Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PC nach dem Windowsstartup langsam, 100% CPU auslastung (https://www.trojaner-board.de/105688-pc-windowsstartup-langsam-100-cpu-auslastung.html)

Grap 02.12.2011 14:04

PC nach dem Windowsstartup langsam, 100% CPU auslastung
 
Einen schönen guten Tag,
Ich bin neu hier in dem Board und bin begeister, mit wieviel Power ihr euch um die belangen der Leute kümmert.
Großen Respekt dafür.
Zu meinem Problem: Ich habe dieses Problem eigentlich jetzt schon seit mehreren Jahren, wobei ich das immer versucht habe den PC zu starten und erst zu nutzen, wenn dieses "Laggen" weg war. Das war im Schnitt nach etwa 1 Stunde der Fall.


Jetzt hab ich mich hingesetzt um herauszufinden warum dies der Fall ist.
Bei mir liegt die hohe CPU Auslastung an dem Prozess svchost.exe.
Davon sind im Schnitt 12 Stück vorhanden und diese wechseln sich jeweils ab.
Ich hab leider im Forum nichts gefunden, was genau den selben Sachbestand besitzt.
Ich hab meiner Meinung nach sehr viel versucht, vom Prozess ausfindig machen und versuchen zu beenden bis hin zu irgendwelchen Programm die es nur Analysieren(!).
Wollte selber nicht in der Registry etc ändern um nichts Kaputt zu machen.

und zu dem noch ein Bild von dem Prozess svchost.exe zugehörigen Services.OTL Logfile:
Code:

OTL logfile created on: 01.12.2011 02:42:53 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 59,34% Memory free
9,65 Gb Paging File | 8,22 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 12,21 Gb Free Space | 11,25% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1625,79 Gb Free Space | 89,05% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.11.09 02:48:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2011.02.02 15:25:04 | 001,051,264 | ---- | M] (Genie-soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
PRC - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.11.09 02:48:14 | 001,989,592 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.15 00:54:26 | 000,265,536 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll
MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll
MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll
MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll
MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll
MOD - [2010.09.06 12:50:38 | 000,072,192 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll
MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll
MOD - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll
MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll
MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32)
SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.01.03 19:28:18 | 000,118,784 | ---- | M] () [Disabled | Stopped] -- D:\Program Files\CPUCooL\CooLSRV.exe -- (CPUCooLServer)
SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService)
SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver)
DRV - [2010.09.23 10:11:28 | 000,316,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.03 19:28:18 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiopnp.sys -- (ntiopnp)
DRV - [2010.01.03 19:28:18 | 000,011,392 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiomin.sys -- (ntiomin)
DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006.10.20 11:57:20 | 000,012,352 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiowp.sys -- (ntiowp)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA)
DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
 
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions
[2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net
[2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml
[2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2009.10.27 04:32:54 | 000,000,000 | ---D | M] (BearShare MediaBar) -- D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
() (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2008.01.08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 05:14:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.12 05:19:37 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 wsuplay.ubi.com
O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 15004 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell - "" = AutoRun
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell - "" = AutoRun
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.02.25 03:09:34 | 002,834,432 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - D:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - D:\Windows\system32\Rundll32.exe D:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - D:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - D:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk -  - File not found
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk -  - File not found
MsConfig - StartUpFolder: D:^Users^DooM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip -  - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: BCSSync - hkey= - key= - D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: CmCardRun - hkey= - key= -  File not found
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - D:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - D:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: H2O - hkey= - key= - D:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
MsConfig - StartUpReg: iCloudServices - hkey= - key= - D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
MsConfig - StartUpReg: iPhone Explorer Launcher - hkey= - key= - D:\Program Files\Software4u\iPhone Explorer\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Kernel and Hardware Abstraction Layer - hkey= - key= - D:\Windows\KHALMNPR.Exe (Logitech Inc.)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - D:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: MultiScreen - hkey= - key= -  File not found
MsConfig - StartUpReg: Pando Media Booster - hkey= - key= - D:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MsConfig - StartUpReg: PCSuiteTrayApplication - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - D:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RGSC - hkey= - key= - G:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
MsConfig - StartUpReg: SoundMAX - hkey= - key= - D:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
MsConfig - StartUpReg: SoundMAXPnP - hkey= - key= - D:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - D:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= -  File not found
MsConfig - StartUpReg: UsbBoost - hkey= - key= - D:\Program Files\UsbBoost\TurboHddUsb.exe (FNet Co., Ltd.)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
MsConfig - State: "bootini" - 0
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes
[2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas
[2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test
[2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings
[2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared
[2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games
[2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games
[2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE
[2011.11.15 18:19:08 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim
[2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
[2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher
[2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen
[2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver
[2011.11.04 02:13:34 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Akamai
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.01 02:36:42 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMSDaily.job
[2011.12.01 02:33:49 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.01 02:33:48 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.01 02:27:44 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2011.12.01 02:26:12 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011.12.01 02:26:00 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys
[2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable
[2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl
[2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.24 23:32:11 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011.11.24 23:32:11 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:19:08 | 000,000,893 | ---- | M] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable
[2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav
[2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma
[2011.11.15 18:19:08 | 000,000,893 | ---- | C] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb
[2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.11 02:36:29 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMS.job
[2011.11.11 02:36:28 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMSDaily.job
[2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F}
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe
[2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll
[2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL
[2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys
[2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D}
[2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396}
[2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB}
[2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514}
[2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
[2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys
[2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI
[2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll
[2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys
[2010.04.29 02:54:23 | 000,011,832 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp64.sys
[2010.04.29 02:54:23 | 000,010,216 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp32.sys
[2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys
[2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll
[2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db
[2010.01.03 19:28:18 | 000,012,800 | ---- | C] () -- D:\Windows\System32\drivers\ntiopnp.sys
[2010.01.03 19:28:18 | 000,011,392 | ---- | C] () -- D:\Windows\System32\drivers\ntiomin.sys
[2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe
[2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat
[2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll
[2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll
[2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll
[2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll
[2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll
[2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe
[2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll
[2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe
[2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe
[2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe
[2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll
[2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll
[2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll
[2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db
[2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI
[2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll
[2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini
[2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat
[2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll
[2006.10.20 11:57:20 | 000,012,352 | ---- | C] () -- D:\Windows\System32\drivers\ntiowp.sys
[2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe
[2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe
[2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll
[2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe
[2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll
[2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE
[2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon
[2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage
[2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare
[2011.11.28 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BitTorrent
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BitTorrent DNA
[2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design
[2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite
[2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing
[2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft
[2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla
[2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter
[2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft
[2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver
[2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo
[2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient
[2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite
[2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster
[2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT
[2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w
[2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg
[2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player
[2011.09.20 03:25:49 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\SystemRequirementsLab
[2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer
[2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom
[2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client
[2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft
[2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft
[2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode
[2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess
[2011.12.01 02:27:44 | 000,000,214 | ---- | M] () -- D:\Windows\Tasks\AutoKMS.job
[2011.12.01 02:36:42 | 000,000,214 | ---- | M] () -- D:\Windows\Tasks\AutoKMSDaily.job
[2011.11.28 23:35:50 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2010.04.01 13:42:34 | 000,000,000 | -HSD | M] -- D:\$Recycle.Bin
[2010.05.12 17:05:29 | 000,000,000 | ---D | M] -- D:\10a4703e961a458f36
[2008.06.29 22:47:23 | 000,000,000 | ---D | M] -- D:\1a672a40987deaae5b3a7c
[2008.06.29 12:17:43 | 000,000,000 | ---D | M] -- D:\3e5b44590ca684fa83c25ff2ed314f
[2010.04.08 00:18:57 | 000,000,000 | ---D | M] -- D:\AC Saves
[2007.11.15 18:56:01 | 000,000,000 | ---D | M] -- D:\Armin mukke
[2007.11.14 14:22:04 | 000,000,000 | ---D | M] -- D:\AudioADI610x6100_Vista
[2011.11.27 03:13:30 | 000,000,000 | -H-D | M] -- D:\Config.Msi
[2010.04.08 00:18:53 | 000,000,000 | ---D | M] -- D:\cundc
[2010.10.13 15:19:22 | 000,000,000 | ---D | M] -- D:\Desktop
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- D:\Documents and Settings
[2007.02.24 19:18:55 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen
[2010.04.01 05:54:32 | 000,000,000 | ---D | M] -- D:\Downloads
[2011.11.12 02:32:43 | 000,000,000 | ---D | M] -- D:\fire download
[2007.12.17 01:28:17 | 000,000,000 | ---D | M] -- D:\HANDY
[2011.01.10 00:14:33 | 000,000,000 | ---D | M] -- D:\Intel
[2007.11.06 21:05:32 | 000,000,000 | RH-D | M] -- D:\MSOCache
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- D:\perflogs
[2011.11.30 02:09:15 | 000,000,000 | R--D | M] -- D:\Program Files
[2011.11.29 21:56:40 | 000,000,000 | -H-D | M] -- D:\ProgramData
[2011.11.16 00:52:11 | 000,000,000 | ---D | M] -- D:\Programme
[2009.10.27 05:19:32 | 000,000,000 | -HSD | M] -- D:\Recovery
[2007.10.29 20:43:54 | 000,000,000 | -HSD | M] -- D:\RECYCLER
[2011.08.17 03:43:26 | 000,000,000 | ---D | M] -- D:\Riot Games
[2011.12.01 02:52:36 | 000,000,000 | -HSD | M] -- D:\System Volume Information
[2007.05.17 22:49:48 | 000,000,000 | ---D | M] -- D:\Teamspeak2_RC2
[2008.03.12 14:52:11 | 000,000,000 | ---D | M] -- D:\Temp
[2011.09.20 14:05:08 | 000,000,000 | R--D | M] -- D:\Users
[2011.11.28 23:23:58 | 000,000,000 | ---D | M] -- D:\Windows
[2011.12.01 02:41:40 | 000,000,000 | ---D | M] -- D:\wow patch
[2010.06.17 22:02:23 | 000,000,000 | ---D | M] -- D:\WoW-LanguagePack-3.x.x-enGB
[2007.02.18 18:53:47 | 000,000,000 | ---D | M] -- D:\WUTemp
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- D:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- D:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- D:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\System32\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-27 01:14:42
 
