|
Log-Analyse und Auswertung: Windows 7 startet aprupt neu und fährt ser langsam hoch !Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.04.2011, 08:14 | #1 |
| Windows 7 startet aprupt neu und fährt ser langsam hoch ! Ja, Hallo ersma' !!! wweCrasher, ich begrüsse sie !!! Wollt mich erstmal entschuldigen, das ich die Logfiles von HijackThis gepostet habe. Nun zu meinem kleines Problem : Mein PC mit Windows 7 Ultimate 32bit fährt sehr langsam hoch . Wärend des hochfahrens will er meine zusätzliche Festplatte E:\ überprüfen. Die Festplatte E.\ wird im Bios und unter windows im Gerätemanager angezeigt . Wenn ich Arbeitsplatz öffne, sehe ich auch die Festplatte E:\, doch kann ich nicht drauf zugreifen. Das grössere Übel ist das Win 7 aprupt von aleine neustartet, indem für ca. 2 Sekunden ein schwartzer Bildschirm kommt und der PC dann neustartet . Habe diebeiden OTL OldTime V.3.2.22.3 Logfeils dabeigefügt. Kann mir einer helfen ? Grossen Dank schonmal vorab für alles !!! Logfile 01 OTL Extras logfile created on: 16.04.2011 08:24:23 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Noboddy\Desktop Ultimate Edition Service Pack 1, v.178 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free 5,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,75 Gb Total Space | 9,08 Gb Free Space | 1,95% Space Free | Partition Type: NTFS Drive D: | 465,75 Gb Total Space | 1,97 Gb Free Space | 0,42% Space Free | Partition Type: NTFS Drive F: | 173,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 465,77 Gb Total Space | 19,29 Gb Free Space | 4,14% Space Free | Partition Type: NTFS Drive I: | 3,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive K: | 111,79 Gb Total Space | 1,27 Gb Free Space | 1,14% Space Free | Partition Type: NTFS Computer Name: MULTIMEDIA_BASE | User Name: Noboddy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\_-=][.Cinema Programme.][=-_\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Mp3tag] -- "D:\_-=][.Musikprogramme.][=-_\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich) Directory [PlayWithVLC] -- "D:\_-=][.Cinema Programme.][=-_\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "D:\_-=][.Musikprogramme.][=-_\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\_-=][.Musikprogramme.][=-_\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\_-=][.Musikprogramme.][=-_\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 1 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 1 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}" = Roxio AACS Certificate "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM) "{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback "{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011 "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM) "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{38F48AED-66D8-464C-993E-C7296C7A199B}" = Intel(R) IPP Run-Time Installer 5.2 for Windows* on IA-32 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print "{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1" = GoogleClean "{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1 "{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1 "{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}" = Roxio WinOnCD Creator 2011 Pro "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C19DC1B-6575-4D14-AD48-E2928F189619}" = Windows Live-Geräte-Manager "{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service "{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011 "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{52602542-6E1A-4002-AB4C-9A4391103507}" = O&O PartitionManager Professional "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{55D39D7E-0475-450B-A7A9-919EBCBC9F53}" = Camera RAW Plug-In for EPSON Creativity Suite "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5C4251FA-FA23-4122-9390-357E4B5F2CDB}" = OpenOffice.org 3.3 "{5C449321-57E1-49FF-AC30-ABFEAD6CB710}" = MAGIX Screenshare "{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE) "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM) "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar "{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware "{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack "{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client "{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM) "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10 "{7B568025-4EF3-43DA-8534-D27DDE968CB8}" = Roxio WinOnCD Creator 2011 Pro "{7ECCFC25-DC23-43C0-B40C-122E18A35D4A}" = MAGIX PC Check & Tuning 2011 Download-Version "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84D35251-965C-471B-A1FA-0926179A95AB}" = BIAS SoundSoap SE 2.4 "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client DE-DE Language Pack "{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1 "{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10 "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3 "{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10 "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10 "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM) "{9DD06A9F-C641-45CA-8269-4EF09596527C}" = Roxio WinOnCD Creator 2011 Pro "{9F717571-FEE8-45CD-8B03-5B2D06AD28F7}" = Roxio Creator 2011 Content "{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109 "{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Movie ThemePack 4 "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch "{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}" = Microsoft-Webplattform-Installer 2.0 "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BBB7AEE0-AE78-44CC-8CD4-083B0B99EA80}" = Intel(R) Network Connections 14.5.1.0 "{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C786FE11-22AF-4B6C-B122-9C4A6D012E67}" = SilverCrest OMC807 Driver "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link Wireless N DWA-140 "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM) "{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Movie ThemePack 3 "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10 "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2 "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10 "{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1 "{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F171A80D-E9D1-4477-A591-D0678EBE2D87}" = Roxio CinePlayer "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM) "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD "{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack "504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 9.17 beta "abgx360" = abgx360 v1.0.5 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALchemy" = Creative ALchemy "AnyDVD" = AnyDVD "AudioCS" = Creative Audio-Systemsteuerung "AviSynth" = AviSynth 2.5 "CCleaner" = CCleaner "CloneCD" = CloneCD "CloneDVD2" = CloneDVD2 "Console Launcher" = Creative Konsole Starter "CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only) "Creative Entertainment Center" = Creative Entertainment Center "Creative MediaSource DVD-Audio Player" = Creative MediaSource DVD-Audio Player "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative Sound Blaster Properties" = Eigenschaften von Creative Sound Blaster "DivX Setup.divx.com" = DivX-Setup "Driver Checker_is1" = Driver Checker v2.7.4 "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition "DVD Shrink_is1" = DVD Shrink 3.2 "DVDFab 8_is1" = DVDFab 8.0.2.2 (01/10/2010) "DVDFab Passkey 8_is1" = DVDFab Passkey 8.0.0.1 (12/11/2010) "EADM" = EA Download Manager "EPSON Printer and Utilities" = EPSON-Drucker-Software "EPSON Scanner" = EPSON Scan "EPSON Stylus Photo RX685_690 Benutzerhandbuch" = EPSON Stylus Photo RX685_690 Handbuch "Flash Movie Player" = Flash Movie Player 1.5 "FormatFactory" = FormatFactory 2.50 "Foxit Reader" = Foxit Reader "free-downloads.net Toolbar" = free-downloads.net Toolbar "Glary Utilities_is1" = Glary Utilities Pro 2.33.0.1158 "HaaliMkx" = Haali Media Splitter "ImgBurn" = ImgBurn "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE "MAGIX_MSI_PC_Check_Tuning_2011" = MAGIX PC Check & Tuning 2011 Download-Version "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Security Client" = Microsoft Security Essentials "MozBackup" = MozBackup 1.4.10 "Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de) "Mp3tag" = Mp3tag v2.45a "Nokia PC Suite" = Nokia PC Suite "OpenAL" = OpenAL "PCSafeDoctor_is1" = PCSafeDoctor "Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.7 "PROSetDX" = Intel(R) Network Connections 14.5.1.0 "Ringtonesia N97 Maker" = Ringtonesia N97 Maker 2.01 "SFBM" = SoundFont-Bank-Manager "Smart Recorder" = Creative Smart Recorder "Softonic_Deutsch_FF Toolbar" = Softonic Deutsch FF Toolbar "SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009) "TeamSpeak 3 Client" = TeamSpeak 3 Client "Trojan Remover_is1" = Trojan Remover 6.8.2 "TuneUp Utilities 2011" = TuneUp Utilities 2011 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "Wallpaperio N97 Maker" = Wallpaperio N97 Maker 2.01 "WaveStudio 7" = Creative WaveStudio 7 "WBFS Manager 3.0" = WBFS Manager 3.0 "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.00 beta 2 (32-bit) "Xvid_is1" = Xvid 1.2.2 final uninstall "YouTube Downloader App" = YouTube Downloader App 2.01 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "360WAVESPATCHERCLT" = 360WavesPatcher (Client setup) "BitTorrent DNA" = DNA ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > _________________________________________________________________ OTL Logfile 02 OTL logfile created on: 16.04.2011 08:20:34 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Noboddy\Desktop Ultimate Edition Service Pack 1, v.178 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free 5,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,75 Gb Total Space | 9,08 Gb Free Space | 1,95% Space Free | Partition Type: NTFS Drive D: | 465,75 Gb Total Space | 1,97 Gb Free Space | 0,42% Space Free | Partition Type: NTFS Drive F: | 173,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 465,77 Gb Total Space | 19,29 Gb Free Space | 4,14% Space Free | Partition Type: NTFS Drive I: | 3,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive K: | 111,79 Gb Total Space | 1,27 Gb Free Space | 1,14% Space Free | Partition Type: NTFS Computer Name: MULTIMEDIA_BASE | User Name: Noboddy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Noboddy\Desktop\OTL.exe (OldTimer Tools) PRC - D:\_-=][.Tools.][=-_\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - D:\_-=][.Tools.][=-_\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - D:\_-=][.Tools.][=-_\Glary Utilities\Integrator.exe (Glarysoft Ltd) PRC - D:\_-=][.Tools.][=-_\Glary Utilities\oneclickoptimizer.exe (Glarysoft Ltd) PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - H:\_-=][.uTorrent.][=-_\uTorrent.exe (BitTorrent, Inc.) PRC - D:\_-=][.Tools.][=-_\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - D:\_-=][.Tools.][=-_\O&O Sostware\Defrag\oodag.exe (O&O Software GmbH) PRC - C:\Programme\OO Software\Shared\GatewayAgent\ooemcgats.exe (O&O Software GmbH) PRC - C:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) PRC - C:\Users\Noboddy\Program Files\DNA\btdna.exe (BitTorrent, Inc.) PRC - D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) PRC - C:\Programme\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) PRC - C:\Programme\Roxio\BackOnTrack\App\BService.exe () PRC - D:\_-=][=-_\MAGIX\PC_Check_Tuning_2011_Download-Version\MxTray.exe () PRC - C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.) PRC - C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft IntelliPoint\dpupdchk.exe (Microsoft Corporation) PRC - C:\Programme\Cyberlink\Shared files\brs.exe (cyberlink) PRC - C:\Programme\SilverCrest OMC807 Driver\MouClient_FD2_9063RL.exe (Siliten) PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia) PRC - C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd) PRC - C:\Windows\System32\CTxfispi.exe (Creative Technology Ltd) PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Programme\Windows Live\Device Manager\msgrdvmn.exe (Microsoft Corporation) PRC - D:\_-=][.Brennprogramme.][=-_\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Programme\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch) PRC - C:\Programme\Join Air\AssistantServices.exe () PRC - C:\Programme\Join Air\UIExec.exe () PRC - C:\Programme\Windows Media Player\WMPSideShowGadget.exe (Microsoft Corporation) PRC - C:\Programme\Roxio\BackOnTrack\App\SaibSVC.exe () PRC - C:\Programme\D-Link\DWA-140 revB\AirNCFG.exe (D-Link Corp.) PRC - C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) PRC - C:\Windows\System32\ANIWConnService.exe () PRC - C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) PRC - C:\Programme\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.) PRC - C:\Programme\Creative\ShareDLL\CADI\NotiMan.exe (Creative Technology Ltd.) PRC - C:\Programme\Creative\Entertainment Center\EAXLoadr.exe (Creative Technology Ltd) PRC - C:\Programme\Creative\DVDAudio\CTDVDDET.exe (Creative Technology Ltd) ========== Modules (SafeList) ========== MOD - C:\Users\Noboddy\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.16562_none_41ebc47a2bd240fc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (TuneUp.UtilitiesSvc) -- D:\_-=][.Tools.][=-_\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (MBAMService) -- D:\_-=][.Tools.][=-_\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (OODefragAgent) -- D:\_-=][.Tools.][=-_\O&O Sostware\Defrag\oodag.exe (O&O Software GmbH) SRV - (GatewayAgentService) -- C:\Program Files\OO Software\Shared\GatewayAgent\ooemcgats.exe (O&O Software GmbH) SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (AVP) -- D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (BOT4Service) -- C:\Program Files\Roxio\BackOnTrack\App\BService.exe () SRV - (MAGIX StartUp Analyze Service) -- D:\_-=][=-_\MAGIX\PC_Check_Tuning_2011_Download-Version\MXSAS.exe (MAGIX AG) SRV - (RoxWatch12) -- C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe (Sonic