pnp.exe D:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file) O4 - HKLM\..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [APSDaemon] "D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [UsbBoost] D:\Program Files\UsbBoost\TurboHddUsb.exe O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] D:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iCloudServices] D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O10 - Unknown file in Winsock LSP: d:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: d:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - D:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - D:\Windows\system32\AEADISRV.EXE O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - D:\Windows\system32\afasrv32.exe O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\Windows\System32\LEXBCES.EXE O23 - Service: @D:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - D:\Program Files\Nero\Update\NASvc.exe O23 - Service: Performance Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 9574 bytes Code:
ATTFilter aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-07 03:28:44
-----------------------------
03:28:44.135 OS Version: Windows 6.1.7600
03:28:44.135 Number of processors: 2 586 0xF06
03:28:44.136 ComputerName: DOOM-PC UserName: DooM
03:28:44.996 Initialize success
03:29:09.794 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5
03:29:09.796 Disk 0 Vendor: SAMSUNG_HD160JJ ZM100-41 Size: 152627MB BusType: 3
03:29:11.806 Disk 0 MBR read successfully
03:29:11.809 Disk 0 MBR scan
03:29:11.811 Disk 0 Windows 7 default MBR code
03:29:11.816 Disk 0 scanning sectors +268414020
03:29:11.862 Disk 0 scanning D:\Windows\system32\drivers
03:29:18.018 Service scanning
03:29:21.211 Modules scanning
03:29:33.663 Disk 0 trace - called modules:
03:29:33.683 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
03:29:33.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x883fa030]
03:29:33.691 3 CLASSPNP.SYS[8d59859e] -> nt!IofCallDriver -> [0x87f3d788]
03:29:33.695 5 ACPI.sys[8d0ad3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-5[0x88341908]
03:29:33.702 Scan finished successfully
03:29:58.229 Disk 0 MBR has been saved successfully to "D:\Users\DooM\Desktop\pc test\MBR.dat"
03:29:58.235 The log file has been saved successfully to "D:\Users\DooM\Desktop\pc test\aswMBR.txt"
|
|
07.12.2011, 12:31
| #14 |
| /// Helfer-Team | PC nach dem Windowsstartup langsam, 100% CPU auslastung und jetzt bitte Update für Win 7 ziehen, genau gesagt das SP1 hast Du noch immer nicht installiert, warum?! ► für Windows das Service Pack 1 bitte aufspielen!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand! ► Hat Dein Rechner noch Probleme?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
07.12.2011, 13:40
| #15 |
| | PC nach dem Windowsstartup langsam, 100% CPU auslastung Hab ich schon einige male über das Windows Update versucht aber dieses Update hat mehrere male nach etwa 4 Stunden abgebrochen und hat dann wieder 6 Stunden gebraucht um alles rückgängig zu machen. Nun hab ich noch ein paar Hotfixes draufgepackt und das Vorbereitungstool laufen lassen. Mal sehen wie es gleich läuft. Wenns über Windows Update nicht läuft dann versuch ichs Manuell. |
|
| Themen zu PC nach dem Windowsstartup langsam, 100% CPU auslastung |
| 100%, 100% cpu, 100% cpu-auslastung, alternate, auslastung, beenden, bild, buffer, cpu, cpu auslastung, cpu problem, document, excel.exe, forum, gen, guten, hohe, hohe cpu, jahre, kaputt, laggen, langs, langsam, leute, neu, nginx, nichts, nutzen, nvlddmkm.sys, pando media booster, pc langsam, plug-in, power, problem, programm, prozess, registry, required, safer networking, security update, services, starten, static, studio, svchost.exe, version=1.0, warum, webcheck, ändern |
.
Linear-Darstellung