========== Files - Unicode (All) ==========
[2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
[2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty

< End of report >

--- --- ---

kira 02.12.2011 15:47

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:

  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

2.
erneut einen Systemscan mit OTL
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles, die Du posten möchtest)[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
kira

Grap 02.12.2011 23:35

Hey,
viele dank erst einmal für deine Zeit :)

hier alle logfiles:

MWB logfile:
Code:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 12/02/2011 at 06:58 PM

Application Version : 5.0.1136

Core Rules Database Version : 8008
Trace Rules Database Version: 5820

Scan type      : Complete Scan
Total Scan Time : 03:22:31

Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned      : 742
Memory threats detected  : 0
Registry items scanned    : 40435
Registry threats detected : 0
File items scanned        : 344397
File threats detected    : 453

Adware.Tracking Cookie
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\HBRVIR4C.txt [ /adfarm1.adition.com ]
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\PMENMI2Z.txt [ /imrworldwide.com ]
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\AWW2CCXN.txt [ /adserver.adtechus.com ]
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\UXMAGCVG.txt [ /invitemedia.com ]
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\DE3ZIIC3.txt [ /ad.yieldmanager.com ]
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\BB79LY4L.txt [ /ad3.adfarm1.adition.com ]
        D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Cookies\KLGCUQXH.txt [ /revsci.net ]
        D:\USERS\DOOM\Cookies\HBRVIR4C.txt [ Cookie:doom@adfarm1.adition.com/ ]
        D:\USERS\DOOM\Cookies\PMENMI2Z.txt [ Cookie:doom@imrworldwide.com/cgi-bin ]
        D:\USERS\DOOM\Cookies\UXMAGCVG.txt [ Cookie:doom@invitemedia.com/ ]
        D:\USERS\DOOM\Cookies\DE3ZIIC3.txt [ Cookie:doom@ad.yieldmanager.com/ ]
        D:\USERS\DOOM\Cookies\BB79LY4L.txt [ Cookie:doom@ad3.adfarm1.adition.com/ ]
        D:\USERS\DOOM\Cookies\KLGCUQXH.txt [ Cookie:doom@revsci.net/ ]
        .atdmt.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .atdmt.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .fastclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .statcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .msnportal.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .partypoker.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        de.partypoker.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        statse.webtrendslive.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        rts.pgmediaserve.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .advertising.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        www1.addfreestats.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .imrworldwide.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .imrworldwide.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .bs.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        adserver.71i.de [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .buzznet.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .msnbc.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .youporn.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        track.webtrekk.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        track.webtrekk.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .xiti.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .criticalmass.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .rambler.ru [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        rotabanner2.rian.ru [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .e-2dj6wfkoejcpcao.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        partners.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .guthyrenker.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        stat.onestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        stat.onestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        stat.onestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .softonic.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        www.3dstats.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        media.adrevolver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        ads.revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .adopt.specificclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .realmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .realmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .realmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .hamburgerabendblatt.122.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .sevenloadgmbh.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        sitestat.nokia.de [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        sitestat.nokia.de [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .microsoftwga.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .track.asus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        .track.asus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0GR1FTIQ.DEFAULT\COOKIES.TXT ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@ACCOUNT.LIVE[2].TXT [ /ACCOUNT.LIVE ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@ATDMT[2].TXT [ /ATDMT ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@EHG-YOUTUBE.HITBOX[1].TXT [ /EHG-YOUTUBE.HITBOX ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@HITBOX[2].TXT [ /HITBOX ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MICROSOFTWGA.112.2O7[1].TXT [ /MICROSOFTWGA.112.2O7 ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@MSNACCOUNTSERVICES.112.2O7[1].TXT [ /MSNACCOUNTSERVICES.112.2O7 ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@SERVING-SYS[1].TXT [ /SERVING-SYS ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@WEBORAMA[2].TXT [ /WEBORAMA ]
        C:\DOKUMENTE UND EINSTELLUNGEN\SCAT\COOKIES\SCAT@XITI[1].TXT [ /XITI ]
        googleads.g.doubleclick.net [ D:\USERS\DOOM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KPSXPHBX ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxpose.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        wstat.wibiya.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .harrenmedianetwork.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .twittercounter.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clickfuse.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .sonyeurope.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .kontera.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adserver.adtechus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .naiadsystems.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .naiadsystems.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adserver.adtechus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffichaus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        partners.webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .aim4media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas4.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .getclicky.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .static.getclicky.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mediadakine.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adserver.twitpic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads2.zeusclicks.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .aim4media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.247activemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adsrv1.admediate.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        3d-pornos.biz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .3d-pornos.biz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .3d-pornos.biz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        free3dpornonly.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        my3dsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        enter.pornstarspunishment.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        stat.jowood.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .xlstat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .xlstat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .de.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .track.webgains.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.ventivmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        tracking.oe24.at [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.zeusclicks.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .voosex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .voosex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .3dporn3dporn.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adult4d.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adult4d.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornhubpremium.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornhubpremium.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .pornhubpremium.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .markussexblog.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .markussexblog.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adserver1.mokono.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        live.counterstation.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.adserver01.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .cnetasiapacific.122.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        teufel-media.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .microsoftsto.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .sanyo.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mm.chitika.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        clicks.pangora.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        clicks.pangora.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .a.revenuemax.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        d.mediadakine.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        counters.gigya.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ar.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.mediamarkt.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        banner.testberichte.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .myroitracking.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .digital-eliteboard.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mmotraffic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mmotraffic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tto2.traffictrack.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .leetmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .game-advertising-online.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        media.gan-online.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .mmotraffic.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adlegend.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adlegend.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        rts.pgmediaserve.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        rts.pgmediaserve.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        rts.pgmediaserve.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .stats.paste2.org [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .stats.paste2.org [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webstats4u.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.crakmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.crakmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .eporner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .eporner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.eporner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .banners.bookofsex.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads.crakmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .sexkiste.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .sexkiste.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.sexkiste.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.mindshare.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adserver2.clipkit.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .viewablemedia.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .elitepvpers.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        delivery.atkmedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .backbeatmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.tldadserv.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxpansion.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        count.asnetworks.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wnmysjajego.stats.esomniture.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adserver.ip-phone-forum.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        media.gan-online.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas4.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas4.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        pfatracking.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clickfuse.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .yieldmanager.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        stats.computecmedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Malintent
        C:\PROGRAMME\WINRAR\DEFAULT.SFX
        D:\PROGRAM FILES\WINRAR\DEFAULT.SFX


Grap 02.12.2011 23:36

OTL logfile:
Code:

OTL logfile created on: 02.12.2011 23:01:08 - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,96% Memory free
9,65 Gb Paging File | 8,24 Gb Available in Paging File | 85,35% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,39 Gb Free Space | 9,58% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1625,45 Gb Free Space | 89,03% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Users\DooM\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - D:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - D:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - D:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - D:\Users\DooM\AppData\Local\Apps\2.0\VZ1BGWTE.MKJ\NBQXGJY0.TAZ\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe (Curse)
PRC - D:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft)
PRC - D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe (Genie-Soft)
PRC - D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe (The PHP Group)
PRC - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - D:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - D:\Windows\System32\dxdiag.exe (Microsoft Corporation)
PRC - D:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - D:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\168c6417c92bdddd10809791ed32be3e\Microsoft.VisualBasic.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\6d859463c9e6a7423ddb335211a79dda\System.Core.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\545f2e1ca544c2a8a39cbf8565e1c709\CustomMarshalers.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8dba8803fad87c39c0afbdce6c19fdd0\System.Runtime.Serialization.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9123843fd33a30164ceb951c98b7ca2a\SMDiagnostics.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\cc3d9cb5c17d1863e3146c2a0d5c9e86\System.ServiceModel.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\9be84470118f84e965ff0f142701efc6\System.Deployment.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5a95ba97100404e2ab26b5a9ab9ef965\System.Web.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\9b8dcad25a3be7d4a3f3b8b384f3190a\System.Security.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll ()
MOD - D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll ()
MOD - D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - D:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - D:\Program Files\WinRAR\RarExt.dll ()
MOD - D:\Program Files\LinkShellExtension\RockallDLL.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- d:\program files\common files\akamai/netsession_win_d768ebc.dll ()
SRV - (nvUpdatusService) -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (NAUpdate) -- D:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (TeamViewer6) -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (!SASCORE) -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (GenieTimelineService) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe (Genie-Soft)
SRV - (S3DSvc32) S3D Service (Win32) -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe (iZ3D Inc.)
SRV - (Microsoft SharePoint Workspace Audit Service) -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (CPUCooLServer) -- D:\Program Files\CPUCooL\CooLSRV.exe ()
SRV - (AfaService) -- D:\Windows\System32\afasrv32.exe ()
SRV - (Steam Client Service) -- D:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (UpdateCenterService) -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nTuneService) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (SensrSvc) -- D:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- D:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- D:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AEADIFilters) -- D:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (SBSDWSCService) -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WcesComm) -- D:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- D:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (nvlddmkm) -- D:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (avipbb) -- D:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- D:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- D:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (FNETURPX) -- D:\Windows\System32\drivers\FNETURPX.SYS (FNet Co., Ltd.)
DRV - (FNETTBOH) -- D:\Windows\System32\drivers\FNETTBOH.SYS (FNet Co., Ltd.)
DRV - (SASDIFSV) -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NVHDA) -- D:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (SWDUMon) -- D:\Windows\System32\drivers\SWDUMon.sys ()
DRV - (iZ3DInjectionDriver) -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys ()
DRV - (yukonw7) -- D:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (ssmdrv) -- D:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ntiopnp) -- D:\Windows\System32\drivers\ntiopnp.sys ()
DRV - (ntiomin) -- D:\Windows\System32\drivers\ntiomin.sys ()
DRV - (atksgt) -- D:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- D:\Windows\System32\drivers\lirsgt.sys ()
DRV - (sptd) -- D:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (nvoclock) -- D:\Windows\System32\drivers\nvoclock.sys (NVIDIA Corp.)
DRV - (AsIO) -- D:\Windows\System32\drivers\AsIO.sys ()
DRV - (MTsensor) -- D:\Windows\System32\drivers\ASACPI.sys ()
DRV - (vmbus) -- D:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- D:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- D:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- D:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- D:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- D:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (MagicTune) -- D:\Windows\system32\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (MHIKEY10) -- D:\Windows\System32\drivers\MHIKEY10.sys (Generic USB smartcard reader)
DRV - (LUsbFilt) -- D:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- D:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- D:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (ntiowp) -- D:\Windows\System32\drivers\ntiowp.sys ()
DRV - (speedfan) -- D:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (MR97310_VGA_DUAL_CAMERA) -- D:\Windows\System32\drivers\mr97310v.sys (Mars Semiconductor Corp.)
DRV - (UMSSSTOR) -- D:\Windows\System32\drivers\Umss.SYS (C-Media Corporation)
DRV - (giveio) -- D:\Windows\system32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
 