Solutions) SRV - (RoxMediaDB13) -- C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe (Sonic Solutions) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (StarWindServiceAE) -- D:\_-=][.Brennprogramme.][=-_\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch) SRV - (HFGService) -- C:\Windows\System32\HFGService.dll (CSR, plc) SRV - (UI Assistant Service) -- C:\Programme\Join Air\AssistantServices.exe () SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) -- C:\Programme\Roxio\BackOnTrack\App\SaibSVC.exe () SRV - (ANIWConnService) -- C:\Windows\System32\ANIWConnService.exe () SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (SBSDWSCService) -- D:\_-=][.Tools.][=-_\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (ANIWZCSdService) -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service) ========== Driver Services (SafeList) ========== DRV - (cpuz132) -- File not found DRV - (MpKsl0cd13e5a) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CED64C26-6EE9-410D-85E0-98E194F71FA5}\MpKsl0cd13e5a.sys (Microsoft Corporation) DRV - (MpKsl3c387d72) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CED64C26-6EE9-410D-85E0-98E194F71FA5}\MpKsl3c387d72.sys (Microsoft Corporation) DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (RkHit) -- C:\Windows\System32\drivers\RKHit.sys () DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (TuneUpUtilitiesDrv) -- D:\_-=][.Tools.][=-_\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (dvdfab) -- C:\Windows\System32\drivers\dvdfab.sys (Fengtao Software Inc.) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation) DRV - (oem-drv86) OEM-SLP2.1 Driver (HPD86) -- C:\Windows\system32\DRIVERS\oem-drv86.sys (secr9tos) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation) DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation) DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation) DRV - (InputFilter_Hid_FlexDef2b) Siliten HID Devices(FlexDef2b) -- C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys (Siliten) DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation) DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation) DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation) DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (SASKUTIL) -- D:\_-=][.Tools.][=-_\SuperAntSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (ha20x2k) -- C:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd) DRV - (emupia) -- C:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd) DRV - (ctsfm2k) -- C:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd) DRV - (ctprxy2k) -- C:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd) DRV - (ossrv) -- C:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV - (ctdvda2k) -- C:\Windows\System32\drivers\ctdvda2k.sys (Creative Technology Ltd) DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd) DRV - (ctac32k) -- C:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd) DRV - (CTEXFIFX.SYS) -- C:\Windows\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.) DRV - (CTEXFIFX) -- C:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.) DRV - (CTHWIUT.SYS) -- C:\Windows\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.) DRV - (CTHWIUT) -- C:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.) DRV - (CT20XUT.SYS) -- C:\Windows\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.) DRV - (CT20XUT) -- C:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.) DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys () DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.) DRV - (BtHidBus) -- C:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.) DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6232.sys (Intel Corporation) DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- D:\_-=][.Cinema Programme.][=-_\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (SASDIFSV) -- D:\_-=][.Tools.][=-_\SuperAntSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (BthAudioHF) -- C:\Windows\System32\drivers\BthAudioHF.sys (CSR, plc) DRV - (csr_a2dp) -- C:\Windows\System32\drivers\bthav.sys (CSR, plc) DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch) DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch) DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.) DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.) DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab) DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab) DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab) DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (SaibVd32) -- C:\Windows\System32\drivers\SaibVd32.sys (Sonic Solutions) DRV - (SahdIa32) -- C:\Windows\System32\Drivers\SahdIa32.sys (Sonic Solutions) DRV - (SaibIa32) -- C:\Windows\System32\Drivers\SaibIa32.sys (Sonic Solutions) DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (rt2870) -- C:\Windows\System32\drivers\rt2870.sys (Ralink Technology, Corp.) DRV - (RtsUIR) -- C:\Windows\System32\drivers\RtsUIR.sys (Realtek Semiconductor Corp.) DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (USBCCID) -- C:\Windows\System32\drivers\RtsUCcid.sys (Realtek Semiconductor Corp.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (DiskSec) -- C:\Windows\System32\drivers\disksec.sys (MAGIX) DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (thdudf) -- C:\Windows\System32\drivers\thdudf.sys (TOSHIBA Corporation) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSof1.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfree.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSof1.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfree.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=foxload&type=moz35awe&p=" FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Productivity 1.12 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2866439&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: firefoxhelper@mozilla.org:1.0 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.11 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1 FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0 FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2 FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5 FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: maps@ovi.com:4.0.12.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: rsDownloadHelper@yevgenyandrov.net:1.0 FF - prefs.js..extensions.enabledItems: mgDownloadHelper@yevgenyandrov.net:1.0.