Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Festpallen schalten nicht mehr ab, internet sehr lahm (https://www.trojaner-board.de/95891-festpallen-schalten-mehr-ab-internet-sehr-lahm.html)

over-clocker 20.02.2011 23:23
Festpallen schalten nicht mehr ab, internet sehr lahm
 
Hallo,
ich habe komische pobleme mit denen ich nichtmehr weiter komme.

ich habe folgendes system

Mainboad: ASRock 879 extreme 3
CPU: x6 1090t
8 gb ddr 3 1333 ram
gtx 470
3 festplatten 2 davon in wechselrahmen
win 7 home prem 64

zu meinem leiden.

Normalerweise schalteten sich meine 2 festplatten in den wechselrahmen bei nichtgebrauch ab, das tun sie jetzt nicht mehr und werden mangels kühlung sehr heiß.
ebenso ist mein internet langsam geworden es scheint als würde meine systemplatte bei jedem seitenaufbau arbeiten.
ich würde euch gerne diesen hijack log posten weis aber nicht wies geht, avira findet nix.
Helft mir bob bitte weiter :heulen:

markusg 21.02.2011 10:58
hallo,bitte nutze kein hijackthis, es zeigt uns kaum infos...
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten.

over-clocker 22.02.2011 01:25
OTL Logfile:
Code:
OTL logfile created on: 22.02.2011 01:18:22 - Run 1
OTL by OldTimer - Version 3.2.20.6    Folder = C:\Users\Manuel\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 175,88 Gb Free Space | 62,96% Space Free | Partition Type: NTFS
Drive E: | 465,65 Gb Total Space | 127,37 Gb Free Space | 27,35% Space Free | Partition Type: FAT32
Drive F: | 146,48 Gb Total Space | 140,74 Gb Free Space | 96,08% Space Free | Partition Type: NTFS
Drive G: | 146,48 Gb Total Space | 144,52 Gb Free Space | 98,66% Space Free | Partition Type: NTFS
Drive H: | 78,13 Gb Total Space | 78,04 Gb Free Space | 99,88% Space Free | Partition Type: NTFS
Drive I: | 94,66 Gb Total Space | 94,43 Gb Free Space | 99,76% Space Free | Partition Type: NTFS
 
Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Manuel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Logitech\G930\G930.exe (Logitech(c))
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Manuel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (LADF_BakerROnly) -- C:\Windows\SysNative\drivers\ladfBakerRamd64.sys (Logitech)
DRV:64bit: - (LADF_BakerCOnly) -- C:\Windows\SysNative\drivers\ladfBakerCamd64.sys (Logitech)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 3D AE 99 24 D2 CB 01  [binary data]
IE - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.01.05 17:07:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.10 20:34:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.31 19:38:09 | 000,000,000 | ---D | M]
 