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions
[2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net
[2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml
[2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2009.10.27 04:32:54 | 000,000,000 | ---D | M] (BearShare MediaBar) -- D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
() (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2008.01.08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 05:14:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.12 05:19:37 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 wsuplay.ubi.com
O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 15004 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell - "" = AutoRun
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell - "" = AutoRun
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.02.25 03:09:34 | 002,834,432 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware
[2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test
[2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes
[2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas
[2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe
[2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test
[2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings
[2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared
[2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games
[2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games
[2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE
[2011.11.15 18:19:08 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim
[2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll
[2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll
[2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll
[2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll
[2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll
[2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll
[2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll
[2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll
[2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll
[2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll
[2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll
[2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll
[2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
[2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll
[2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll
[2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll
[2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys
[2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll
[2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll
[2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll
[2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher
[2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen
[2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver
[2011.11.04 02:13:34 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Akamai
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.02 22:55:35 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.02 22:55:35 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.02 22:50:10 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2011.12.02 22:48:48 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011.12.02 22:48:37 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys
[2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.02 02:36:01 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMSDaily.job
[2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable
[2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl
[2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.24 23:32:11 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011.11.24 23:32:11 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:19:08 | 000,000,893 | ---- | M] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable
[2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav
[2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma
[2011.11.15 18:19:08 | 000,000,893 | ---- | C] () -- D:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb
[2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.11 02:36:29 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMS.job
[2011.11.11 02:36:28 | 000,000,214 | ---- | C] () -- D:\Windows\tasks\AutoKMSDaily.job
[2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F}
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe
[2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll
[2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL
[2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys
[2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D}
[2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396}
[2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB}
[2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514}
[2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
[2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys
[2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI
[2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll
[2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys
[2010.04.29 02:54:23 | 000,011,832 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp64.sys
[2010.04.29 02:54:23 | 000,010,216 | ---- | C] () -- D:\Windows\System32\drivers\AsInsHelp32.sys
[2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys
[2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll
[2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db
[2010.01.03 19:28:18 | 000,012,800 | ---- | C] () -- D:\Windows\System32\drivers\ntiopnp.sys
[2010.01.03 19:28:18 | 000,011,392 | ---- | C] () -- D:\Windows\System32\drivers\ntiomin.sys
[2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe
[2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat
[2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll
[2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll
[2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll
[2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll
[2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll
[2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe
[2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll
[2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe
[2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe
[2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe
[2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll
[2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll
[2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll
[2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db
[2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI
[2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll
[2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini
[2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat
[2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll
[2006.10.20 11:57:20 | 000,012,352 | ---- | C] () -- D:\Windows\System32\drivers\ntiowp.sys
[2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe
[2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe
[2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll
[2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe
[2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll
[2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE
[2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys
 
========== Files - Unicode (All) ==========
[2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
[2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty

< End of report >

+ OTL Extra:
Code:

OTL Extras logfile created on: 02.12.2011 23:01:08 - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,96% Memory free
9,65 Gb Paging File | 8,24 Gb Available in Paging File | 85,35% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,39 Gb Free Space | 9,58% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1625,45 Gb Free Space | 89,03% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2C675E-8040-431B-99C4-137DF4FBF75A}" = Thermal Analysis Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AC76BA86-7AD7-5670-0000-800000000003}" = Korean Fonts Support For Adobe Reader 8
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"C-Media Card Reader Driver" = C-Media USB Mass Storage Driver
"CPUCooL" = CPUCooL (remove only)
"CPUFSB" = CPUFSB (remove only)
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"FLV Player2.0 " = FLV Player
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"HardlinkShellExt" = Link Shell Extension
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"Skype™ for Windows Mobile_is1" = Skype™ for Windows Mobile 3.0
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"BitTorrent" = BitTorrent
"BitTorrent DNA" = BitTorrent DNA
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >


Grap 02.12.2011 23:37

CCleaner inhalt:
Code:

Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        26.10.2009                10.0.22.87
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        26.11.2011        6,00MB        11.1.102.55
Adobe Reader 8.1.0 - Deutsch        Adobe Systems Incorporated        07.10.2011        97,9MB        8.1.0
Adobe Reader X (10.0.1) - Deutsch        Adobe Systems Incorporated        24.03.2011        115,8MB        10.0.1
Akamai NetSession Interface                03.11.2011               
Akamai NetSession Interface Service                03.11.2011               
Apple Application Support        Apple Inc.        11.10.2011        61,2MB        2.1.5
Apple Mobile Device Support        Apple Inc.        13.11.2011        24,1MB        4.0.0.97
Apple Software Update        Apple Inc.        06.07.2011        2,38MB        2.1.3.127
Assassin's Creed Brotherhood        Ubisoft        07.08.2011                1.01
Avira Free Antivirus        Avira        29.10.2011        104,5MB        12.0.0.861
BitTorrent        BitTorrent, Inc        26.10.2009                6.0
BitTorrent DNA                26.10.2009                2.0.0
Bonjour        Apple Inc.        11.10.2011        1,02MB        3.0.0.10
C-Media USB Mass Storage Driver                15.08.2010               
CCleaner        Piriform        26.11.2011                3.12
Counter-Strike        Valve        26.10.2009               
CPUCooL (remove only)                28.04.2010               
CPUFSB (remove only)                28.04.2010               
Curse Client        Curse        05.07.2011                4.0.1.112
DivX-Setup        DivX, LLC        14.11.2011                2.6.0.34
DotAzilla        Dota-League.com        02.02.2010               
Download Direct        SenBit        21.12.2008        6,94MB        1.0
Eusing Free Registry Cleaner                29.04.2010               
EVEREST Home Edition v2.20        Lavalys Inc        26.10.2009                2.20
EVGA OC Scanner 1.7.3        EVGA        16.09.2011        2,13MB       
EVGA Precision 2.0.4        EVGA Corporation        16.09.2011                2.0.4
fahrschule-weichert.de                28.08.2010               
ffdshow v1.1.3892 [2011-06-20]                23.09.2011        12,8MB        1.1.3892.0
FLV Player        Applian Technologies Inc.        26.10.2009                2.0
Free Audio CD Burner version 1.4.7        DVDVideoSoft Limited.        04.04.2011        10,7MB       
Free Audio Dub version 1.7.8.426        DVDVideoSoft Limited.        31.05.2011        22,5MB       
Free Video Flip and Rotate version 1.5        DVDVideoSoft Limited.        23.01.2010               
Free YouTube Download version 3.0.16.923        DVDVideoSoft Ltd.        08.10.2011        39,0MB       
Free YouTube to iPhone Converter version 2.10.31.305        DVDVideoSoft Limited.        23.03.2011        30,5MB       
Free YouTube to MP3 Converter version 3.10.6.727        DVDVideoSoft Limited.        01.08.2011        44,9MB       
Haali Media Splitter                23.09.2011               
Host OpenAL (ADI)                19.09.2011               
HyperCam 2                26.10.2009               
iCloud        Apple Inc.        16.10.2011        23,6MB        1.0.1.29
iPhone Explorer        Marx Softwareentwicklung        19.10.2011        7,04MB        0.9.28.4
IsoBuster 2.2        Smart Projects        25.11.2007                2.2
iTunes        Apple Inc.        13.11.2011        169,7MB        10.5.1.42
iZ3D Driver Remove        iZ3D Inc.        22.09.2011        50,7MB        1.12(4016)
Java(TM) 6 Update 29        Sun Microsystems, Inc.        21.12.2008        94,4MB        6.0.290
JDownloader        AppWork UG (haftungsbeschränkt)        30.03.2010                0.89
Korean Fonts Support For Adobe Reader 8        Adobe Systems        17.05.2010        10,0MB        8.0.0
LaCie Genie Timeline 2.1        Genie-Soft        07.10.2011                2.1
League of Legends        Riot Games        16.08.2011                1.02.0000
Link Shell Extension                12.10.2011               
MagicTunePremium        Samsung Electronics Ltd.        10.11.2011                4.0.14
Malwarebytes' Anti-Malware Version 1.51.2.1300        Malwarebytes Corporation        28.11.2011        13,8MB        1.51.2.1300
Marvell Miniport Driver        Marvell        09.01.2011                11.30.1.3
Media Manager for WALKMAN 1.1        Sony        29.04.2008        57,9MB        1.1.464
Messenger Plus! Live        Yuna Software        03.11.2010                4.90.0.392
Microsoft .NET Compact Framework 3.5        Microsoft Corporation        11.10.2009        81,7MB        3.5.7283
Microsoft .NET Framework 1.1                26.10.2009               
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        23.06.2010        38,8MB        4.0.30319
Microsoft Games for Windows - LIVE Redistributable        Microsoft Corporation        14.11.2011        32,5MB        2.0.672.0
Microsoft Office File Validation Add-In        Microsoft Corporation        07.07.2011        7,92MB        14.0.5130.5003
Microsoft Office Professional Plus 2010        Microsoft Corporation        10.11.2011                14.0.4734.1000
Microsoft Phone Data Manager (beta)        Microsoft Corporation        23.10.2009        3,39MB        2.0.1001.0
Microsoft Silverlight        Microsoft Corporation        23.06.2011        218MB        4.0.60531.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        10.04.2011        1,70MB        3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        29.08.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        23.06.2011        0,29MB        8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        02.02.2010        0,20MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        23.04.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        21.04.2010        4,32MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        01.02.2010        0,58MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        07.10.2010        0,58MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        23.06.2011        0,59MB        9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        09.10.2011        11,1MB        10.0.40219
MobileMe Control Panel        Apple Inc.        16.10.2011        12,9MB        3.1.8.0
Mozilla Firefox 8.0 (x86 de)        Mozilla        08.11.2011        40,9MB        8.0
MultiScreen        Samsung Electronics Ltd.        10.11.2011                1.00.0000
Nero Burning ROM 11        Nero AG        09.10.2011        265MB        11.0.10400
NVIDIA 3D Vision Controller Driver 285.62        NVIDIA Corporation        11.11.2011                285.62
NVIDIA 3D Vision Driver 285.62        NVIDIA Corporation        11.11.2011                285.62
NVIDIA 3D Vision Video Player        NVIDIA Corporation        23.09.2011        7,24MB        1.6.2
NVIDIA Drivers        NVIDIA Corporation        06.09.2011        63,0MB        1.10
NVIDIA Graphics Driver 285.62        NVIDIA Corporation        11.11.2011                285.62
NVIDIA HD Audio Driver 1.2.24.0        NVIDIA Corporation        11.11.2011                1.2.24.0
NVIDIA Performance        NVIDIA Corporation        18.04.2010        18,8MB        6.5
NVIDIA PhysX System Software 9.11.0621        NVIDIA Corporation        16.09.2011                9.11.0621
NVIDIA System Monitor        NVIDIA Corporation        18.04.2010        18,1MB        6.5
NVIDIA System Update        NVIDIA Corporation        18.04.2010        3,60MB        3.00
NVIDIA Update 1.5.20        NVIDIA Corporation        11.11.2011                1.5.20
Pando Media Booster        Pando Networks Inc.        16.08.2011        5,47MB        2.3.6.0
PC Inspector File Recovery                06.04.2010                4.0
PC Probe II        ASUSTeK Computer Inc.        28.04.2010                1.04.87
Picasa 3        Google, Inc.        30.08.2011                3.8
PokerStars.net        PokerStars.net        29.04.2010               
QuickTime        Apple Inc.        25.08.2011        73,0MB        7.70.80.34
RAR Password Cracker 4.12        dnSoft Research Group        21.04.2010               
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        19.09.2011                6.0.1.6449
Recuva        Piriform        07.04.2010                1.36
Rockstar Games Social Club        Rockstar Games        14.11.2011                1.00.0000
Samsung_MonSetup        Samsung        11.11.2011                1.00.0000
Skype web features        Skype Technologies S.A.        28.12.2009        4,32MB        1.0.3971
Skype™ 4.1        Skype Technologies S.A.        28.12.2009        31,1MB        4.1.179
Skype™ for Windows Mobile 3.0        Skype Limited        31.10.2010                3.0.0.256
SoundMAX        Analog Devices        19.09.2011                6.10.1.6585
SpeedFan (remove only)                28.04.2010               
Spybot - Search & Destroy        Safer Networking Limited        06.10.2010                1.6.2
Steam        Valve        29.09.2008        1,31MB        1.0.0.0
Stereoscopic Player        3dtv.at        22.09.2011        15,5MB        1.7.4
SUPERAntiSpyware        SUPERAntiSpyware.com        01.12.2011        70,8MB        5.0.1136
Switch Uninstall                26.10.2009               
SyncroSoft Emu (Remove only)                26.10.2009               
Syncrosofts Lizenz Kontrolle        Syncrosoft Hard- Und Software GmbH        26.10.2009               
System Requirements Lab for Intel        Husdawg, LLC        19.09.2011        0,75MB        4.4.24.0
TeamSpeak 3 Client        TeamSpeak Systems GmbH        26.05.2010               
Thermal Analysis Tool        Intel Corporation        28.04.2010                2.05.2006.0427
Ubisoft Game Launcher        UBISOFT        07.08.2011                1.0.0.0
UsbBoost                08.10.2011               
VideoLAN VLC media player 0.8.6d        VideoLAN Team        26.10.2009                0.8.6d
Warcraft III                26.10.2009               
Warcraft III: All Products                26.10.2009               
Warkeys 1.14.1.0b                12.12.2009                1.14.1.0b
WavePad Sound Editor        NCH Software        26.10.2009               
Winamp        Nullsoft, Inc        26.10.2009                5.52
Windows Live Essentials        Microsoft Corporation        11.04.2011                15.4.3508.1109
Windows Live Favorites für Windows Live Toolbar        Microsoft Corporation        07.11.2007        1,80MB        03.01.0146
Windows Media Encoder 9-Reihe                26.10.2009               
Windows Media Player Firefox Plugin        Microsoft Corp        18.01.2008        0,29MB        1.0.0.8
Windows Mobile Device Center        Microsoft Corporation        10.03.2009        27,5MB        6.1.6965.0
Windows Mobile Device Center Driver Update        Microsoft Corporation        08.03.2009        42,4MB        6.1.6965.0
WinRAR                26.10.2009               
Wisdom-soft AutoScreenRecorder 2.0 Free        Wisdom Software Inc.        26.10.2009               
World of Logs Client (4.2)        Digibites Technology        06.09.2011               
World of Warcraft        Blizzard Entertainment        19.11.2011                4.3.0.15005
World of Warcraft Public Test        Blizzard Entertainment        19.11.2011                0.0.0.0
XMedia Recode 3.0.0.5        Sebastian Dörfler        07.07.2011                3.0.0.5
Zattoo 3.3.4 Beta        Zattoo Inc.        11.01.2010                3.3.4 Beta
Zattoo4 4.0.3        Zattoo Inc.        22.02.2010                4.0.3


kira 03.12.2011 23:43

1.
Zitat:

Posting #2/Punkt 1. bitte noch erledigen!
2.
alte Version, kannst deinstallieren:
Zitat:

Adobe Reader 8.1.0 - Deutsch
3.
BitTorrent/DNA: gilt als unsicher und sollte daher nicht eingesetzt werden.
Was ist BitTorrent/DNA

4.
Messenger Plus! Live:
Zur Kategorie des Unsicheren gehört! Hast Du während der Installation der von Programm "zusätzlich" angebotenen Software abgewählt? Nämlich da neben der eigentlichen Software auch Adware -Programm wird (mit)installiert
Wenn du unbedingt möchtest (nicht empfohlen, da es absolut nicht nötig ist und dein MSN davon nicht betroffen), kannst du nochmal installieren, aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc möglichst abwählen![/b][/size][/quote]
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen!

5.
Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
[2009.10.27 04:32:54 | 000,000,000 | ---D | M] (BearShare MediaBar) -- D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
[2008.01.08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.08.12 05:14:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.08.12 05:19:37 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell - "" = AutoRun
O33 - MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell - "" = AutoRun
O33 - MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.02.25 03:09:34 | 002,834,432 | R--- | M] ()
[2011.12.02 22:50:10 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2011.12.02 02:36:01 | 000,000,214 | ---- | M] () -- D:\Windows\tasks\AutoKMSDaily.job

:Commands
[purity]
[emptytemp]


6.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:

► Berichte mir kurz über alle Umsetzungsschritte, die Du erledigt hast!

Grap 04.12.2011 20:17

Hey und danke für die Antwort.

-> Hab die falsche Logdatei gepostet.
Dementsprechend hab ichs jetzt neu durchlaufen lassen.

Code:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8300

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

04.12.2011 05:09:35
mbam-log-2011-12-04 (05-09-35).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 520523
Laufzeit: 2 Stunde(n), 43 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


2. -> Adobe Reader 8.1.0 hab ich jetzt gelöscht.