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2 FF - prefs.js..extensions.enabledItems: fastYoutubeDownloader@yevgenyandrov.net:1.2.2 FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5 FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {1de0de3c-0b5c-4f67-90c6-689623894991}:0.3 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 FF - prefs.js..extensions.enabledItems: {dc5d9a10-2736-11da-8cd6-0800200c9a66}:1.4.8 FF - prefs.js..extensions.enabledItems: TabPlus@usst.edu.cn:0.3.3 FF - prefs.js..extensions.enabledItems: anticontainer@downthemall.net:0.9.3 FF - prefs.js..extensions.enabledItems: {9DA9C4D2-7C4F-4336-8DD7-4DFF13E3B8C7}:1.4 FF - prefs.js..extensions.enabledItems: rapidfire@schmizz.net:0.5 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.0.19 FF - prefs.js..extensions.enabledItems: web2pdfextension@web2pdf.adobedotcom:1.0 FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.8&q=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\_-=][.Nokia N97 Tools.][=-_\Nokia PC Suite\Nokia PC Suite 7\bkmrksync\ [2010.12.17 01:16:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\_-=][. Adobe .][=-_\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011.01.17 01:09:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.28 20:32:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.11 23:19:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\THBExt [2011.04.06 11:06:34 | 000,000,000 | ---D | M] [2010.02.15 02:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Extensions [2011.04.11 23:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions [2011.03.28 23:47:22 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011.01.16 00:03:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{1c9b96a0-cba2-482e-9c40-9200b547123a}-trash [2010.10.24 14:36:43 | 000,000,000 | ---D | M] ("Tab Preview") -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991} [2010.12.10 02:00:39 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2011.03.29 00:14:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.28 23:46:24 | 000,000,000 | ---D | M] (Softonic Deutsch FF Community Toolbar) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c} [2010.11.22 07:03:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="{9DA9C4D2-7C4F-4336-8DD7-4DFF13E3B8C7}" em:version="1.4" em:type="2" em:name="MegaFix" em:description="Cuenta Megaupload Premium GRATIS sin la Megaupload Toolbar" em:creator="Dasumo" em:homepageURL="hxxp://www.dasumo.com/megafix/" em:iconURL="chrome://megafix/content/icon.png">) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{9DA9C4D2-7C4F-4336-8DD7-4DFF13E3B8C7} [2010.03.15 13:07:57 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2011.04.02 21:23:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.03.28 23:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.11.21 07:39:50 | 000,000,000 | ---D | M] (Tabs Menu) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{dc5d9a10-2736-11da-8cd6-0800200c9a66} [2011.03.29 00:14:45 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949} [2010.12.10 02:00:55 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} [2010.07.18 10:17:26 | 000,000,000 | ---D | M] ("MultirowBookmarksToolbar") -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033} [2011.04.11 21:37:19 | 000,000,000 | ---D | M] (New Tab King) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF} [2010.11.21 07:39:50 | 000,000,000 | ---D | M] (Crack-Search-Engine) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\cracksearchengine@koustubh.com [2011.03.29 00:13:43 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\engine@conduit.com [2011.03.28 23:46:47 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\fastdial@telega.phpnet.us [2010.08.25 18:15:43 | 000,000,000 | ---D | M] (Fast Youtube Downloader) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\fastYoutubeDownloader@yevgenyandrov.net [2010.07.15 13:25:32 | 000,000,000 | ---D | M] (Ovi maps browser plugin) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\maps@ovi.com [2010.11.22 07:03:57 | 000,000,000 | ---D | M] (MegaUpload DownloadHelper) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\mgDownloadHelper@yevgenyandrov.net [2010.03.15 13:07:51 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\noia2_option@kk.noia [2011.03.28 23:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\nostmp [2010.11.22 07:03:58 | 000,000,000 | ---D | M] (rapidfire) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\rapidfire@schmizz.net [2010.11.22 07:03:57 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\rsDownloadHelper@yevgenyandrov.net [2010.11.21 07:39:50 | 000,000,000 | ---D | M] (Tab Kit) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\tabkit@jomel.me.uk [2010.11.21 07:39:49 | 000,000,000 | ---D | M] (Tab Plus) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\TabPlus@usst.edu.cn [2010.12.01 21:46:33 | 000,000,000 | ---D | M] (Tab Utilities Mini) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\tabutilsmini@ithinc.cn [2010.11.17 14:06:30 | 000,000,000 | ---D | M] (Keep Tube Downloader) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\webmaster@keep-tube.com [2010.07.29 21:29:55 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\YoutubeDownloader@PeterOlayev.com [2011.03.28 23:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Noboddy\AppData\Roaming\mozilla\Firefox\Profiles\jex4o3u2.default\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions [2010.10.23 11:32:11 | 000,005,471 | ---- | M] () -- C:\Users\Noboddy\AppData\Roaming\Mozilla\Firefox\Profiles\jex4o3u2.default\searchplugins\googlecom-in-english.xml [2010.11.06 11:01:23 | 000,000,950 | ---- | M] () -- C:\Users\Noboddy\AppData\Roaming\Mozilla\Firefox\Profiles\jex4o3u2.default\searchplugins\icqplugin-5.xml [2011.03.14 18:08:40 | 000,000,168 | ---- | M] () -- C:\Users\Noboddy\AppData\Roaming\Mozilla\Firefox\Profiles\jex4o3u2.default\searchplugins\icqplugin.gif [2011.03.14 18:08:40 | 000,000,618 | ---- | M] () -- C:\Users\Noboddy\AppData\Roaming\Mozilla\Firefox\Profiles\jex4o3u2.default\searchplugins\icqplugin.src [2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Noboddy\AppData\Roaming\Mozilla\Firefox\Profiles\jex4o3u2.default\searchplugins\icqplugin.xml [2011.04.11 13:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.09.19 12:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.06 00:28:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.01 23:57:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.14 00:03:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.11 13:43:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.09.19 12:16:45 | 000,000,000 | ---D | M] (FirefoxHelper) -- C:\Programme\Mozilla Firefox\extensions\firefoxhelper@mozilla.org [2011.04.06 11:08:28 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru File not found (No name found) -- [2010.09.19 12:16:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2010.09.26 16:58:06 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2010.09.19 12:16:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2010.09.19 12:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [2010.09.19 12:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.06 00:28:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.01 23:57:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.14 00:03:00 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.11 13:43:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.09.19 12:16:45 | 000,000,000 | ---D | M] (FirefoxHelper) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\FIREFOXHELPER@MOZILLA.ORG () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\ANTICONTAINER@DOWNTHEMALL.NET.