[2010.12.10 20:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions
[2011.02.22 01:03:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\tun5re9r.default\extensions
[2010.12.17 19:24:06 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\tun5re9r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.21 20:28:08 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\tun5re9r.default\extensions\DeviceDetection@logitech.com
[2011.01.02 22:04:30 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\tun5re9r.default\extensions\DTToolbar@toolbarnet.com
[2011.01.02 22:04:29 | 000,002,059 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\searchplugins\daemon-search.xml
[2011.02.15 16:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.12.12 20:38:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.15 16:09:55 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
[2011.01.05 17:07:45 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2011.02.15 16:09:55 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2010.12.12 20:38:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe (Logitech(c))
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3498365250-4213020722-2298320614-1000..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O4 - Startup: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
MsConfig:64bit - StartUpFolder: C:^Users^Manuel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ac'tivAid.lnk - C:\PROGRA~2\AC'TIV~1\AC'TIV~1.AHK - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: GAINWARD - hkey= - key= - C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: NUSB3MON - hkey= - key= - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
MsConfig:64bit - StartUpReg: PC Suite Tray - hkey= - key= - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig:64bit - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SearchSettings - hkey= - key= - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
MsConfig:64bit - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.22 01:16:15 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
[2011.02.20 23:31:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.02.20 23:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.02.20 23:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011.02.20 23:26:20 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\MFTools
[2011.02.20 23:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.02.20 23:00:29 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\Simply Super Software
[2011.02.20 22:42:08 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\SUPERAntiSpyware.com
[2011.02.20 22:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.02.20 22:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.02.20 22:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011.02.20 22:42:04 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2011.02.17 15:22:08 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Avira
[2011.02.17 15:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.17 15:19:54 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.17 15:19:54 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.17 15:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.17 15:19:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.15 16:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2011.02.15 16:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2011.02.12 15:08:26 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\4A Games
[2011.02.12 15:05:49 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\4A Games
[2011.02.10 17:17:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.10 17:17:08 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.10 17:17:08 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.10 17:17:08 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.10 17:17:08 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.10 17:17:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.10 17:17:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.10 17:17:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.10 17:17:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.10 17:17:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.10 17:17:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.10 17:17:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.10 17:15:41 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.10 17:15:41 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.10 17:15:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.10 17:15:40 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.10 17:15:40 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.10 17:15:40 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.10 17:15:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.10 17:15:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.10 17:15:22 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.10 17:15:21 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.10 17:15:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.10 17:15:19 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.10 17:15:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.10 17:15:19 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.10 17:15:18 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.10 17:15:18 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.10 17:15:18 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.10 17:15:18 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.10 17:15:17 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.10 17:15:17 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.10 17:15:17 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.10 17:15:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.07 22:27:17 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\click_me
[2011.02.06 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\gem_sounds
[2011.02.06 17:22:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.02.03 17:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.02.03 17:05:11 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.02.03 17:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2011.02.03 16:59:57 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2011.02.03 16:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2011.01.31 19:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2011.01.31 19:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2011.01.31 19:57:39 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\FreeCommander
[2011.01.31 19:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander
[2011.01.31 19:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeCommander
[2011.01.31 15:36:56 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\joomla15
[2011.01.30 23:58:00 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Documents\Scanned Documents
[2011.01.30 23:58:00 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\Fax
[2011.01.26 12:30:26 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\cfg
[2011.01.25 01:29:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.01.25 01:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.01.25 01:16:02 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Diagnostics
[2011.01.25 00:25:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanSoft
[2011.01.24 21:54:33 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.01.24 21:54:33 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.01.24 21:54:33 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.01.24 21:54:33 | 012,859,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.01.24 21:54:33 | 006,604,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.01.24 21:54:33 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011.01.24 21:54:33 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.01.24 21:54:33 | 003,112,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.01.24 21:54:33 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.01.24 21:54:33 | 002,479,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.01.24 21:54:33 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.01.24 21:54:33 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2011.01.24 21:54:33 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2011.01.24 21:54:33 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2011.01.24 21:54:33 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.01.24 21:54:33 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.01.24 21:54:33 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.01.24 21:54:33 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.01.24 21:54:33 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011.01.24 19:01:05 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\Rockstar Games
[2011.01.24 18:56:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.01.24 18:56:22 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Rockstar Games
[2011.01.24 18:55:11 | 000,000,000 | RH-D | C] -- C:\Users\Manuel\AppData\Roaming\SecuROM
[2011.01.24 18:54:10 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.01.24 18:52:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.01.24 18:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.01.24 17:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011.01.24 17:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2011.01.23 13:29:32 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\3DMark 11
[2011.01.23 13:29:19 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\IsolatedStorage
[2011.01.23 13:29:18 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Futuremark_Corporation
[2011.01.23 13:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared
[2011.01.23 13:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2011.01.23 13:28:09 | 000,000,000 | ---D | C] -- C:\Programme\Futuremark
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.22 01:16:20 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
[2011.02.22 00:51:12 | 000,020,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.22 00:51:12 | 000,020,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.22 00:48:24 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.22 00:48:24 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.22 00:48:24 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.22 00:48:24 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.22 00:48:24 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.22 00:43:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.22 00:43:43 | 2146,885,631 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.21 01:17:46 | 000,044,091 | ---- | M] () -- C:\Users\Manuel\Desktop\smoke.JPG
[2011.02.21 01:08:48 | 000,194,118 | ---- | M] () -- C:\Users\Manuel\Desktop\lololol.JPG
[2011.02.20 23:31:05 | 000,001,108 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.02.20 23:31:02 | 000,000,928 | ---- | M] () -- C:\Users\Manuel\Desktop\NTREGOPT.lnk
[2011.02.20 23:31:02 | 000,000,909 | ---- | M] () -- C:\Users\Manuel\Desktop\ERUNT.lnk
[2011.02.20 22:42:05 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.02.20 20:35:08 | 000,011,164 | ---- | M] () -- C:\Users\Manuel\Desktop\miri.png
[2011.02.18 11:13:58 | 000,001,523 | ---- | M] () -- C:\Users\Manuel\Desktop\ace_swapteams.rar
[2011.02.17 22:05:08 | 000,005,308 | ---- | M] () -- C:\Users\Manuel\Desktop\gem_halftime_teamswap.smx
[2011.02.17 15:19:56 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.02.14 11:10:14 | 000,037,131 | ---- | M] () -- C:\Users\Manuel\Desktop\Bewerbung.pdf
[2011.02.14 10:47:23 | 000,050,634 | ---- | M] () -- C:\Users\Manuel\Desktop\Lebenslauf.pdf
[2011.02.13 21:31:00 | 000,050,688 | ---- | M] () -- C:\Windows\SysNative\ImgX6132.dll
[2011.02.12 14:44:30 | 000,000,221 | ---- | M] () -- C:\Users\Manuel\Desktop\Metro 2033.url
[2011.02.11 12:47:07 | 000,452,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.08 20:13:53 | 000,264,851 | ---- | M] () -- C:\Users\Manuel\Desktop\abgeher.jpg
[2011.02.06 17:22:34 | 453,913,263 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.02.03 17:05:12 | 000,001,011 | ---- | M] () -- C:\Users\Manuel\Desktop\SpeedFan.lnk
[2011.02.03 17:05:11 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2011.02.03 16:59:57 | 000,001,090 | ---- | M] () -- C:\Users\Manuel\Desktop\MSI Afterburner.lnk
[2011.01.31 19:58:49 | 000,000,930 | ---- | M] () -- C:\Users\Manuel\Desktop\HD Tune.lnk
[2011.01.31 19:57:39 | 000,000,997 | ---- | M] () -- C:\Users\Manuel\Desktop\FreeCommander.lnk
[2011.01.26 07:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.26 07:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.01.24 21:43:10 | 000,002,200 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2011.01.24 18:54:10 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.01.24 00:11:21 | 000,051,091 | ---- | M] () -- C:\Users\Manuel\Desktop\Lebenslauf Manuel Colaco.pdf
[2011.01.24 00:09:30 | 000,040,479 | ---- | M] () -- C:\Users\Manuel\Desktop\Bewerbung Manuel Colaco.pdf
[2011.01.23 13:28:15 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
 