3. -> Bittorrent gelöscht, DNA ist anscheinend der serverschnittpunkt dazu gewesen, dementsprechend auch mitgelöscht.

4. -> Messenger Plus Live! entfernt, MSN nutz ich nichtmehr.
Hatte jedoch auch vorher immer alle Toolbars deaktiviert, da ich immer eine benutzerdefinierte Installation durchführe.

5. -> Fixen mit OTL
Code:

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "Bing" removed from browser.search.defaultenginename
Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from browser.search.defaulturl
Prefs.js: "Bing" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ not found.
Folder D:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
File D:\Program Files\mozilla firefox\plugins\npbittorrent.dll not found.
File D:\Program Files\mozilla firefox\searchplugins\bing.xml not found.
File D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File  not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File  not found.
File  not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cc3d5b1-c3f5-11de-bd5f-0017318aef19}\ not found.
File F:\INSTALL.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b2e7413-f348-11e0-999c-d52372774303}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b2e7413-f348-11e0-999c-d52372774303}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b2e7413-f348-11e0-999c-d52372774303}\ not found.
File I:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
D:\Windows\Tasks\AutoKMS.job moved successfully.
D:\Windows\Tasks\AutoKMSDaily.job moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: DooM
->Temp folder emptied: 2302364 bytes
->Temporary Internet Files folder emptied: 9352840 bytes
->Java cache emptied: 11755033 bytes
->FireFox cache emptied: 691158839 bytes
->Google Chrome cache emptied: 6761191 bytes
->Flash cache emptied: 1497419 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1576360 bytes
RecycleBin emptied: 203608478 bytes
 
Total Files Cleaned = 885,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 12042011_060334

Files\Folders moved on Reboot...
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...

6. -> OTL
OTL Logfile:
Code:

OTL logfile created on: 04.12.2011 16:12:48 - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,28% Memory free
9,65 Gb Paging File | 8,30 Gb Available in Paging File | 85,96% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,48 Gb Free Space | 9,66% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1623,92 Gb Free Space | 88,94% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2011.02.02 15:25:04 | 001,051,264 | ---- | M] (Genie-soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
PRC - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll
MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll
MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll
MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll
MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll
MOD - [2010.09.06 12:50:38 | 000,072,192 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll
MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll
MOD - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll
MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll
MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32)
SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService)
SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2011.09.14 14:58:38 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA)
DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.12.04 05:27:45 | 000,000,000 | ---D | M]
 
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions
[2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net
[2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml
[2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 wsuplay.ubi.com
O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 15004 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.04 05:27:42 | 000,000,000 | ---D | C] -- D:\_OTL
[2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware
[2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test
[2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes
[2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas
[2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe
[2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test
[2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings
[2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared
[2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games
[2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games
[2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE
[2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim
[2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll
[2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll
[2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll
[2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll
[2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll
[2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll
[2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll
[2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll
[2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll
[2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll
[2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll
[2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll
[2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
[2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll
[2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll
[2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll
[2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys
[2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll
[2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll
[2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll
[2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher
[2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen
[2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.04 15:01:14 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.04 15:01:13 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.04 14:54:26 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011.12.04 14:54:14 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys
[2011.12.04 08:16:16 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011.12.04 08:16:16 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable
[2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl
[2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
 
========== Files Created - No Company Name ==========
 
[2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable
[2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav
[2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma
[2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb
[2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F}
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe
[2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll
[2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL
[2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys
[2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D}
[2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396}
[2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB}
[2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514}
[2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
[2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys
[2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI
[2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll
[2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys
[2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys
[2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll
[2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db
[2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe
[2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat
[2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll
[2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll
[2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll
[2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll
[2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll
[2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe
[2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll
[2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe
[2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe
[2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe
[2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll
[2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll
[2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll
[2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db
[2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI
[2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll
[2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini
[2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat
[2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll
[2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe
[2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe
[2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll
[2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe
[2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll
[2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE
[2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon
[2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage
[2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare
[2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design
[2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite
[2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing
[2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft
[2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla
[2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter
[2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft
[2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver
[2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo
[2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient
[2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite
[2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster
[2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT
[2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w
[2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg
[2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player
[2011.09.20 03:25:49 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\SystemRequirementsLab
[2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer
[2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom
[2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client
[2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft
[2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft
[2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode
[2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess
[2011.11.28 23:35:50 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
[2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty

< End of report >

--- --- ---


OTL extra:
OTL Logfile:
Code:

OTL Extras logfile created on: 04.12.2011 16:12:48 - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,28% Memory free
9,65 Gb Paging File | 8,30 Gb Available in Paging File | 85,96% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,48 Gb Free Space | 9,66% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1623,92 Gb Free Space | 88,94% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2C675E-8040-431B-99C4-137DF4FBF75A}" = Thermal Analysis Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"FLV Player2.0 " = FLV Player
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"HardlinkShellExt" = Link Shell Extension
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"Skype™ for Windows Mobile_is1" = Skype™ for Windows Mobile 3.0
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

--- --- ---

kira 05.12.2011 15:33

1.
Zitat:

Spybot
- würde ich nicht mehr empfehlen, da erfüllt nicht die neue Schutzanforderungen und Lösungen Schutz vor Malware bzw gegenüber ganz neuen Herausforderungen arbeitet nicht zufriedenstellend
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"...

2.
Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:

:OTL
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\BitTorrent_DNA\npbtdna.dll (BitTorrent, Inc.)
[2009.11.01 14:33:05 | 000,002,163 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty

:Commands
[purity]
[emptytemp]


3.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

5.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

6.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

7.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Grap 06.12.2011 11:02

Hey,

Spybot werd ich gleich löschen.

Änderungen musste ich bis jetzt keine machen.

Otl Fix:
Code:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.
D:\Program Files\BitTorrent_DNA\npbtdna.dll moved successfully.
D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\searchplugins\bing.xml moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File  not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File  not found.
File  not found.
ADS D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: DooM
->Temp folder emptied: 209978 bytes
->Temporary Internet Files folder emptied: 210161 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77728090 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1067 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 840 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 75,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 12052011_165303

Files\Folders moved on Reboot...
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...


Otl:
Code:

OTL logfile created on: 05.12.2011 17:30:16 - Run 5
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,50% Memory free
9,65 Gb Paging File | 8,49 Gb Available in Paging File | 87,97% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,00 Gb Free Space | 9,22% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1623,23 Gb Free Space | 88,91% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2011.02.02 15:25:04 | 001,051,264 | ---- | M] (Genie-soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
PRC - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll
MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll
MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll
MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll
MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll
MOD - [2010.09.06 12:50:38 | 000,072,192 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSCurl.dll
MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll
MOD - [2010.06.15 02:53:48 | 001,417,216 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll
MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll
MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32)
SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService)
SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2011.09.14 14:58:38 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA)
DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.12.04 05:27:45 | 000,000,000 | ---D | M]
 
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions
[2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net
[2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 wsuplay.ubi.com
O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 15004 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O32 - Unable to obtain root file information for disk H:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.05 01:14:06 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2011.12.04 05:27:42 | 000,000,000 | ---D | C] -- D:\_OTL
[2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware
[2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test
[2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes
[2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas
[2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe
[2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test
[2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings
[2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared
[2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games
[2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games
[2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE
[2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim
[2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll
[2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll
[2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll
[2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll
[2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll
[2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll
[2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll
[2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll
[2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll
[2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll
[2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll
[2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll
[2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
[2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll
[2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll
[2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll
[2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys
[2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll
[2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll
[2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll
[2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher
[2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen
[2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.05 17:14:59 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011.12.05 17:14:47 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys
[2011.12.05 17:10:40 | 000,001,026 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg
[2011.12.05 17:09:53 | 000,032,370 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg
[2011.12.05 16:53:15 | 000,003,136 | ---- | M] () -- D:\Users\DooM\Documents\Anfrage.eml
[2011.12.04 08:16:16 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011.12.04 08:16:16 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable
[2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl
[2011.11.29 01:21:09 | 000,007,598 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
 
========== Files Created - No Company Name ==========
 
[2011.12.05 17:10:38 | 000,001,026 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg
[2011.12.05 17:09:46 | 000,032,370 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg
[2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable
[2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav
[2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma
[2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb
[2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F}
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe
[2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll
[2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL
[2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys
[2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D}
[2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396}
[2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB}
[2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514}
[2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
[2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys
[2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI
[2010.04.29 03:33:33 | 000,007,598 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll
[2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys
[2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys
[2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll
[2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db
[2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe
[2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat
[2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll
[2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll
[2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll
[2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll
[2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll
[2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe
[2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll
[2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe
[2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe
[2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe
[2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll
[2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll
[2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll
[2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db
[2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI
[2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll
[2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini
[2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat
[2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll
[2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe
[2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe
[2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll
[2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe
[2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll
[2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE
[2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon
[2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage
[2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare
[2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design
[2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite
[2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing
[2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft
[2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla
[2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter
[2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft
[2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver
[2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo
[2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient
[2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite
[2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster
[2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT
[2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w
[2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg
[2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player
[2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer
[2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom
[2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client
[2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft
[2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft
[2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode
[2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess
[2011.12.04 20:36:53 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
[2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty

< End of report >

Otl Extra
Code:

