CPU Auslastung durch bump.exe und find.exe
Hallo,
seit kurzer Zeit tauchen im Taskmanager immer wieder die Prozesse bump.exe und find.exe auf. Diese können nicht beendet werden. Ich habe bereits einen Scan mit OTL durchgeführt und hoffe, dass ihr mir nun helfen könnt. Hier sind die Ergebnisse des Scans:
OTL Logfile: Code:
OTL Extras logfile created on: 03.02.2011 18:18:48 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Sebi\Desktop
64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 78,00% Memory free
15,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 342,54 Gb Total Space | 208,90 Gb Free Space | 60,99% Space Free | Partition Type: NTFS
Drive D: | 123,21 Gb Total Space | 50,05 Gb Free Space | 40,62% Space Free | Partition Type: NTFS
Drive E: | 27,95 Gb Total Space | 27,86 Gb Free Space | 99,68% Space Free | Partition Type: NTFS
Computer Name: SEBI-PC | User Name: Sebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ABEF5E2-4F31-9543-EF17-AFC61AD96DB5}" = ATI Catalyst Install Manager
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6F42AB02-6626-45DE-AA69-E141FDB82CDF}" = Vegas Pro 9.0 (64-bit)
"{708DC396-5B5C-55FC-7019-BE7BB6787FB6}" = AMD Fuel
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{7A47656D-0369-4C67-D98C-DA369EC504C2}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DE1B48FB-0EA4-6E6F-5335-9095994CB7EB}" = WMV9/VC-1 Video Playback
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Recuva" = Recuva
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03533053-A0DD-0A8F-F18B-388CF251929B}" = CCC Help Finnish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04D38795-0B33-C6FC-47C9-D85DBAF82216}" = CCC Help Norwegian
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A225245-3D91-7DD2-630D-4366FA9D7BCF}" = CCC Help Thai
"{0AB51E62-5AA1-5ECC-F836-F9485DD487C3}" = Catalyst Control Center Localization All
"{0B94CF00-3A9C-AEBF-265D-EABF6EC11CEA}" = Catalyst Control Center InstallProxy
"{0C0F9C71-1185-7A98-DBE3-BC26CD85352E}" = CCC Help Korean
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205534F9-935B-4F67-6CA1-0356441E78F9}" = CCC Help Dutch
"{2C15735B-1EBA-5719-4ADD-F457205F1BA6}" = Catalyst Control Center Graphics Previews Common
"{2CA51DE4-4B69-EF24-841E-32363DE7D374}" = CCC Help Japanese
"{2E7A3D47-285C-AA71-5F43-7AD3C45A24C1}" = CCC Help English
"{2FE0023B-3858-3D60-DC15-E325E7BBBCE0}" = CCC Help Greek
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3C12C57B-8BD0-25E0-57C6-63DBB96AF447}" = CCC Help German
"{5CD0CFB1-3FE9-600A-36E4-03E1523C4989}" = CCC Help Swedish
"{5F742327-0242-4879-90A8-9220DDC4E852}" = Aion
"{607169F0-07F6-4797-99D2-D5E7C4715E20}" = Mega Manager
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6E209506-FD15-E2CC-AF7E-D1B9C5C83DC3}" = CCC Help Chinese Standard
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E5B60E2-32F4-1052-8471-708EF7965167}" = Catalyst Control Center Profiles Desktop
"{81D34549-684B-86FC-B25F-AA948D831194}" = CCC Help Russian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9400B65A-43D5-9A1F-9A94-28126CB7F684}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FF1B47E-957E-DE11-6610-799DD98BAD42}" = CCC Help Czech
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AE1A891D-68BF-0BE5-A51D-7EF7187230D4}" = CCC Help French
"{C66B45D6-0A09-0F9A-39EC-06AE4B2C1DB5}" = CCC Help Portuguese
"{C82EB045-FD47-F4F9-2527-F0195DEE1637}" = CCC Help Danish
"{CE0EF487-4B1D-7800-2BCE-CC931A6DEE3E}" = CCC Help Spanish
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D85DCD8F-2FED-306F-0BF4-9508722A1D92}" = CCC Help Chinese Traditional
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EB0B4C36-0171-73BF-B119-11FE8E641F6E}" = ccc-core-static
"{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F39B1FAE-1E05-E275-2594-C22F91D585F0}" = CCC Help Hungarian
"{F67958D5-BF91-56EF-3792-363A555155B3}" = CCC Help Polish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"FileZilla Client" = FileZilla Client 3.2.7.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Download Manager_is1" = Free Download Manager 3.0
"Free YouTube Download_is1" = Free YouTube Download version 2.10.29
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.6 (Standard)
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Uninstall_is1" = Uninstall 1.0.0.1
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.4.2
"Xfire" = Xfire (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NCsoft-AionEU" = Aion
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.01.2011 07:51:14 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 07:51:14 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 07:51:15 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 07:53:06 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 07:53:11 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 07:53:12 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 07:53:13 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 27.01.2011 10:52:59 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.01.2011 08:32:13 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 30.01.2011 17:41:15 | Computer Name = Sebi-PC | Source = Application Hang | ID = 1002
Description = Programm plugin-container.exe, Version 1.9.2.3989 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1020 Startzeit: 01cbc0830a3c4128 Endzeit: 14 Anwendungspfad:
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Berichts-ID: a85afa00-2cb9-11e0-be2a-40618667f97e
[ System Events ]