========== Files Created - No Company Name ==========
 
[2011.02.21 01:16:30 | 000,044,091 | ---- | C] () -- C:\Users\Manuel\Desktop\smoke.JPG
[2011.02.21 01:08:48 | 000,194,118 | ---- | C] () -- C:\Users\Manuel\Desktop\lololol.JPG
[2011.02.20 23:31:05 | 000,001,108 | ---- | C] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.02.20 23:31:02 | 000,000,928 | ---- | C] () -- C:\Users\Manuel\Desktop\NTREGOPT.lnk
[2011.02.20 23:31:02 | 000,000,909 | ---- | C] () -- C:\Users\Manuel\Desktop\ERUNT.lnk
[2011.02.20 22:42:05 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.02.20 20:35:08 | 000,011,164 | ---- | C] () -- C:\Users\Manuel\Desktop\miri.png
[2011.02.18 11:13:56 | 000,001,523 | ---- | C] () -- C:\Users\Manuel\Desktop\ace_swapteams.rar
[2011.02.17 22:05:08 | 000,005,308 | ---- | C] () -- C:\Users\Manuel\Desktop\gem_halftime_teamswap.smx
[2011.02.17 15:19:56 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.02.14 11:10:14 | 000,037,131 | ---- | C] () -- C:\Users\Manuel\Desktop\Bewerbung.pdf
[2011.02.14 10:47:23 | 000,050,634 | ---- | C] () -- C:\Users\Manuel\Desktop\Lebenslauf.pdf
[2011.02.13 21:31:00 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\ImgX6132.dll
[2011.02.12 14:44:30 | 000,000,221 | ---- | C] () -- C:\Users\Manuel\Desktop\Metro 2033.url
[2011.02.08 20:13:53 | 000,264,851 | ---- | C] () -- C:\Users\Manuel\Desktop\abgeher.jpg
[2011.02.06 17:22:34 | 453,913,263 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.02.03 17:05:12 | 000,001,011 | ---- | C] () -- C:\Users\Manuel\Desktop\SpeedFan.lnk
[2011.02.03 17:05:11 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2011.02.03 16:59:57 | 000,001,090 | ---- | C] () -- C:\Users\Manuel\Desktop\MSI Afterburner.lnk
[2011.01.31 19:58:49 | 000,000,930 | ---- | C] () -- C:\Users\Manuel\Desktop\HD Tune.lnk
[2011.01.31 19:57:39 | 000,000,997 | ---- | C] () -- C:\Users\Manuel\Desktop\FreeCommander.lnk
[2011.01.25 01:25:07 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.01.24 18:51:51 | 000,002,200 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2011.01.24 00:11:21 | 000,051,091 | ---- | C] () -- C:\Users\Manuel\Desktop\Lebenslauf Manuel Colaco.pdf
[2011.01.24 00:09:30 | 000,040,479 | ---- | C] () -- C:\Users\Manuel\Desktop\Bewerbung Manuel Colaco.pdf
[2011.01.23 13:28:15 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2010.12.10 17:45:46 | 000,000,082 | ---- | C] () -- C:\Windows\odbc_merge.INI
[2010.12.10 17:44:13 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.05.06 11:26:23 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2003.02.20 09:59:52 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\TidyATL.dll
[1999.12.15 19:16:06 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\Lpng.dll
 
========== LOP Check ==========
 
[2010.12.12 15:39:20 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Canneverbe Limited
[2011.01.02 22:10:49 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DAEMON Tools Lite
[2010.12.17 19:24:06 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.20 17:53:52 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FileZilla
[2011.01.31 19:57:39 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FreeCommander
[2010.12.23 21:22:30 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Leadertech
[2010.12.12 22:42:20 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\MAGIX
[2011.01.05 17:15:33 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Nokia
[2011.01.05 22:53:10 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\PC Suite
[2010.12.12 15:42:25 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\ShredderChess
[2011.01.19 14:54:34 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\SmartStore
[2010.12.12 19:11:56 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\TS3Client
[2011.02.10 21:44:06 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\UseNeXT
[2011.01.01 23:39:17 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Windows SideBar
[2011.01.24 23:32:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.12.10 18:11:00 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Adobe
[2011.02.17 15:22:08 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Avira
[2010.12.12 15:39:20 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Canneverbe Limited
[2011.01.02 22:10:49 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DAEMON Tools Lite
[2010.12.17 19:24:06 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.20 17:53:52 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FileZilla
[2011.01.31 19:57:39 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FreeCommander
[2010.12.10 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Identities
[2010.12.23 21:22:30 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Leadertech
[2010.12.10 23:41:42 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Macromedia
[2010.12.12 22:42:20 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\MAGIX
[2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Media Center Programs
[2011.01.19 12:58:09 | 000,000,000 | --SD | M] -- C:\Users\Manuel\AppData\Roaming\Microsoft
[2010.12.10 20:34:59 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Mozilla
[2011.01.05 17:15:33 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Nokia
[2010.12.19 00:51:32 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\NVIDIA
[2011.01.05 22:53:10 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\PC Suite
[2011.01.24 18:55:11 | 000,000,000 | RH-D | M] -- C:\Users\Manuel\AppData\Roaming\SecuROM
[2010.12.12 15:42:25 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\ShredderChess
[2011.01.19 14:54:34 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\SmartStore
[2011.02.20 22:42:08 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\SUPERAntiSpyware.com
[2010.12.12 19:11:56 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\TS3Client
[2011.02.10 21:44:06 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\UseNeXT
[2011.01.01 23:39:17 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Windows SideBar
[2010.12.12 22:41:16 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.12.27 13:56:41 | 000,010,134 | R--- | M] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.01 05:29:28 | 011,406,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >
--- --- ---

over-clocker 22.02.2011 01:27
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 22.02.2011 01:18:22 - Run 1
OTL by OldTimer - Version 3.2.20.6    Folder = C:\Users\Manuel\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 175,88 Gb Free Space | 62,96% Space Free | Partition Type: NTFS
Drive E: | 465,65 Gb Total Space | 127,37 Gb Free Space | 27,35% Space Free | Partition Type: FAT32
Drive F: | 146,48 Gb Total Space | 140,74 Gb Free Space | 96,08% Space Free | Partition Type: NTFS
Drive G: | 146,48 Gb Total Space | 144,52 Gb Free Space | 98,66% Space Free | Partition Type: NTFS
Drive H: | 78,13 Gb Total Space | 78,04 Gb Free Space | 99,88% Space Free | Partition Type: NTFS
Drive I: | 94,66 Gb Total Space | 94,43 Gb Free Space | 99,76% Space Free | Partition Type: NTFS
 
Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3498365250-4213020722-2298320614-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0C798FBB-2BA6-D113-C055-936965550F33}" = ATI Catalyst Install Manager
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{4316E318-85EC-42C3-9535-C7B49B8CAD21}" = AxCrypt 1.7.2126.0
"{46246EC2-2557-4195-829D-1FFB6CB21B98}" = Logitech G930
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 7.00
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 4.5)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.7)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0DEE907D-C36B-40F8-A205-DB86B6BFB5DA}" = MAGIX Web Designer 6 Download-Version
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5124CF1D-9467-48E4-8007-FD79EA2A76FF}_is1" = PCGH VGA-Tool 1.0.0
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{6609A4EB-CB71-422C-AA43-BBE75705D049}" = MAGIX Web Designer 6 Content
"{69FB248E-690D-434F-94A7-248D5F1ECD70}" = AMD OverDrive
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0B139A7-E8D5-49E8-A7BF-12421E652208}" = pdfforge Toolbar v4.3
"{A7A88E7C-3365-4F7F-85D2-42D95C65A54D}_is1" = Shredder Classic 4 ct 2010
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}" = RealSpeak Solo fur Deutsch - Steffi
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D91AB4D6-2CA1-4427-91B3-BB31D3C6D4EE}" = SmartStore.biz 5
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EEEEAE12-EDED-44B7-ADA8-127CB40A5F5D}" = NVIDIA Design Garage
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"ac'tivAid" = ac'tivAid v1.3.1
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Afterburner" = MSI Afterburner 2.0.0
"AutoHotkey" = AutoHotkey 1.0.47.06
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"FreeCommander_is1" = FreeCommander 2009.02b
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"MAGIX_MSI_Web_Designer_6" = MAGIX Web Designer 6 Download-Version
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MySSID_is1" = EXPERTool 7.9
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Scid_is1" = Scid 4.2.2
"SpeedFan" = SpeedFan (remove only)
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 43110" = Metro 2033
"Supersonic Sled" = NVIDIA Supersonic Sled demo
"Taxpool-Buchhalter Mini" = Taxpool-Buchhalter Mini 4.16
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.02.2011 15:21:28 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 18.02.2011 08:17:15 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\freecommander\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 18.02.2011 08:17:20 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 19.02.2011 16:08:09 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\freecommander\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 19.02.2011 16:08:15 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.02.2011 12:42:19 | Computer Name = Manuel-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3989 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1690    Startzeit:
 01cbd11ce2dd9375    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 5ea084e4-3d10-11e0-85b3-00158307ce9b 
 
Error - 20.02.2011 14:34:26 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\freecommander\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 20.02.2011 14:34:31 | Computer Name = Manuel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.02.2011 17:52:21 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_TapiSrv, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7b325  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6ab2
ID
 des fehlerhaften Prozesses: 0x584  Startzeit der fehlerhaften Anwendung: 0x01cbd13a261007fb
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: b0d7cd4d-3d3b-11e0-9bfb-00158307ce9b
 
Error - 21.02.2011 19:53:44 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7b325  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000000513bd
ID
 des fehlerhaften Prozesses: 0x4e0  Startzeit der fehlerhaften Anwendung: 0x01cbd2212fc4ef4d
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: d0bac324-3e15-11e0-a4e1-00158307ce9b
 
[ System Events ]
Error - 21.02.2011 19:44:40 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:  %%-2140993535
 
Error - 21.02.2011 19:44:40 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde:  %%-2140993535
 
Error - 21.02.2011 19:44:40 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:  %%-2140993535
 
Error - 21.02.2011 19:44:40 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde:  %%-2140993535
 
Error - 21.02.2011 19:53:45 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 21.02.2011 19:53:45 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 21.02.2011 19:53:45 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 21.02.2011 19:53:45 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 21.02.2011 19:53:45 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 21.02.2011 19:55:45 | Computer Name = Manuel-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:  %%1056
 
 
< End of report >
--- --- ---

over-clocker 22.02.2011 01:29
Also hier die gewünschten .txt
Ich danke schonmal Allen helfenden für die mühe.

over-clocker 22.02.2011 01:44
wenn ich mich recht erinnere habe ich diese problemchen erst seit dem ich neulich mal zu kino.to gestolpert bin.
habe in nem anderen thema gelesen kino.to verbreitet maleware u.s.w

markusg 22.02.2011 11:05
was hat super antispyware gefunden, log posten
download malwarebytes:
Malwarebytes
instalieren, öffnen, registerkarte aktualisierung, programm updaten.
schalte alle laufenden programme ab, trenne die internetverbindung.
registerkarte scanner, komplett scan, funde entfernen, log posten.

over-clocker 22.02.2011 12:07
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5838

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22.02.2011 12:03:07
mbam-log-2011-02-22 (12-03-07).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|I:\|)
Durchsuchte Objekte: 281090
Laufzeit: 18 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4

Infizierte Speicherprozesse:
c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> 1916 -> Not selected for removal.