OTL Extras logfile created on: 05.12.2011 17:30:17 - Run 5
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,50% Memory free
9,65 Gb Paging File | 8,49 Gb Available in Paging File | 87,97% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 10,00 Gb Free Space | 9,22% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1825,76 Gb Total Space | 1623,23 Gb Free Space | 88,91% Space Free | Partition Type: NTFS
Drive H: | 37,25 Gb Total Space | 36,45 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >


Grap 06.12.2011 11:03

SAS:
Code:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 12/06/2011 at 02:11 AM

Application Version : 5.0.1136

Core Rules Database Version : 8012
Trace Rules Database Version: 5824

Scan type      : Complete Scan
Total Scan Time : 08:20:49

Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned      : 813
Memory threats detected  : 0
Registry items scanned    : 40346
Registry threats detected : 1
File items scanned        : 311170
File threats detected    : 126

Adware.Tracking Cookie
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .kontera.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adserver.adtechus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .traffichaus.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ads2.zeusclicks.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.tldadserv.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .counter.sexsuche.tv [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        counter2.sexmoney.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        servestats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.active-tracking.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.active-tracking.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.active-tracking.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        servestats.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.usenext.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adserver2.clipkit.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        media.campartner.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .toplist.cz [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .toplist.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        stats.computecmedia.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .microsoftsto.112.2o7.net [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .clickfuse.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .lfstmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\COOKIES.SQLITE ]

System.BrokenFileAssociation
        HKCR\.exe


ESET:
Code:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0c0c0889ad187244a9f719802ad17a4e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-06 09:44:58
# local_time=2011-12-06 10:44:58 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 3237377 3237377 0 0
# compatibility_mode=5893 16776574 100 94 3730 74780500 0 0
# compatibility_mode=8192 67108863 100 0 3820 3820 0 0
# scanned=314375
# found=2
# cleaned=2
# scan_time=15389
C:\WINDOWS\KMSEmulator.exe        a variant of Win32/HackKMS.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
D:\wow patch\SoftonicDownloader_fuer_slimdrivers.exe        a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C


Otl Log2:
Code:

OTL logfile created on: 06.12.2011 10:48:57 - Run 6
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 53,39% Memory free
9,65 Gb Paging File | 7,89 Gb Available in Paging File | 81,76% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 9,63 Gb Free Space | 8,88% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
PRC - [2011.11.09 02:48:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.11.07 19:04:36 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
PRC - [2010.06.15 02:55:52 | 000,039,936 | ---- | M] (The PHP Group) -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
PRC - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2009.11.06 12:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
PRC - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\Windows\System32\AEADISRV.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.05 17:47:57 | 000,052,736 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011.12.05 17:47:56 | 000,063,488 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011.12.02 15:31:00 | 000,117,760 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011.12.02 15:31:00 | 000,052,224 | ---- | M] () -- D:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011.11.09 02:48:14 | 001,989,592 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.15 00:54:26 | 000,265,536 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.02.02 13:43:02 | 000,342,528 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSIndexDB.dll
MOD - [2011.02.02 13:43:02 | 000,051,712 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\QueueManager.dll
MOD - [2011.02.02 13:43:00 | 000,467,968 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSWatcher4.dll
MOD - [2011.02.02 13:43:00 | 000,396,288 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSBackupManager.dll
MOD - [2011.02.02 13:43:00 | 000,144,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\Settings.dll
MOD - [2011.01.10 15:00:20 | 000,048,128 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogManager.dll
MOD - [2010.12.29 14:54:44 | 000,009,728 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\VSSEngine_Proxy.dll
MOD - [2010.12.29 14:54:38 | 000,111,616 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\BlockLevel2.dll
MOD - [2010.12.29 14:54:38 | 000,043,008 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLibrariesManager.dll
MOD - [2010.12.29 14:54:38 | 000,038,400 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSLogging.dll
MOD - [2010.09.06 12:50:38 | 000,080,384 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\GSEncryption.dll
MOD - [2010.08.31 04:42:12 | 000,023,040 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\ext\php_gstl_interface.dll
MOD - [2010.04.27 13:57:20 | 000,921,088 | ---- | M] () -- D:\Program Files\Genie-Soft\Genie Timeline\sqlite3.dll
MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll
MOD - [2004.09.30 18:09:36 | 000,155,648 | ---- | M] () -- D:\Program Files\LinkShellExtension\RockallDLL.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.11.18 01:57:41 | 003,313,752 | ---- | M] () [Auto | Running] -- d:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Users\DooM\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.02.02 15:25:02 | 000,362,624 | ---- | M] (Genie-Soft) [Auto | Running] -- D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV - [2010.10.24 23:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Disabled | Stopped] -- D:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32)
SRV - [2010.01.21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.12.22 19:23:39 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- D:\Windows\System32\afasrv32.exe -- (AfaService)
SRV - [2009.12.13 22:24:45 | 000,321,320 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.11.06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Disabled | Stopped] -- D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009.11.06 12:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.05 16:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.09 00:02:42 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011.10.09 00:02:41 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2011.09.14 14:58:38 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.03.03 19:28:29 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010.10.06 17:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.02 17:21:56 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.11.02 17:21:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.28 20:06:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.15 12:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009.08.04 09:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.16 10:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- D:\Windows\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2008.05.27 10:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2008.02.29 10:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006.03.07 17:43:40 | 000,111,872 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA)
DRV - [2004.07.13 10:40:22 | 000,048,512 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Umss.SYS -- (UMSSSTOR)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 A3 82 73 E9 54 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.citydeal.de/deals/berlin"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.15 19:42:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.11.09 02:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.12.04 05:27:45 | 000,000,000 | ---D | M]
 
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions
[2010.07.22 23:32:40 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.11.24 01:13:58 | 000,000,000 | ---D | M] (No name found) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions
[2010.04.28 00:10:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 03:52:53 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.15 23:52:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.12 03:35:47 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.17 20:15:07 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\dplauncher@digitalpublishing.de
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\max@subfighter.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (Move Media Player) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\moveplayer@movenetworks.com
[2009.10.27 04:46:09 | 000,000,000 | ---D | M] (VideoDownloader) -- D:\Users\DooM\AppData\Roaming\Mozilla\Firefox\Profiles\jtylwkr4.default\extensions\videodowloader@videodownloader.net
[2011.11.27 03:13:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011.08.25 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.27 03:13:13 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- D:\USERS\DOOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JTYLWKR4.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2011.11.09 02:48:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.08.12 05:19:37 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 05:19:37 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 05:19:37 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 05:19:37 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = D:\Users\DooM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2011.10.20 13:43:06 | 000,436,246 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 uat-onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 wsuplay.ubi.com
O1 - Hosts: 127.0.0.1 static8.cdn.ubi.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 15004 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe (Genie-soft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malwareas\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] D:\Users\DooM\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E2FD134-ADB2-4BF1-A04E-429A663BB58F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96D926D9-83A0-4C8D-80E5-3642832CB3E6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) -D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: D:\Users\DooM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 18:37:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.08 00:57:50 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.25 03:09:34 | 002,834,432 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.10 18:32:30 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.06 06:24:49 | 000,000,000 | ---D | C] -- D:\Program Files\ESET
[2011.12.05 01:14:06 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2011.12.04 05:27:42 | 000,000,000 | ---D | C] -- D:\_OTL
[2011.12.02 15:30:53 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.02 15:30:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\ProgramData\SUPERAntiSpyware.com
[2011.12.02 15:30:21 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware
[2011.12.02 13:50:09 | 000,000,000 | ---D | C] -- D:\Users\DooM\Desktop\pc test
[2011.12.01 01:39:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Roaming\Malwarebytes
[2011.11.29 21:56:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.29 21:56:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011.11.29 21:56:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2011.11.29 21:56:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malwareas
[2011.11.27 22:50:08 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2011.11.27 04:55:47 | 000,135,360 | ---- | C] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe
[2011.11.27 03:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe
[2011.11.27 02:10:32 | 002,339,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2011.11.20 14:35:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test
[2011.11.15 19:44:22 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\DDMSettings
[2011.11.15 19:41:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.11.15 19:40:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared
[2011.11.15 19:20:24 | 000,000,000 | ---D | C] -- D:\Users\DooM\Documents\Rockstar Games
[2011.11.15 19:14:47 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Rockstar Games
[2011.11.15 18:46:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Windows\System32\xlive
[2011.11.15 18:42:43 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games for Windows - LIVE
[2011.11.14 21:43:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.14 21:42:16 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2011.11.14 21:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2011.11.14 21:38:58 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Skyrim
[2011.11.14 21:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.11.14 21:32:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll
[2011.11.14 21:32:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll
[2011.11.14 21:32:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll
[2011.11.14 21:32:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll
[2011.11.14 21:32:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll
[2011.11.14 21:32:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll
[2011.11.14 21:32:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll
[2011.11.14 21:32:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll
[2011.11.14 21:32:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll
[2011.11.14 21:32:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll
[2011.11.14 21:32:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll
[2011.11.14 21:32:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll
[2011.11.12 01:42:37 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
[2011.11.12 01:42:36 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv32.dll
[2011.11.12 01:42:36 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll
[2011.11.12 01:42:36 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dum.dll
[2011.11.12 01:42:36 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvlddmkm.sys
[2011.11.12 01:42:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll
[2011.11.12 01:42:36 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll
[2011.11.12 01:42:36 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll
[2011.11.11 23:04:39 | 000,000,000 | ---D | C] -- D:\Users\DooM\AppData\Local\Ubisoft Game Launcher
[2011.11.11 22:48:06 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- D:\Windows\System32\drivers\MTiCtwl.sys
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiScreen
[2011.11.11 22:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MultiScreen
[2011.11.11 22:38:06 | 000,000,000 | ---D | C] -- D:\Program Files\MonitorDriver
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.05 19:44:31 | 000,007,594 | ---- | M] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.05 17:21:38 | 000,010,288 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.05 17:14:59 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011.12.05 17:14:47 | 2415,271,936 | -HS- | M] () -- D:\hiberfil.sys
[2011.12.05 17:10:40 | 000,001,026 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg
[2011.12.05 17:09:53 | 000,032,370 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg
[2011.12.05 16:53:15 | 000,003,136 | ---- | M] () -- D:\Users\DooM\Documents\Anfrage.eml
[2011.12.04 08:16:16 | 000,624,578 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011.12.04 08:16:16 | 000,110,216 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011.12.02 15:30:24 | 000,001,965 | ---- | M] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | M] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:14 | 000,302,592 | ---- | M] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:36 | 000,000,020 | ---- | M] () -- D:\Users\DooM\defogger_reenable
[2011.12.01 01:39:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\DooM\Desktop\OTL.exe
[2011.11.29 21:56:41 | 000,001,085 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.29 03:00:28 | 000,030,720 | ---- | M] () -- D:\Windows\System32\umstartup.etl
[2011.11.28 16:33:41 | 000,439,448 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2011.11.28 01:27:28 | 000,265,310 | ---- | M] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.27 04:55:49 | 000,135,360 | ---- | M] (Symantec Corporation) -- D:\Users\DooM\Desktop\FixBlast.exe
[2011.11.27 03:09:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.15 18:46:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\Windows\System32\CmdLineExt.dll
[2011.11.14 21:43:09 | 000,001,753 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | M] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.11 22:45:19 | 000,001,618 | ---- | M] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.11.09 02:49:06 | 000,001,845 | ---- | M] () -- D:\Users\DooM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
 