Error - 03.02.2011 10:56:27 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.6502.0&avdelta=1.97.544.0&asdelta=1.97.544.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:56:27 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.6502.0&avdelta=1.97.544.0&asdelta=1.97.544.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%801 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:56:27 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.6502.0&avdelta=1.97.544.0&asdelta=1.97.544.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:56:27 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.6502.0&avdelta=1.97.544.0&asdelta=1.97.544.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%801 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:57:02 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.0.5854.0&sig=9.1.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:57:02 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.0.5854.0&sig=9.1.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%801 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:57:02 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.0.5854.0&sig=9.1.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 10:57:02 | Computer Name = Sebi-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.544.0 Aktualisierungsquelle: %%851 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.0.5854.0&sig=9.1.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp:
%%801 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion:
Vorherige Modulversion: 1.1.6502.0 Fehlercode: 0x80072ee2 Fehlerbeschreibung: Das
Zeitlimit für den Vorgang wurde erreicht.
Error - 03.02.2011 13:01:43 | Computer Name = Sebi-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 03.02.2011 13:11:36 | Computer Name = Sebi-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 03.02.2011 18:18:48 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Sebi\Desktop
64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 78,00% Memory free
15,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 342,54 Gb Total Space | 208,90 Gb Free Space | 60,99% Space Free | Partition Type: NTFS
Drive D: | 123,21 Gb Total Space | 50,05 Gb Free Space | 40,62% Space Free | Partition Type: NTFS
Drive E: | 27,95 Gb Total Space | 27,86 Gb Free Space | 99,68% Space Free | Partition Type: NTFS
Computer Name: SEBI-PC | User Name: Sebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Sebi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe (Razer USA Ltd)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Sebi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Xfire\xfire_toucan_43094.dll (Xfire Inc.)
MOD - C:\Windows\SysWOW64\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msvcr71.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (oem-drv64) OEM-SLP2.1 Driver (HPD64) -- C:\Windows\SysNative\drivers\oem-drv64.sys (secr9tos)
DRV:64bit: - (RzSynapse) -- C:\Windows\SysNative\drivers\RzSynapse.sys (Razer USA Ltd)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (nltdi) -- C:\Programme\NetLimiter 3\nltdi.sys (Locktime Software)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..network.proxy.backup.ftp: "76.73.18.108"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "76.73.18.108"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "76.73.18.108"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "76.73.18.108"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "76.73.18.108"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "76.73.18.108"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "76.73.18.108"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "76.73.18.108"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "76.73.18.108"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.16 16:53:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.29 21:59:30 | 000,000,000 | ---D | M]
[2010.11.16 15:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebi\AppData\Roaming\mozilla\Extensions
[2011.02.03 15:57:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\r15caazh.default\extensions
[2010.12.25 04:05:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\r15caazh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.11.17 22:52:04 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\r15caazh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.24 13:16:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\r15caazh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.03 15:57:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.16 15:29:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.16 15:29:49 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.12.02 15:52:43 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES (X86)\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2010.03.27 17:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
[2010.08.19 02:27:36 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.11 14:06:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.11 14:06:57 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.11 14:06:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.11 14:06:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.11 14:06:57 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.02.03 18:10:18 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)
O4 - HKCU..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 1
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Sebi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sebi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Sebi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sebi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{96ad3d7b-f18b-11df-816d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{96ad3d7b-f18b-11df-816d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.02.03 17:59:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.02.03 17:57:40 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Sebi\Desktop\OTL.exe