Infizierte Speichermodule:
c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Not selected for removal.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.
c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files (x86)\pdfforge toolbar\IE\4.3\pdfforgetoolbarie.dll (PUP.Dealio) -> Not selected for removal.
c:\program files (x86)\pdfforge toolbar\widgihelper.exe (PUP.Dealio) -> Not selected for removal.

markusg 22.02.2011 12:09
funde entfernt? wo ist das super antispyware log?

over-clocker 22.02.2011 12:16
habe nochmal gescannt mit malewarebytes und alles entfernt ..
das superanti...log ist in arbeit ..
Danke schonmal ich poste es gleich

markusg 22.02.2011 12:27
ich möchte auch ältere sehen falls vorhanden

over-clocker 22.02.2011 12:48
Die Log von heute:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/22/2011 at 12:42 PM

Application Version : 4.48.1000

Core Rules Database Version : 6437
Trace Rules Database Version: 4249

Scan type : Complete Scan
Total Scan Time : 00:24:44

Memory items scanned : 586
Memory threats detected : 0
Registry items scanned : 14398
Registry threats detected : 0
File items scanned : 28217
File threats detected : 8

Adware.Tracking Cookie
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\manuel@eaeacom.112.2o7[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\manuel@www.zanox-affiliate[2].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\manuel@forum.usenext[2].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@apmebf[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@mediaplex[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@atdmt[2].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@doubleclick[2].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@msnportal.112.2o7[1].txt

over-clocker 22.02.2011 12:49
Die log von vorgestern abend ( erste log mit super anti spy)

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/20/2011 at 11:02 PM

Application Version : 4.48.1000

Core Rules Database Version : 6437
Trace Rules Database Version: 4249

Scan type : Complete Scan
Total Scan Time : 00:17:24

Memory items scanned : 597
Memory threats detected : 0
Registry items scanned : 14390
Registry threats detected : 0
File items scanned : 18139
File threats detected : 410

Adware.Tracking Cookie
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\manuel@eaeacom.112.2o7[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\manuel@www.zanox-affiliate[2].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\manuel@forum.usenext[2].txt
imagesrv.adition.com [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
media.mtvnservices.com [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
objects.tremormedia.com [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
s0.2mdn.net [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
secure-us.imrworldwide.com [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
www.naiadsystems.com [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
www.yourporno.com [ C:\Users\Manuel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HB4JE7QC ]
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@apmebf[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@mediaplex[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@atdmt[2].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@doubleclick[1].txt
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuel@msnportal.112.2o7[1].txt
.web-stat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.web-stat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adx.chip.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.doubleclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.weborama.fr [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.msnportal.112.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.zanox-affiliate.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.traffictrack.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.paypal.112.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.stats.paypal.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.zanox.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.zanox.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wgkocjdjgeq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad3.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.counter-strike.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.counter-strike.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad2.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
delivery.atkmedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.usenext.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.usenext.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.vinvest.122.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.traffictrack.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adviva.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wgkyamc5ehp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.im.banner.t-online.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
de.sitestat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.doubleclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
namco.missioncontrol.global-media.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.adition.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.adition.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ru4.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ru4.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ru4.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ru4.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad1.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.zanox-affiliate.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.traffictrack.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adxpose.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad4.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.counter-strike.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.counter-strike.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ww251.smartadserver.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.interclick.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.interclick.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.interclick.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.gostats.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ads.quartermedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ads.quartermedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ads.quartermedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.active-tracking.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.www.active-tracking.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.www.active-tracking.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.yourporno.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.yourporno.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.youporn.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.youporn.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.youporn.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ads.youporn.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ero-advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adultfriendfinder.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adultfriendfinder.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6whmispdzkgo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
rotator.adjuggler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
rotator.adjuggler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.mindshare.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adserver.xt-commerce.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.guj.122.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.chitika.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.pro-market.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.kontera.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adx.chip.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.anonym-surfen.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ad.adnet.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
tracking.financescout24.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.hannoversche.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
spenden.wikimedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
s07.flagcounter.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adserv.legitreviews.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving.xxxwebtraffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving.xxxwebtraffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.xiti.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.advertising.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.adserver01.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.traffictrack.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.traffictrack.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.www.traffictrack.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adserver.itsfogo.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.overture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.overture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.viacom.adbureau.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.viacom.adbureau.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
de.sitestat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
de.sitestat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.elitepvpers.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.elitepvpers.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.elitepvpers.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.elitepvpers.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.elitepvpers.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.elitepvpers.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediafire.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediafire.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediafire.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnloooczcdo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad5.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
zbox.zanox.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ads.quartermedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.komtrack.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.komtrack.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.secmedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.secmedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjkywnczmao.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjk4uod5ibp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6aek4sgazmbo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6aek4sgaziep.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wflyohczcgo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjkyqoczwfp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ads.quartermedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wakowlczsko.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.track.webgains.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wbmywhcpihp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wbmikjczelp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
de.sitestat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.112.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.countomat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad-emea.doubleclick.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.yieldmanager.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
wstat.wibiya.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjkosmcjmko.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adviva.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.active-tracking.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.active-tracking.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.zanox.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.usenext.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjliclczkcq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjkowgazgkq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.himedia.individuad.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
de.sitestat.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.clickaider.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.media-addicted.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.media-addicted.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.webtrekk.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.cheaptickets.122.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnlooocjcbo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
fl01.ct2.comclick.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
fl01.ct2.comclick.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
fl01.ct2.comclick.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.layermedia-adserver.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wmkykgazkao.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6aekicodpchp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6whk4spcpiao.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.liveperson.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.liveperson.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adserver.unitedcolo.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wbloskajsko.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnmiuhczweq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnmyulcpelq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnmiwlcjmgo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wmkisidpokq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
s2.trafficmaxx.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.etracker.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.united-domains.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adecn.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.ru4.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
user.lucidmedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.gametracker.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.im.banner.t-online.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.im.banner.t-online.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.im.banner.t-online.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.im.banner.t-online.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnmycodjihp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wnmyaldpwao.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6whlyeocjibo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wgkiskcjcgo.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
delivery.way2traffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
delivery.way2traffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
delivery.way2traffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
delivery.way2traffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
delivery.way2traffic.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjloqpcpcho.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wgl4ohdjsko.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wgkyejc5obq.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
buntebilder.trendymedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.djhabitas.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.surveymonkey.122.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.deutschepostag.112.2o7.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adx.chip.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adtech.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.im.banner.t-online.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wjkyuidjoep.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6aekyspdzefp.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stats.searchtrack.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6wckisicpgep.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.zanox-affiliate.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.etracker.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adserver1.mokono.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.box1.counter-service.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.box1.counter-service.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ads.verlag-media.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.bwr-media.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.bwr-media.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.bwr-media.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ads.verlag-media.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.etracker.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.webmasterplan.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.tracking.quisma.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.yourporno.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.yourporno.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
www.yourporno.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.e-2dj6whkiqkdzaep.stats.esomniture.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
track.effiliation.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
ads.crakmedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.girlsteachsex.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
stat.easydate.biz [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.secmedia.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.zedo.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.zedo.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.zedo.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.partypoker.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.partypoker.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.partypoker.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.www.burstnet.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.revsci.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adx.chip.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adx.chip.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
adx.chip.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.adfarm1.adition.com [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.nextag.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]
.nextag.de [ C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\cookies.sqlite ]