========== Files Created - No Company Name ==========
 
[2011.12.05 17:10:38 | 000,001,026 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_171035.reg
[2011.12.05 17:09:46 | 000,032,370 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111205_170937.reg
[2011.12.02 15:30:24 | 000,001,965 | ---- | C] () -- D:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.01 13:43:49 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.12.01 03:11:05 | 000,302,592 | ---- | C] () -- D:\Users\DooM\Desktop\ei0080p7.exe
[2011.12.01 02:24:20 | 000,000,020 | ---- | C] () -- D:\Users\DooM\defogger_reenable
[2011.11.29 21:56:41 | 000,001,085 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.28 01:26:43 | 000,265,310 | ---- | C] () -- D:\Users\DooM\Documents\cc_20111128_012637.reg
[2011.11.27 22:50:10 | 000,000,969 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2011.11.21 00:20:09 | 017,245,218 | ---- | C] () -- D:\Users\DooM\Desktop\Scat - Hardliner.wav
[2011.11.16 00:02:47 | 006,190,967 | ---- | C] () -- D:\wo bist du! paco, aziz, drp,mr.castro.wma
[2011.11.14 21:43:09 | 000,001,753 | ---- | C] () -- D:\Users\Public\Desktop\iTunes.lnk
[2011.11.14 21:39:38 | 000,001,261 | ---- | C] () -- D:\Users\DooM\Desktop\SkyrimLauncher.exe - Shortcut.lnk
[2011.11.12 01:42:36 | 000,004,359 | ---- | C] () -- D:\Windows\System32\nvinfo.pb
[2011.11.11 22:45:19 | 000,001,618 | ---- | C] () -- D:\Users\Public\Desktop\MultiScreen.lnk
[2011.10.28 01:30:13 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{9B30B77B-496C-4EB1-8A7B-5FC58AF3D15F}
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\System32\nvStreaming.exe
[2011.09.24 01:10:16 | 000,073,216 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll
[2011.09.23 04:35:01 | 000,190,464 | ---- | C] () -- D:\Windows\System32\PCGW32.DLL
[2011.09.02 01:05:43 | 000,023,624 | ---- | C] () -- D:\Windows\System32\drivers\hitmanpro35.sys
[2011.08.27 18:09:00 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{3450410A-36E6-44A6-982A-FF986805F67D}
[2011.08.21 15:02:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{21AC4F97-B1DB-4954-84DA-77461D8BE396}
[2011.08.16 16:49:16 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{578BD668-0AEF-4D87-9862-C6CEF5B369FB}
[2011.08.16 16:48:50 | 000,000,000 | ---- | C] () -- D:\Users\DooM\AppData\Local\{B86C665B-A39B-461B-9A27-40A63BEDF514}
[2011.05.21 01:07:07 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
[2011.01.03 00:20:00 | 000,011,232 | ---- | C] () -- D:\Windows\System32\drivers\SWDUMon.sys
[2010.08.15 16:53:07 | 000,000,118 | ---- | C] () -- D:\Windows\System32\MRT.INI
[2010.04.29 03:33:33 | 000,007,594 | ---- | C] () -- D:\Users\DooM\AppData\Local\Resmon.ResmonCfg
[2010.04.29 02:54:33 | 000,024,576 | ---- | C] () -- D:\Windows\System32\AsIO.dll
[2010.04.29 02:54:33 | 000,011,296 | ---- | C] () -- D:\Windows\System32\drivers\AsIO.sys
[2010.04.29 02:53:31 | 000,013,216 | ---- | C] () -- D:\Windows\System32\drivers\ASACPI.sys
[2010.04.06 19:04:52 | 000,286,208 | ---- | C] () -- D:\Windows\System32\Xbinkw32.dll
[2010.03.28 23:41:41 | 000,011,776 | ---- | C] () -- D:\Users\DooM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 22:20:24 | 000,023,552 | ---- | C] () -- D:\Users\DooM\AppData\Local\WebpageIcons.db
[2009.12.29 01:14:33 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.22 19:21:27 | 000,065,536 | ---- | C] () -- D:\Windows\System32\afasrv32.exe
[2009.10.27 05:01:24 | 000,021,924 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat
[2009.10.24 05:01:09 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax1.dll
[2009.10.24 05:01:09 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx1.dll
[2009.10.24 04:55:36 | 000,000,042 | ---- | C] () -- D:\Windows\System32\nt32200ax.dll
[2009.10.24 04:55:36 | 000,000,032 | ---- | C] () -- D:\Windows\ntcheck3232bx.dll
[2009.10.24 04:21:55 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,439,448 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,624,578 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,110,216 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2009.04.07 17:57:13 | 000,018,944 | ---- | C] () -- D:\Windows\eraser.exe
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 20:22:11 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll
[2008.02.03 02:29:52 | 000,502,784 | ---- | C] () -- D:\Windows\x2.64.exe
[2008.02.03 02:29:52 | 000,399,360 | ---- | C] () -- D:\Windows\System32\Smab.dll
[2008.02.03 02:29:52 | 000,240,128 | ---- | C] () -- D:\Windows\System32\x.264.exe
[2008.02.03 02:29:52 | 000,217,073 | ---- | C] () -- D:\Windows\meta4.exe
[2008.02.03 02:29:52 | 000,066,560 | ---- | C] () -- D:\Windows\MOTA113.exe
[2008.02.03 02:29:52 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll
[2008.02.03 02:29:44 | 000,027,648 | -HS- | C] () -- D:\Windows\System32\Smab0.dll
[2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll
[2007.11.28 00:49:19 | 000,002,045 | ---- | C] () -- D:\Users\DooM\AppData\Roaming\NMM-MetaData.db
[2007.11.26 17:08:06 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2007.11.26 17:08:05 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2007.11.14 13:28:56 | 000,000,173 | ---- | C] () -- D:\Windows\MusicMaker.INI
[2007.11.14 12:38:47 | 000,049,152 | ---- | C] () -- D:\Windows\System32\mgxasio2.dll
[2007.11.14 12:31:09 | 000,006,537 | ---- | C] () -- D:\Windows\mgxoschk.ini
[2007.11.08 22:05:21 | 000,054,708 | ---- | C] () -- D:\Windows\War3Unin.dat
[2007.11.08 20:40:47 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2007.11.08 20:40:45 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2007.11.08 20:40:44 | 000,626,016 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2007.11.08 20:40:44 | 000,126,518 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2007.11.08 01:04:56 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- D:\Windows\System32\CddbCdda.dll
[2003.09.16 15:50:58 | 000,229,376 | ---- | C] () -- D:\Windows\System32\CmWatch.exe
[2003.07.03 12:44:24 | 000,212,992 | ---- | C] () -- D:\Windows\System32\CmCardRm.exe
[2003.05.30 14:27:46 | 000,032,768 | ---- | C] () -- D:\Windows\System32\CmCardRm.dll
[2002.01.24 10:39:36 | 000,086,016 | ---- | C] () -- D:\Windows\System32\lxaxih.exe
[2002.01.24 10:29:26 | 000,077,824 | ---- | C] () -- D:\Windows\System32\lxaxlcnp.dll
[2002.01.24 10:09:56 | 000,174,592 | ---- | C] () -- D:\Windows\System32\LEXPPS.EXE
[2002.01.24 10:05:11 | 000,040,960 | ---- | C] () -- D:\Windows\System32\INSTMON.EXE
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2009.10.27 04:45:29 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Acreon
[2009.06.30 14:55:21 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\advantage
[2009.10.27 04:45:33 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Audacity
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\BearShare
[2010.04.02 14:47:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Command and Conquer 4
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\concept design
[2011.11.28 01:25:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DAEMON Tools Lite
[2011.10.17 20:15:20 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\digital publishing
[2011.10.09 01:23:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoft
[2011.10.09 01:23:02 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FileZilla
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FLV Extract
[2009.10.27 04:45:34 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FMZilla
[2011.04.01 17:00:46 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\FreeFLVConverter
[2011.10.08 23:03:04 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Genie-Soft
[2011.09.23 04:34:59 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\iZ3D Driver
[2009.10.27 04:45:35 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Jeyo
[2011.08.18 01:10:45 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\LolClient
[2009.10.27 04:45:55 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2011.01.07 16:03:15 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\MyPhoneExplorer
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\NCH Swift Sound
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia
[2009.10.27 04:46:10 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Nokia Multimedia Player
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Orbit
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PC Suite
[2011.08.07 23:14:05 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\PunkBuster
[2011.09.27 23:12:41 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\R-TT
[2011.10.20 12:09:16 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\redsn0w
[2011.10.20 12:15:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Software4u
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Sony
[2009.10.27 04:46:11 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Steinberg
[2011.09.23 04:56:37 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Stereoscopic Player
[2011.10.27 13:08:27 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TeamViewer
[2010.07.22 23:32:38 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TomTom
[2010.05.27 10:35:36 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\TS3Client
[2010.04.06 15:20:47 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Ubisoft
[2011.04.09 16:23:52 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\Xilisoft
[2011.03.24 23:39:50 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\XMedia Recode
[2010.07.03 01:25:07 | 000,000,000 | ---D | M] -- D:\Users\DooM\AppData\Roaming\yess
[2011.12.04 20:36:53 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.05.04 16:17:23 | 007,589,888 | ---- | M] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.04 16:16:55 | 007,589,888 | ---- | C] ()(D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . ??????- ?????.mp3) -- D:\Users\DooM\Desktop\Dariush Shatranj 'Chess' . داریوش- شطرنج.mp3
[2011.05.03 19:25:36 | 003,604,480 | ---- | M] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
[2011.05.03 19:25:08 | 003,604,480 | ---- | C] ()(D:\Users\DooM\Desktop\Leaving on a Jet plane? w_lyrics.mp3) -- D:\Users\DooM\Desktop\Leaving on a Jet plane♥ w_lyrics.mp3
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 600 bytes -> D:\Users\DooM\Documents\Anfrage.eml:OECustomProperty