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\NEWTABURL@SOGAME.CAT.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\STATUS4EVAR@CALIGONSTUDIOS.COM.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\TABSCOPE@XULDEV.ORG.XPI () (No name found) -- C:\USERS\NOBODDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JEX4O3U2.DEFAULT\EXTENSIONS\TABUTILS@ITHINC.CN.XPI [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.05 17:27:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.11.30 16:11:52 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.15 13:12:41 | 000,432,514 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14882 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\_-=][.Tools.][=-_\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSof1.dll (Conduit Ltd.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfree.dll (Conduit Ltd.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSof1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfree.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\tbSof1.dll (Conduit Ltd.) O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [AVP] D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BDRegion] C:\Programme\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-140] C:\Programme\D-Link\DWA-140 revB\AirNCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch SilverCrest OMC807] C:\Programme\SilverCrest OMC807 Driver\MouClient_FD2_9063RL.exe (Siliten) O4 - HKLM..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [pcsafedoctor.exe] D:\_-=][.Tools.][=-_\PCSafeDoctor\pcsafedoctor.exe () O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Sonic Solutions) O4 - HKLM..\Run: [UIExec] C:\Program Files\Join Air\UIExec.exe () O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Noboddy\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files\Electronic Arts\EADM\EADMUI.exe (Electronic Arts) O4 - HKCU..\Run: [EPSON Stylus Photo RX685 Series (Kopie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICJE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [EPSON Stylus Photo RX685 Series (Kopie 2)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICJE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [uTorrent] H:\_-=][.uTorrent.][=-_\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Hinzufügen zu Anti-Banner - D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\_-=][.Tools.][=-_\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - AppInit_DLLs: (D:\_-___T~1.___\KASPER~1\KASPER~1\mzvkbd3.dll) - D:\_-=][.Tools.][=-_\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.09.10 00:11:04 | 000,000,000 | ---D | M] - H:\Auto Tuning -- [ NTFS ] O32 - AutoRun File - [2009.07.14 03:26:40 | 000,000,043 | R--- | M] () - I:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2010.11.17 04:57:45 | 000,009,166 | ---- | M] () - K:\autoscooter.jpg -- [ NTFS ] O33 - MountPoints2\{077cba65-caa7-11df-8683-001fcf40ad6c}\Shell - "" = AutoRun O33 - MountPoints2\{077cba65-caa7-11df-8683-001fcf40ad6c}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe -- [2009.07.14 03:26:40 | 000,111,880 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\L\Shell - "" = AutoRun O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk /r \??\M - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [3010.04.17 22:53:43 | 000,000,000 | ---D | C] -- C:\Roxio [2011.04.16 08:17:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Noboddy\Desktop\OTL.exe [2011.04.12 14:52:34 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2011.04.12 12:00:02 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2011.04.12 12:00:02 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.04.11 22:35:14 | 000,000,000 | ---D | C] -- C:\Users\Noboddy\Desktop\flash_player102 [2011.04.11 22:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2011.04.11 22:03:43 | 000,000,000 | ---D | C] -- C:\Users\Noboddy\EADMSetup [2011.04.11 22:03:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011.04.11 21:20:12 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR [2011.04.11 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\Noboddy\Desktop\EADownloadManager [2011.04.11 15:31:08 | 000,000,000 | ---D | C] -- C:\Users\Noboddy\AppData\Local\Electronic Arts [2011.04.11 15:21:41 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts [2011.04.11 15:18:49 | 019,768,312 | ---- | C] (Electronic Arts, Inc.) -- C:\Users\Noboddy\EADMSetup.exe [2011.04.11 13:43:45 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.04.11 13:43:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.04.11 13:43:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.04.09 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSafeDoctor [2011.04.06 22:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.04.06 11:07:40 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys [2011.04.06 11:07:40 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2011.04.06 11:05:44 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InfoWatch [2011.04.06 11:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE [2011.04.06 10:55:17 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2011.04.04 11:46:28 | 000,781,272 | ---- | C] (sqlite.org) -- C:\Windows\System32\mozsqlite3.dll [2011.04.04 11:20:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.04 11:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.04 11:20:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.03 23:55:52 | 000,000,000 | -H-D | C] -- C:\Windows\PIF [2011.04.03 12:32:50 | 000,000,000 | ---D | C] -- C:\Programme\RegCleaner [2011.03.31 18:49:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client [2011.03.30 14:37:55 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.03.30 14:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011.03.30 12:02:40 | 000,000,000 | ---D | C] -- C:\Windows\Temp62195631-89BF-A39A-1FBC-DC6ABEEDE1C7-Signatures [2011.03.28 21:32:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.03.28 21:32:40 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.03.28 21:32:40 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.03.26 10:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn [2010.06.30 22:54:56 | 000,094,208 | ---- | C] (VSO Software) -- C:\Users\Noboddy\AppData\Roaming\ezplay.sys [2010.05.05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll [2010.05.05 19:38:18 | 000,012,800 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe [2009.10.25 01:51:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Noboddy\AppData\Roaming\pcouffin.sys [18 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.16 08:04:26 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011.04.16 08:03:58 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011.04.16 08:03:54 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job [2011.04.16 08:03:49 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\GlaryOneClickOptimizer.job [2011.04.16 08:03:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.16 