over-clocker 22.02.2011 12:53
Leider hängt firefox immernoch so arg, manchmal wird das bild so mehlig das ich nichtsmehr machen kann und dann dauert es 3 -8 sek dann gehts erst weiter

markusg 22.02.2011 14:55
sind das alle logs von super antispyware? falls ältere vorliegen, wie bereits 2 mal gesagt, poste die.

over-clocker 22.02.2011 15:23
Hallo, es sind alle logs von superantispyware
ich habe es erst vor kurzem installiert und bis jetzt 2 mal gescannt das sind die beiden logs.

gruß manuel

markusg 22.02.2011 15:38
ok
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

over-clocker 22.02.2011 23:59
Combofix Logfile:
Code:
ComboFix 11-02-22.01 - Manuel 22.02.2011  23:50:40.1.6 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.8191.6332 [GMT 1:00]
ausgeführt von:: c:\users\Manuel\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((  Dateien erstellt von 2011-01-22 bis 2011-02-22  ))))))))))))))))))))))))))))))
.

2011-02-22 22:52 . 2011-02-22 22:52        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-02-22 17:57 . 2009-07-14 01:41        99840        ----a-w-        c:\windows\system32\Spool\prtprocs\x64\LXKPTPRC.DLL
2011-02-22 10:41 . 2011-01-13 10:20        7844688        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE513456-93D3-4987-9ABD-98CBD5CAFA56}\mpengine.dll
2011-02-22 10:40 . 2011-02-22 10:40        --------        d-----w-        c:\users\Manuel\AppData\Roaming\Malwarebytes
2011-02-22 10:40 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-22 10:40 . 2011-02-22 10:40        --------        d-----w-        c:\programdata\Malwarebytes
2011-02-22 10:40 . 2011-02-22 10:40        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-22 10:40 . 2010-12-20 17:08        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-02-20 22:31 . 2011-02-20 22:31        --------        d-----w-        c:\program files (x86)\ERUNT
2011-02-20 21:42 . 2011-02-20 21:42        --------        d-----w-        c:\users\Manuel\AppData\Roaming\SUPERAntiSpyware.com
2011-02-20 21:42 . 2011-02-20 21:42        --------        d-----w-        c:\programdata\SUPERAntiSpyware.com
2011-02-20 21:42 . 2011-02-20 21:42        --------        d-----w-        c:\programdata\!SASCORE
2011-02-20 21:42 . 2011-02-20 21:42        --------        d-----w-        c:\program files\SUPERAntiSpyware
2011-02-17 14:22 . 2011-02-17 14:22        --------        d-----w-        c:\users\Manuel\AppData\Roaming\Avira
2011-02-17 14:19 . 2011-02-17 14:19        --------        d-----w-        c:\programdata\Avira
2011-02-17 14:19 . 2011-02-17 14:19        --------        d-----w-        c:\program files (x86)\Avira
2011-02-17 14:19 . 2011-01-10 13:23        83120        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-02-17 14:19 . 2011-01-10 13:23        116568        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-02-15 15:09 . 2011-02-15 15:09        --------        d-----w-        c:\program files (x86)\pdfforge Toolbar
2011-02-15 15:09 . 2011-02-15 15:09        --------        d-----w-        c:\program files (x86)\Application Updater
2011-02-13 20:31 . 2011-02-13 20:31        50688        ----a-w-        c:\windows\system32\ImgX6132.dll
2011-02-12 14:05 . 2011-02-12 14:05        --------        d-----w-        c:\users\Manuel\AppData\Local\4A Games
2011-02-10 16:15 . 2010-12-18 06:11        714752        ----a-w-        c:\windows\system32\kerberos.dll
2011-02-03 16:05 . 2011-02-03 16:05        --------        d-----w-        c:\program files (x86)\SpeedFan
2011-02-03 15:59 . 2011-02-03 16:01        --------        d-----w-        c:\program files (x86)\MSI Afterburner
2011-01-31 18:58 . 2011-01-31 18:58        --------        d-----w-        c:\program files (x86)\HD Tune
2011-01-31 18:57 . 2011-01-31 18:57        --------        d-----w-        c:\users\Manuel\AppData\Roaming\FreeCommander
2011-01-31 18:57 . 2011-01-31 18:57        --------        d-----w-        c:\program files (x86)\FreeCommander
2011-01-26 01:44 . 2011-01-26 01:44        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help
2011-01-25 00:29 . 2011-01-25 00:29        --------        d-sh--w-        c:\programdata\SecuROM
2011-01-25 00:16 . 2011-01-28 02:37        --------        d-----w-        c:\users\Manuel\AppData\Local\Diagnostics
2011-01-24 20:54 . 2011-01-08 03:27        67176        ----a-w-        c:\windows\system32\OpenCL.dll
2011-01-24 17:56 . 2011-01-24 20:34        --------        d-----w-        c:\users\Manuel\AppData\Local\Rockstar Games
2011-01-24 17:55 . 2011-01-24 17:55        --------        d--h--r-        c:\users\Manuel\AppData\Roaming\SecuROM
2011-01-24 17:54 . 2011-01-24 17:54        178800        ----a-w-        c:\windows\SysWow64\CmdLineExt_x64.dll
2011-01-24 17:52 . 2011-01-25 00:25        --------        d-----w-        c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-01-24 17:52 . 2011-01-24 17:52        --------        d-----w-        c:\windows\SysWow64\xlive
2011-01-24 16:23 . 2011-01-24 20:34        --------        d-----w-        c:\program files (x86)\Rockstar Games