< End of report >



Extra2
Code:

OTL Extras logfile created on: 06.12.2011 10:48:57 - Run 6
OTL by OldTimer - Version 3.2.31.0    Folder = D:\Users\DooM\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 53,39% Memory free
9,65 Gb Paging File | 7,89 Gb Available in Paging File | 81,76% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 4096 8192 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 108,46 Gb Total Space | 9,63 Gb Free Space | 8,88% Space Free | Partition Type: NTFS
Drive E: | 415,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DOOM-PC | User Name: DooM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406CF92B-A131-4F63-9FC9-861FAACD6EB4}" = Microsoft Phone Data Manager (beta)
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD2E489-03F4-4AC0-8B68-D8C7DFE731DD}" = Stereoscopic Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A30B7483-DF31-4C73-BBAA-7695E3D49895}" = NVIDIA 3D Vision Video Player
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}" = Download Direct
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActvMap V 4.7" = ActvMap V 4.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ares Flash Downloader_is1" = Ares Flash Downloader Powered by AdVantage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"fahrschule-weichert.de" = fahrschule-weichert.de
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7.8.426
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.31.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Genie Timeline" = LaCie Genie Timeline 2.1
"HaaliMkx" = Haali Media Splitter
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HyperCam 2" = HyperCam 2
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"Jeyo Mobile Companion 1.1_is1" = Jeyo Mobile Companion 1.1
"Jeyo Mobile Companion 2.1_is1" = Jeyo Mobile Companion 2.1
"Jeyo Mobile Extender 2.0 f¨¹r Outlook_is1" = Jeyo Mobile Extender 2.0 f¨¹r Outlook
"Kalorien Calculator 6.0.3.4_is1" = Kalorien Calculator 6.0.3.4
"LightCommubicator QVGA Setup_is1" = LightCommubicator QVGA Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Precision" = EVGA Precision 2.0.4
"RAR Password Cracker" = RAR Password Cracker 4.12
"Recuva" = Recuva
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2008.bld.24 (Jan 18, 2008)
"Switch" = Switch Uninstall
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UsbBoost" = UsbBoost
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.14.1.0b
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft AutoScreenRecorder 2.0 Free" = Wisdom-soft AutoScreenRecorder 2.0 Free
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"XMedia Recode" = XMedia Recode 3.0.0.5
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Akamai" = Akamai NetSession Interface
"Warcraft III" = Warcraft III: All Products
"World of Logs Client (4.2)" = World of Logs Client (4.2)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >


Grap 06.12.2011 11:17

Das System ist schon ein wenig flüssiger geworden, hab jedoch trotzdem eine 100% CPU Auslastung.

kira 06.12.2011 18:37

schau mal im Taskmanager (Strg+Alt+Entf), welches programm die hohe CPU-Auslastung verursacht !

1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:
Code:

CCleaner
- Zeitweise laufen lassen:-> Anleitung

2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes:
Alle Systemwiederherstellungspunkte löschen, auch den Letzten

4.
lade Dir HijackThis 2.0.4 von *von hier* herunter
HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"

5.
MBR mit aswMBR von Avast prüfen

Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin).
XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten.
Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen.
Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen.

Klicke Scan, um den Suchlauf zu starten.

Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern.
Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.

Grap 07.12.2011 03:37

Liste der Anhänge anzeigen (Anzahl: 1)
Hey,

hab jetzt nach dem genaueren Grund gesucht und nach einigen Stunden den Service "IP Helper" und "DNS Cache" als Ursache ausfindig gemacht.

Hab die beiden daraufhin beim Systemstart deaktiviert und seitdem läuft alle ganz normal. Hab somit wieder eine Auslastung von etwa 0-3%.

Jetzt frag ich mich halt nur, ob dieses Abschalten nicht vielleicht irgendwelche und seien es noch so kleine Nachteile bringen könnten.

Hab mir über CMD -> ipconfig /displaydns auch den DNS Cache angeguckt.
Dieser besteht zum größten Teil aus Ominösen Homepagelinks. Ein Beispiel hab ich in Bildform angehängt.

Hier zu dem die Logfiles:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:27:03, on 07.12.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Windows\system32\taskhost.exe
D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\UsbBoost\TurboHddUsb.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe
D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @D:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O4 - HKLM\..\Run: [Genie TimeLine Tray] D:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [UsbBoost] D:\Program Files\UsbBoost\TurboHddUsb.exe
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] D:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [iCloudServices] D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to iPhone Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\DooM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - D:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: d:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: d:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - D:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - D:\Windows\system32\AEADISRV.EXE
O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - D:\Windows\system32\afasrv32.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - D:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\Windows\System32\LEXBCES.EXE
O23 - Service: @D:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - D:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 9574 bytes


Code:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-07 03:28:44
-----------------------------
03:28:44.135    OS Version: Windows 6.1.7600
03:28:44.135    Number of processors: 2 586 0xF06
03:28:44.136    ComputerName: DOOM-PC  UserName: DooM
03:28:44.996    Initialize success
03:29:09.794    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5
03:29:09.796    Disk 0 Vendor: SAMSUNG_HD160JJ ZM100-41 Size: 152627MB BusType: 3
03:29:11.806    Disk 0 MBR read successfully
03:29:11.809    Disk 0 MBR scan
03:29:11.811    Disk 0 Windows 7 default MBR code
03:29:11.816    Disk 0 scanning sectors +268414020
03:29:11.862    Disk 0 scanning D:\Windows\system32\drivers
03:29:18.018    Service scanning
03:29:21.211    Modules scanning
03:29:33.663    Disk 0 trace - called modules:
03:29:33.683    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
03:29:33.687    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x883fa030]
03:29:33.691    3 CLASSPNP.SYS[8d59859e] -> nt!IofCallDriver -> [0x87f3d788]
03:29:33.695    5 ACPI.sys[8d0ad3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-5[0x88341908]
03:29:33.702    Scan finished successfully
03:29:58.229    Disk 0 MBR has been saved successfully to "D:\Users\DooM\Desktop\pc test\MBR.dat"
03:29:58.235    The log file has been saved successfully to "D:\Users\DooM\Desktop\pc test\aswMBR.txt"


kira 07.12.2011 12:31

und jetzt bitte Update für Win 7 ziehen, genau gesagt das SP1 hast Du noch immer nicht installiert, warum?!
► für Windows das Service Pack 1 bitte aufspielen!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand!

► Hat Dein Rechner noch Probleme?

Grap 07.12.2011 13:40

Hab ich schon einige male über das Windows Update versucht aber dieses Update hat mehrere male nach etwa 4 Stunden abgebrochen und hat dann wieder 6 Stunden gebraucht um alles rückgängig zu machen.

Nun hab ich noch ein paar Hotfixes draufgepackt und das Vorbereitungstool laufen lassen. Mal sehen wie es gleich läuft. Wenns über Windows Update nicht läuft dann versuch ichs Manuell.

Grap 08.12.2011 23:21

So, Alles probiert aber Updaten auf Servicepack 1 schlägt mit Fehler 0x80070643 fehl, jedes mal.

kira 09.12.2011 08:38

dann leider bleibt Dir nicht anders übrig, als das System neu einzurichten, da die Ursachen sehr vielfältig sein können.
-> Anleitung: Neuaufsetzen des Systems + Absicherung
-> Anleitung zum Neuaufsetzen - Windows XP, Vista und Win7


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:31 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131