08:03:23 | 2012,119,040 | -HS- | M] () -- C:\hiberfil.sys [2011.04.16 08:03:22 | 001,354,165 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2011.04.16 07:58:30 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000007-00000000-00000006-00001102-00000005-00231102}.rfx [2011.04.16 07:58:30 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXState-{00000007-00000000-00000006-00001102-00000005-00231102}.rfx [2011.04.16 07:58:30 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000007-00000000-00000006-00001102-00000005-00231102}.rfx [2011.04.16 07:31:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Noboddy\Desktop\OTL.exe [2011.04.16 07:04:00 | 000,006,304 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.16 07:04:00 | 000,006,304 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.15 23:25:26 | 000,021,627 | ---- | M] () -- C:\Users\Noboddy\Desktop\OpenDocument Text (neu).odt [2011.04.15 20:04:30 | 000,657,902 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.15 20:04:30 | 000,618,448 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.15 20:04:30 | 000,131,434 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.15 20:04:30 | 000,107,728 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.15 17:53:59 | 148,899,089 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.04.15 13:12:41 | 000,432,514 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.04.12 12:16:19 | 000,000,747 | ---- | M] () -- C:\Users\Noboddy\Desktop\Glary Utilities.lnk [2011.04.12 12:00:00 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.04.12 12:00:00 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.04.11 22:13:27 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk [2011.04.11 15:47:42 | 000,512,000 | ---- | M] () -- C:\Users\Noboddy\Desktop\EADownloadManager.part1.rar [2011.04.11 15:47:42 | 000,128,763 | ---- | M] () -- C:\Users\Noboddy\Desktop\EADownloadManager.part2.rar [2011.04.11 15:13:08 | 019,768,312 | ---- | M] (Electronic Arts, Inc.) -- C:\Users\Noboddy\EADMSetup.exe [2011.04.11 12:58:21 | 000,000,644 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2011.04.09 14:52:29 | 000,000,022 | ---- | M] () -- C:\Windows\tpcsd [2011.04.09 14:51:44 | 000,000,738 | ---- | M] () -- C:\Users\Noboddy\Desktop\pcsafedoctor.lnk [2011.04.06 22:55:43 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2011.04.06 22:55:43 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2011.04.06 22:46:42 | 000,003,617 | ---- | M] () -- C:\Users\Noboddy\Desktop\Logfile2.zip [2011.04.06 22:20:36 | 000,000,706 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.06 18:58:05 | 000,431,754 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110415-131241.backup [2011.04.06 11:17:01 | 000,000,855 | ---- | M] () -- C:\Users\Noboddy\Desktop\Kaspersky PURE.lnk [2011.04.06 10:55:17 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2011.04.04 12:18:37 | 000,000,780 | ---- | M] () -- C:\Users\Noboddy\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.03 12:32:54 | 000,000,941 | ---- | M] () -- C:\Users\Noboddy\Desktop\RegCleaner.lnk [2011.04.01 11:44:25 | 000,007,334 | ---- | M] () -- C:\Users\Noboddy\Desktop\XBOX 360 - Erhältliche Titel von Januar bis April !!!.odt [2011.04.01 10:40:20 | 000,781,272 | ---- | M] (sqlite.org) -- C:\Windows\System32\mozsqlite3.dll [2011.04.01 05:02:36 | 000,001,910 | ---- | M] () -- C:\Users\Noboddy\Desktop\Microsoft Security Essentials.lnk [2011.03.31 23:59:53 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011.03.30 19:50:20 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.03.30 19:45:40 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.03.30 19:45:32 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2011.03.28 21:43:36 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.03.28 21:43:33 | 002,381,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.03.28 21:43:33 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.03.26 10:12:14 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk [18 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.15 23:22:55 | 000,021,627 | ---- | C] () -- C:\Users\Noboddy\Desktop\OpenDocument Text (neu).odt [2011.04.15 17:53:59 | 148,899,089 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.04.12 12:16:19 | 000,000,747 | ---- | C] () -- C:\Users\Noboddy\Desktop\Glary Utilities.lnk [2011.04.11 22:13:27 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk [2011.04.11 15:46:59 | 000,128,763 | ---- | C] () -- C:\Users\Noboddy\Desktop\EADownloadManager.part2.rar [2011.04.11 15:46:16 | 000,512,000 | ---- | C] () -- C:\Users\Noboddy\Desktop\EADownloadManager.part1.rar [2011.04.11 12:58:21 | 000,000,644 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.04.09 14:52:29 | 000,000,022 | ---- | C] () -- C:\Windows\tpcsd [2011.04.09 14:51:44 | 000,000,738 | ---- | C] () -- C:\Users\Noboddy\Desktop\pcsafedoctor.lnk [2011.04.09 14:51:16 | 000,034,736 | ---- | C] () -- C:\Windows\System32\drivers\RKHit.sys [2011.04.06 22:46:42 | 000,003,617 | ---- | C] () -- C:\Users\Noboddy\Desktop\Logfile2.zip [2011.04.06 22:20:36 | 000,000,706 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.06 18:57:28 | 000,001,245 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Taskmanager.lnk [2011.04.06 11:17:01 | 000,000,855 | ---- | C] () -- C:\Users\Noboddy\Desktop\Kaspersky PURE.lnk [2011.04.06 11:08:10 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2011.04.06 11:08:10 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2011.04.04 12:18:37 | 000,000,780 | ---- | C] () -- C:\Users\Noboddy\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.03 23:46:06 | 000,001,086 | ---- | C] () -- C:\Users\Noboddy\Desktop\JDownloader.lnk [2011.04.03 12:32:53 | 000,000,941 | ---- | C] () -- C:\Users\Noboddy\Desktop\RegCleaner.lnk [2011.04.01 11:44:25 | 000,007,334 | ---- | C] () -- C:\Users\Noboddy\Desktop\XBOX 360 - Erhältliche Titel von Januar bis April !!!.odt [2011.04.01 05:02:36 | 000,001,910 | ---- | C] () -- C:\Users\Noboddy\Desktop\Microsoft Security Essentials.lnk [2011.03.31 19:08:28 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2011.03.31 10:56:18 | 000,001,073 | ---- | C] () -- C:\Users\Noboddy\Desktop\Spybot - Search & Destroy (advanced).lnk [2011.03.30 14:37:43 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.03.30 14:37:43 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.03.30 14:37:41 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011.03.30 03:41:37 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011.03.28 20:32:26 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.02.27 18:12:35 | 016,366,837 | ---- | C] () -- C:\Windows\System32\PROCESSLIST.BIN [2011.01.28 02:51:36 | 000,000,071 | ---- | C] () -- C:\Windows\EPSONCD.INI [2011.01.27 02:10:27 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2010.12.16 00:28:42 | 000,000,359 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\burnaware.ini [2010.12.12 22:38:52 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.12.11 03:18:45 