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2010-05-06 10:26        7729256        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2011-01-08 03:27 . 2010-05-06 10:26        2200680        ----a-w-        c:\windows\system32\nvapi64.dll
2011-01-08 03:27 . 2010-05-06 10:26        20471912        ----a-w-        c:\windows\system32\nvoglv64.dll
2011-01-08 03:27 . 2010-05-06 10:26        1965672        ----a-w-        c:\windows\SysWow64\nvapi.dll
2011-01-08 03:27 . 2010-05-06 10:26        10078312        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2011-01-07 19:50 . 2011-01-07 19:50        795752        ----a-w-        c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-07 19:50 . 2011-01-07 19:50        6143080        ----a-w-        c:\windows\system32\nvcpl.dll
2011-01-07 19:49 . 2011-01-07 19:49        3156072        ----a-w-        c:\windows\system32\nvsvc64.dll
2011-01-07 19:49 . 2011-01-07 19:49        117864        ----a-w-        c:\windows\system32\nvmctray.dll
2011-01-07 19:49 . 2011-01-07 19:49        2558568        ----a-w-        c:\windows\system32\nvsvcr.dll
2011-01-07 19:49 . 2011-01-07 19:49        1005160        ----a-w-        c:\windows\system32\nvvsvc.exe
2011-01-02 21:04 . 2011-01-02 21:04        834544        ----a-w-        c:\windows\system32\drivers\sptd.sys.vir
2010-12-21 19:52 . 2010-12-21 19:52        374792        ----a-w-        c:\windows\system32\drivers\UMDF\lgSSQVGA.dll
2010-12-21 19:52 . 2010-12-21 19:52        157704        ----a-w-        c:\windows\system32\drivers\UMDF\lgSSBW.dll
2010-12-21 19:52 . 2010-12-21 19:52        22408        ----a-w-        c:\windows\system32\drivers\LGBusEnum.sys
2010-12-21 19:52 . 2010-12-21 19:52        16008        ----a-w-        c:\windows\system32\drivers\LGVirHid.sys
2010-12-12 19:38 . 2010-12-12 19:38        472808        ----a-w-        c:\windows\SysWow64\deployJava1.dll
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2988784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Logitech G930"="c:\program files (x86)\Logitech\G930\G930.exe" [2010-11-02 1516888]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R0 sptd;sptd; [x]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-04-23 136616]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Manuel\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S3 LADF_BakerCOnly;BakerC Filter Driver;c:\windows\system32\DRIVERS\ladfBakerCamd64.sys [2010-10-17 363224]
S3 LADF_BakerROnly;BakerR Filter Driver;c:\windows\system32\DRIVERS\ladfBakerRamd64.sys [2010-10-17 334552]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2010-12-21 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2010-12-21 16008]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-11-11 155752]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2010-11-16 104008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\tun5re9r.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3498365250-4213020722-2298320614-1000\Software\SecuROM\License information*]
"datasecu"=hex:85,12,8f,0c,2c,81,86,a7,74,f6,f9,e1,f4,ec,bd,9f,b4,a1,ec,58,0a,
  c4,4d,84,d0,33,ea,21,41,38,15,18,ce,48,f1,fc,82,19,50,81,d9,b7,be,6d,e8,86,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-02-22  23:56:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-02-22 22:56

Vor Suchlauf: 8 Verzeichnis(se), 186.541.625.344 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 186.381.479.936 Bytes frei

- - End Of File - - 193FD39D8CD74C45F76913F8666F772F
--- --- ---

over-clocker 23.02.2011 02:03
So ich habe heute die anderen platten überprüft die wahren im umlauf desshalb konnte ich sie erst heute testen.
malewarebytes hat einiges gefunden ..log kommt gleich

ich habe nun nochmal alle platten in einem scan gescannt und hab nixmehr gefunden
ob nun alles ok ist kann ich nicht sagen muss erst das system genau beobachten

over-clocker 23.02.2011 02:03
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5838

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.02.2011 01:39:36
mbam-log-2011-02-23 (01-39-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (E:\|I:\|)
Durchsuchte Objekte: 51611
Laufzeit: 4 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 25

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127286.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127315.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127339.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127351.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127354.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127367.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127380.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127392.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127420.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127440.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127443.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127446.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127449.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127452.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127455.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127458.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127465.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127471.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127486.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127487.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127523.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127540.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127555.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{22441e3c-05b2-4a4f-81b2-075038f72527}\RP263\A0127559.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

markusg 23.02.2011 11:39
nutzt du keygens cracks etc.?

over-clocker 23.02.2011 12:00
auf diesem system ist aktuell keine software installiert die einen keygen oder crack bedarf.
auf der platte E ist ein bisschen was drauf also cracks
aber nur dort gespeichert, nicht auf meinem system installiert

markusg 23.02.2011 12:15
ja hab ichs doch richtig gesehen, solche software egal wo gespeichert, unterstützen wir hier nicht.
nur beim neu aufsetzen.