[2011.02.02 20:42:27 | 000,000,000 | ---D | C] -- C:\Programme\Recuva
[2011.02.02 20:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Inspector File Recovery
[2011.02.02 20:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Inspector File Recovery
[2011.01.31 18:41:18 | 000,000,000 | ---D | C] -- C:\Users\Sebi\Desktop\PvPVids
[2011.01.27 12:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011.01.27 12:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2011.01.26 20:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.01.26 20:23:33 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.01.26 20:23:19 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011.01.20 21:01:14 | 000,000,000 | ---D | C] -- C:\Users\Sebi\Desktop\MercedesBilder
[2011.01.18 17:50:30 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Local\ElevatedDiagnostics
[2011.01.17 20:17:25 | 000,000,000 | ---D | C] -- C:\Downloads
[2011.01.12 16:01:07 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.01.12 16:01:07 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.01.12 16:01:07 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.01.12 16:01:06 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.01.12 16:01:06 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.01.12 16:01:06 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.01.12 16:01:06 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.01.12 16:01:06 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.01.12 16:01:06 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.01.12 16:01:05 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.01.12 16:01:05 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.01.12 16:01:05 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.01.12 16:01:04 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.01.12 16:01:04 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.01.12 16:01:04 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.01.12 16:01:04 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.01.12 16:01:04 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.01.12 16:01:04 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.12 16:01:04 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.01.12 16:01:04 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.01.12 16:01:04 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.01.12 16:01:04 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.01.12 16:01:04 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.01.12 16:01:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.01.12 16:01:03 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.01.12 16:01:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.01.12 16:01:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.01.12 13:54:39 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.01.12 13:54:39 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
========== Files - Modified Within 30 Days ==========
[2011.02.03 18:20:39 | 638,557,923 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl
[2011.02.03 18:11:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.03 18:11:10 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.03 18:10:27 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.03 18:10:27 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.03 18:10:18 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011.02.03 17:58:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sebi\Desktop\OTL.exe
[2011.02.03 16:53:01 | 000,005,024 | ---- | M] () -- C:\Windows\SysWow64\FilterData.dat
[2011.02.02 20:42:28 | 000,001,658 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2011.01.27 13:52:48 | 000,002,034 | ---- | M] () -- C:\Users\Sebi\Desktop\Razer Naga Configurator.lnk
[2011.01.27 12:52:21 | 004,831,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.01.27 12:50:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011.01.26 20:24:20 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.01.26 20:23:59 | 001,526,060 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.26 20:23:59 | 000,656,028 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.01.26 20:23:59 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.01.26 20:23:59 | 000,130,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.01.26 20:23:59 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.01.24 19:58:40 | 000,045,383 | ---- | M] () -- C:\Users\Sebi\Documents\Unbenannt (3).wma
[2011.01.20 21:02:31 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.01.06 01:49:31 | 557,163,202 | ---- | M] () -- C:\Windows\MEMORY.DMP
========== Files Created - No Company Name ==========
[2011.02.02 20:42:28 | 000,001,658 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2011.02.02 20:33:21 | 000,006,200 | ---- | C] () -- C:\Windows\SysWow64\INT13EXT.VXD
[2011.01.27 13:52:48 | 000,002,034 | ---- | C] () -- C:\Users\Sebi\Desktop\Razer Naga Configurator.lnk
[2011.01.27 12:50:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011.01.26 20:24:20 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.01.26 20:23:59 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.24 19:58:40 | 000,045,383 | ---- | C] () -- C:\Users\Sebi\Documents\Unbenannt (3).wma
[2011.01.06 01:49:31 | 557,163,202 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.12.29 22:36:09 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.11.21 14:57:12 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 1146 bytes -> C:\Program Files\Common Files\System:X4MuAzwj7KvWNvar4QPQhpix3tF
@Alternate Data Stream - 1108 bytes -> C:\ProgramData\Microsoft:cu1j8n2JBGvdUoGheCq2RXbPfu9W
@Alternate Data Stream - 1022 bytes -> C:\ProgramData\Microsoft:EBTminqc1rxTjuHtMlzB
< End of report >
--- --- --- |