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll [2010.12.06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010.12.05 05:59:57 | 000,000,042 | ---- | C] () -- C:\Windows\oodjobd.INI [2010.11.30 01:59:30 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2010.11.28 23:23:56 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010.11.28 23:23:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.11.21 18:45:59 | 000,000,037 | ---- | C] () -- C:\Windows\wininit.ini [2010.11.08 19:06:35 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2010.11.08 19:06:34 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2010.11.08 19:06:34 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll [2010.11.08 19:06:33 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll [2010.10.18 02:43:03 | 000,000,918 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\coreavc.ini [2010.10.05 17:03:20 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{DF17EB98-1D1F-4627-8468-C5312F32DCEC} [2010.10.05 17:03:03 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ANIWConnService.exe [2010.10.05 17:02:56 | 000,315,392 | ---- | C] () -- C:\Windows\System32\ANIOApi.dll [2010.10.05 17:02:46 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AQCKGen.dll [2010.10.05 17:02:45 | 000,204,800 | ---- | C] () -- C:\Windows\System32\aIPH.dll [2010.10.05 17:02:45 | 000,045,115 | ---- | C] () -- C:\Windows\System32\ANICtl.dll [2010.10.05 17:02:44 | 000,258,048 | ---- | C] () -- C:\Windows\System32\wlanapp.dll [2010.10.05 17:02:43 | 000,049,152 | ---- | C] () -- C:\Windows\System32\JJAKEn.dll [2010.10.05 17:01:52 | 000,724,992 | ---- | C] () -- C:\Windows\System32\ANIOWPS.dll [2010.10.05 17:01:52 | 000,237,568 | ---- | C] () -- C:\Windows\System32\ANIWPS.exe [2010.10.04 19:24:08 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{BF3B0437-7A04-4DA6-A77D-CB7119F74692} [2010.10.04 06:27:22 | 002,169,856 | ---- | C] () -- C:\Windows\System32\hale.exe [2010.09.30 07:21:17 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010.09.30 07:18:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010.09.29 00:53:33 | 000,000,032 | ---- | C] () -- C:\Windows\kaio.INI [2010.09.29 00:05:53 | 001,746,360 | ---- | C] () -- C:\Windows\System32\CTAA1.DAT [2010.09.27 03:55:53 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL [2010.09.27 03:55:53 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL [2010.09.27 03:51:29 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIGER.DLL [2010.09.25 07:44:18 | 000,000,025 | ---- | C] () -- C:\Windows\CDE RX685EFGD.ini [2010.09.25 07:10:40 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2010.09.25 07:10:40 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2010.09.25 07:10:40 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2010.09.25 07:10:40 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2010.09.25 07:10:40 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2010.09.25 07:10:40 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2010.09.25 07:10:40 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2010.09.25 07:10:40 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2010.09.25 07:10:40 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2010.09.25 07:10:40 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2010.09.25 07:10:40 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2010.09.25 07:10:40 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2010.09.25 07:10:40 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2010.09.25 07:10:40 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2010.09.25 07:10:40 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2010.09.25 07:10:40 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2010.09.25 07:10:40 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2010.09.25 07:10:40 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2010.09.25 07:10:40 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010.09.19 14:57:14 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2010.09.19 12:43:04 | 000,000,000 | ---- | C] () -- C:\Windows\BsMobileModel.ini [2010.07.30 21:22:56 | 000,000,022 | -HS- | C] () -- C:\Users\Noboddy\AppData\Roaming\Sys6925.Config Collection.sys [2010.07.08 15:34:54 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{5BF0C28A-770C-484F-B9B0-ED071EB0DD63} [2010.07.08 13:23:40 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{152D05B1-11AF-4460-B20A-4C8865ADD167} [2010.07.08 12:51:03 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{B4189C39-B679-4BC8-8146-0802837F8B29} [2010.06.30 22:54:56 | 000,007,861 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ezplay.cat [2010.06.30 22:54:56 | 000,001,103 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ezplay.inf [2010.06.30 22:54:56 | 000,000,125 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ezplay.ini [2010.05.30 11:27:05 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{019A33FA-92BC-48D8-9DBF-004F620E94CD} [2010.05.19 03:48:46 | 000,000,258 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANICONFIG_{019A33FA-92BC-48D8-9DBF-004F620E94CD}.ini [2010.05.09 12:17:24 | 000,003,284 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANIWZCS{F741F795-CBB0-446E-AA0A-B0CB08F1DDF2} [2010.05.06 10:31:44 | 000,000,258 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\ANICONFIG_{F741F795-CBB0-446E-AA0A-B0CB08F1DDF2}.ini [2010.05.05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\System32\instwdm.ini [2010.05.05 20:37:50 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini [2010.05.05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll [2010.05.05 19:46:30 | 000,321,512 | ---- | C] () -- C:\Windows\System32\ctdlang.dat [2010.05.05 19:46:30 | 000,056,509 | ---- | C] () -- C:\Windows\System32\ctdnlstr.dat [2010.05.05 19:41:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\regplib.exe [2010.05.05 19:38:22 | 000,007,680 | ---- | C] () -- C:\Windows\System32\enlocstr.exe [2010.04.06 18:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys [2010.03.14 22:20:01 | 000,007,597 | ---- | C] () -- C:\Users\Noboddy\AppData\Local\resmon.resmoncfg [2010.02.15 19:11:21 | 000,000,025 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\bdfvconp.ini [2010.01.26 11:47:33 | 002,586,516 | ---- | C] () -- C:\Users\Noboddy\AppData\Local\rx_audio.Cache [2010.01.26 11:46:57 | 067,932,336 | ---- | C] () -- C:\Users\Noboddy\AppData\Local\rx_image32.Cache [2009.12.08 19:38:09 | 000,000,203 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\default.rss [2009.10.25 01:51:40 | 000,087,608 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\inst.exe [2009.10.25 01:51:40 | 000,007,887 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\pcouffin.cat [2009.10.25 01:51:39 | 000,001,144 | ---- | C] () -- C:\Users\Noboddy\AppData\Roaming\pcouffin.inf [2009.09.09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2009.09.06 10:00:30 | 000,062,464 | ---- | C] () -- C:\Users\Noboddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.08.05 07:30:40 | 000,000,095 | ---- | C] () -- C:\Users\Noboddy\AppData\Local\fusioncache.dat [2009.07.14 10:47:43 | 000,657,902 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,131,434 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,335,536 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,618,448 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,107,728 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.07.14 01:36:18 | 000,389,632 | ---- | C] () -- C:\Windows\System32\sppcc.dll [2009.07.14 01:36:11 | 001,111,552 | ---- | C] () -- C:\Windows\System32\sppcext.dll [2009.07.14 01:36:07 | 000,345,088 | ---- | C] () -- C:\Windows\System32\sppcommdlg.dll [2009.07.06 13:47:08 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007.04.27 11:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2006.05.26 10:18:45 | 000,132,756 | -H-- | C] () -- C:\Users\Noboddy\AppData\Roaming\Noboddylog.dat [2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys ========== LOP Check ========== [2011.04.09 05:30:35 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\abgx360 [2010.03.14 20:36:59 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\AntiBrowserSpy 2009 [2010.12.26 00:48:01 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\AVG [2010.03.11 15:16:30 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Bandoo [2010.02.03 05:17:01 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\BitDefender [2010.12.15 08:54:40 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Canneverbe Limited [2010.01.25 00:42:03 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Datel [2010.02.27 00:58:13 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\dBpoweramp [2010.12.16 00:05:36 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\DeepBurner [2010.07.20 06:41:07 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\deluge [2011.04.16 08:44:25 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\DNA [2010.09.29 02:46:51 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\DVDFab [2000.01.01 13:20:06 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\EPSON [2010.10.05 17:28:14 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Foxit [2010.10.05 17:28:14 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Foxit Software [2010.07.15 21:58:06 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\GlarySoft [2009.07.18 02:30:51 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\GMX [2010.05.16 21:44:56 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\gtk-2.0 [2011.04.08 14:28:55 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\ICQ [2010.07.02 11:06:12 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\ICQ-Tools.de [2010.12.14 23:17:30 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\ImgBurn [2010.03.12 07:07:45 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\IrfanView [2010.11.20 05:40:02 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\MAGIX [2010.02.27 00:59:24 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\MoveFab [2009.08.16 15:54:20 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Musicmatch [2009.09.23 22:58:48 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\muvee Technologies [2010.12.10 03:08:11 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Nokia [2010.02.20 08:45:00 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Nokia Ovi Suite [2009.09.08 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Nseries [2010.03.02 01:04:00 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\OCS [2010.08.14 19:03:53 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\OpenOffice.org [2010.01.03 23:23:12 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Opera [2009.09.08 21:59:46 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\PC Suite [2010.05.15 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Python-Eggs [2010.02.27 00:59:33 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\QuickScan [2009.10.21 11:31:02 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Red Kawa [2010.02.27 00:59:34 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Resource Tuner [2011.01.16 16:28:46 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\RoNaSoft.de [2010.02.27 00:59:34 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\ROUTE 66 Sync [2009.07.06 05:49:51 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Simply Super Software [2010.07.14 06:21:53 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Skinux [2010.06.20 16:24:16 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\SlySoft [2008.01.06 08:27:28 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Sony [2008.01.06 08:22:00 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Sony Setup [2010.03.02 01:10:27 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\soul.im [2010.11.21 23:39:07 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\System32 [2010.02.27 00:59:35 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Thunderbird [2010.02.27 00:59:35 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\TS3Client [2010.08.24 01:07:58 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\TuneUp Software [2010.10.28 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\TypingMaster7 [2011.04.16 08:45:55 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\uTorrent [2011.01.27 06:57:41 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Vso [2010.08.28 00:41:52 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\winupd [2010.11.07 17:48:56 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\Xi [2010.02.27 00:59:38 | 000,000,000 | ---D | M] -- C:\Users\Noboddy\AppData\Roaming\XLink Kai [2011.04.16 08:03:58 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2011.04.16 08:03:49 | 000,000,464 | ---- | M] () -- C:\Windows\Tasks\GlaryOneClickOptimizer.job [2011.04.16 08:03:54 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job [2011.04.08 13:30:25 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 143 bytes -> C:\Users\Noboddy\AppData\Roaming\default.rss:OECustomProperty @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
16.04.2011, 14:24 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 startet aprupt neu und fährt ser langsam hoch ! Warum machst du einen Strang auf? http://www.trojaner-board.de/97217-w...gsam-hoch.html
__________________
__________________ |
Themen zu Windows 7 startet aprupt neu und fährt ser langsam hoch ! |
32-bit, 7-zip, alternate, audiodg.exe, avg pc tuneup, avp.exe, bho, bildschirm, bingbar, conduit, document, downloader, driver genius, error, feedback, festplatte, flash player, format, hijack, hijackthis, install.exe, integrator.exe, kaspersky rescue, langsam, location, mbamservice.exe, microsoft security, mozilla, mp3, nvlddmkm.sys, oldtimer, otl.exe, plug-in, problem, realtek, registry, rundll, safer networking, saver, scan, searchplugins, security, sehr langsam, sekunden, server, shell32.dll, softonic, software, sptd.sys, start menu, taskhost.exe, teamspeak, trojan, uiexec.exe, updates, usb 2.0, webcheck, windows, windows 7 ultimate, youtube downloader |