over-clocker 23.02.2011 17:05
ja und was bedeutet das nun .. willst mir nicht weiter helfen oder wie ?

markusg 23.02.2011 17:05
nein, bei illegaler software helfen wir niemandem weiter. außer beim neu instalieren des systems

over-clocker 23.02.2011 17:09
joo jetzt lass mich doch nicht hängen nur weil auf der platte irgend ein alter müll ist .. den ich doch garnicht verwende :-(

markusg 23.02.2011 17:09
ne is klar, irgendwie verwendet niemand die keygens die wir so finden

over-clocker 23.02.2011 17:12
wirklich die platte dient ausschlieslich als speicher .. soweit ich weis ist dort nur ein no cd crack drauf für ein spiel das ich im original besitze .. nerfte mich immer so wenn ich spielen wollte und muss die cd´s suchen . aber wie gesagt auf dem aktuellen system ist keinerlei nicht lizensierte software drauf .

markusg 23.02.2011 17:16
ist egal, illegal bleibt illegal, wenn wir bei einem ne ausname machten, würde das immer so weiter gehen, deswegen gibts keine.

over-clocker 23.02.2011 17:21
Zitat:
Zitat von markusg (Beitrag 623730)
ist egal, illegal bleibt illegal, wenn wir bei einem ne ausname machten, würde das immer so weiter gehen, deswegen gibts keine.
Da solltest du aber mal in den gesetzbuchern nachlesen no cd cracks sind keinesfalls illegal ..
solange man im besitz der original cd und der spielelizenz ist
und ich hab nichts illegales auf meinem system installiert
original windoof
original einfach alles
da ich mein sys auch beruflich brauche und es laufen muss
wass es jetzt nichtmehr tut

mir graut es nur vor einer neuinstallation da dann CSS, black ops, gta4 und
windows selbst geupdatet werden muss .. wass bei meiner internetleitung locker 1-2 wochen dauert ..

desshalb brauch ich eure hilfe ..
hab wirklich kein mist drauf der illegal ist,

markusg 23.02.2011 17:26
na da zeig mir das gesetz. es gibt so eins nicht, die foren regeln sind klar in diesem punkt.

over-clocker 23.02.2011 17:30
ja aber ich hab ja überhauptnix in verwendung weder n crack noch n keygen noch sonstwas ..

over-clocker 23.02.2011 17:33
Zitat:
Zitat von markusg (Beitrag 623737)
na da zeig mir das gesetz. es gibt so eins nicht, die foren regeln sind klar in diesem punkt.
Ob legale Besitzer einer Software einen passenden Crack benutzen dürfen, ist umstritten, da es hier Widersprüche in der Rechtsprechung zum Urheberrecht gibt.

Es ist nach deutschem und österreichischem Urheberrechtsgesetz verboten, „wirksame technische“ Kopierschutzmaßnahmen zu umgehen oder dieser Umgehung dienende Programme herzustellen bzw. zu verbreiten.[1] Diese Vorschrift ist jedoch nicht auf Computerprogramme anzuwenden.[2] Die Dekompilierung ohne Zustimmung des Rechteinhabers zum ausschließlichen Zwecke der Herstellung von Interoperabilität ist legalen Besitzern der Software explizit erlaubt.[3]

Quelle:hxxp://de.wikipedia.org/wiki/No-CD-Crack#cite_note-2

markusg 23.02.2011 17:49
man sollte sich nicht nur auf wikipedia verlassen, ist sowieso wurscht, da die forenrregeln eindeutig sind

over-clocker 23.02.2011 20:08
Trotzdehm versteh ich das nicht ... tut mir leid ..
Ich hab doch garnix installiert auf meinem system ....

Nur weil ich ein Messer in der tasche habe heist das doch lange nicht dass ich Bäuche aufschlitze ..

so ist es auch mit dem nocd crack ... der ein überbleibsel einer datensicherung eines älteren pc´s war ... und auf meinem neuen system hier
überhaupt keine anwendung fand ...

also ich kann das nicht verstehen tut mir leid ...
jetzt hat man alles original und ihr habt trozdehm was zu meckern .. lol

also dann lass es einfach und ich such mir woanderst hilfe ..

markusg 23.02.2011 20:27
es geht nicht darum ob du was instaliert hast.
das können wir nicht kontrolieren und ist unerheblich.
und wenn du auf der straße mit dem messer angehalten wirst gibts trotzdem ne strafanzeige.

over-clocker 24.02.2011 14:03
Zitat:
Zitat von markusg (Beitrag 623835)
und wenn du auf der straße mit dem messer angehalten wirst gibts trotzdem ne strafanzeige.
Muaha Markus ... wo lebst denn du ? :confused:
klar wenn du jetzt mit ner 50 cm klinge durchs kaufhaus steppst mag das wohl so sein ..
aber wenn n messerchen dabei hast ?? auf der straße
kann ja sein du gehst schnitzen ^^

naja ihr könnt das thema jetzt schliesen oder sonstwass
trozdehm danke für die hilfe bis hier her

over-clocker 25.02.2011 04:21
Also ich denke ich hab den übeltäter erwischt .
nachdehm ich ja schon mit allem möglichen gescann hab und die pobleme bestanden weiterhin hab ich heute mal mit avira anti rootkit gescannt es gab 2 funde diese hab ich beseitigt, dannach fand der normale avira guard 7 trojaner.

hab nun nochmal malewarebytes , superantispyware und avira anti vir durchlaufen lassen
und es hat nichtsmehr gefunden , internet läuft wieder wie am ersten tag
ich hab übrigens zwischendurch auch auch firefox neu installiert was keine besserung brachte.
ich danke gott für dieses avira anti rootkit tool :dankeschoen:

alles ist wieder gut:singsing:


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131