Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.01.2012, 20:36   #1
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Hallo!

Wir haben das gleiche Problem / den gleichen Virus wie in diesem Thema :

http://www.trojaner-board.de/107995-...ei-findet.html

Ich habe alles genau nach Ihrer Anleitung versucht und bin soweit, dass ich die BOOT-CD erstellt habe! Soweit so gut, doch wenn ich auf dem verseuchten PC versuche die OTLPE-CD zu starten kommen wir leider nur bis zu dem Boot-Screen der CD (sprich dem Teil mit dem Balken und der Überschrift "Starting Reatogo-X-PE) Wenn dieser Geladen ist passiert erstmal nichts, irgendwann sehe ich dann kurz den Windows boot-screen und direkt darauf erscheint ein Bluescreen (komischerweise auf Englisch) wo steht "Das System musste heruntergefahren werden um schäden zu verhindern".

Ich glaube das ist eher suboptimal, was kann ich machen ? .


** Mir ist grade aufgefallen das dies der Windows-XP Bootscreen ist, wir haben aber auf beiden PC's Windows 7 **


PS: Schön das es ein Forum wie dieses gibt

Alt 23.01.2012, 20:42   #2
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



hi
kopiere mal folgendes programm auf nen usb stick:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.


stecke den stick in den infizierten pc, starte neu, drücke f8 wähle abgesicherter modus mit netzwerk
dort tippe:
d:\combofix.exe
enter
falls das nicht klappt:
e:\combofix.exe
enter
usw. wenn combofix startet und ein aktieves antimalware programm anzeigt, klicke ok.
das log dann wieder aus dem normalen modus posten.
__________________

__________________

Alt 23.01.2012, 20:48   #3
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Ich komme in den Abgesicherten Modus nicht rein. Auchnicht mit "netzwerk".
Sowie bei dem anderen User kommt auch bei mir die Meldung "es besteht noch keine Internetverbindung" Und dann kann ich nichtsmehr machen.
__________________

Geändert von sullu (23.01.2012 um 21:03 Uhr)

Alt 23.01.2012, 21:38   #4
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



sorry ich hatte mich verschrieben, ich meinte abgesicherter modus mit eingabeaufforderung.
dort sollte es gehen.
wenn nicht, kontroliere im bios mal ob du ide oder AHCI eingestellt hast, wenn es AHCI ist, wähle ide und umgekehrt, dann sollte die otl cd starten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 21:44   #5
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Danke.
Also im BIOS unter standart CMOS features steht folgendes :

Primary IDE Master [NOT DETECTED]
Primary IDE Slave [Not detected]
AHCI PORT 1 [HDD]
AHCI PORT 2 [ATAPI CDROM]
AHCI PORT 3 [NOT DETECTED]
und bei Port 4 das selbe.

Ich habe hier keine auswahlmöglichkeiten und in anderen Bereichen im BIOS finde ich die "Begriffe" bzw Abkürzungen überhaupt nicht.


** Wenn ich die Combofix.exe starten möchte wie oben von dir beschrieben sagt mir die konsole folgendes " Das Gerät ist nicht bereit ". **


Geändert von sullu (23.01.2012 um 22:32 Uhr)

Alt 24.01.2012, 12:21   #6
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



hast du auch das usb laufwerk in dem modus angesprochen, wie gesagt musst du die buchstaben mal durch probieren, da ich ja nicht weis welches dein usb laufwerk ist.
und combofix muss direkt ins stammverzeichniss, nicht in irgendeinen unterordner.
__________________
--> PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht

Alt 24.01.2012, 18:36   #7
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Ja, habe ich da die konsole sonst ausgegeben hätte das die Datei auf dem Laufwerk nicht vorhanden ist.

Danke für die bisherige Hilfe

Alt 24.01.2012, 20:08   #8
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



noch nen anderer stick zur verfügung? bzw anderer usb port.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.01.2012, 20:14   #9
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Habe es jetzt in allen ports getestet. funktioniert leider nicht. Und einen anderen Stick haben wir auchnicht.
(Meine Freundin hat wichtige Daten auf dem PC, er muss irgendwie starten ^^)

Alt 24.01.2012, 20:16   #10
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



hier steht noch mal wo man im bios schauen müsste, vllt findest du es noch.
Windows 7 Tipps - AHCI nachtrglich aktivieren
oder halt wie gesagt mal nen zweiten usb stick versuchen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.01.2012, 20:39   #11
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Ah Okay, es stand auf AHCI und ich habe es jetzt einmal auf IDE gesetzt und versuche so nocheinmal von CD zu booten.


*** Tatsache, er ist gebootet Wenigstens ein kleiner Erfolg ! ***

So, nachdem ich jetzt von der CD gebootet habe bin ich als erstes damit fortgefahren OTLPE zu starten und wie im obigen Thema einen scan zu starten. Leider konnte ich nur die OTL.txt finden. Eine Extras.txt wurde nicht erstellt.

Hier mal mein OTL.txt log :

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/24/2012 8:52:21 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.33 Mb Free Space | 74.33% Space Free | Partition Type: NTFS
Drive D: | 963.70 Mb Total Space | 958.97 Mb Free Space | 99.51% Space Free | Partition Type: FAT
Drive J: | 917.41 Gb Total Space | 654.27 Gb Free Space | 71.32% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/11/03 09:44:42 | 000,827,520 | ---- | M] (Check Point Software Technologies) [Auto] -- J:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) [Auto] -- J:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012/01/05 12:01:09 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand] -- J:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/14 15:13:20 | 003,316,000 | ---- | M] () [Auto] -- J:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/11/09 14:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- J:\Users\Pakawadee\Desktop\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/10/11 07:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 07:59:39 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/10/11 07:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/12/27 11:48:52 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- J:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 04:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto] -- J:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/12/16 12:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- J:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009/10/29 01:28:18 | 000,332,272 | ---- | M] (Google Inc.) [Disabled] -- J:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto] -- J:\Program Files (x86)\eMachines\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/25 12:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand] -- J:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- J:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/04/13 11:49:00 | 000,101,528 | ---- | M] () [Auto] -- J:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/12/10 15:52:51 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System] -- J:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/11/03 09:44:22 | 000,033,672 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- J:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2011/10/11 08:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto] -- J:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/10/11 08:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- J:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/05/10 01:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- J:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/05/07 11:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System] -- J:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 18:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/01 02:32:59 | 000,310,984 | ---- | M] () [Kernel | Auto] -- J:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/08/01 02:32:59 | 000,042,696 | ---- | M] () [Kernel | Auto] -- J:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/12/10 09:45:26 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- J:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2009/12/10 09:45:00 | 000,031,264 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- J:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2009/12/10 09:45:00 | 000,031,264 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- J:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2009/11/30 22:31:08 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2009/10/16 00:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- J:\Windows\System32\drivers\P17.sys -- (P17)
DRV:64bit: - [2009/08/21 00:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- J:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- J:\Windows\System32\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/22 09:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- J:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/02/09 04:43:10 | 000,111,104 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\hxctlflt.sys -- (hxctlflt)
DRV:64bit: - [2007/07/17 12:10:24 | 010,684,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand] -- J:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2006/07/24 10:05:00 | 000,005,632 | ---- | M] () [File_System | System] -- J:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004/12/30 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- J:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360110sn16973554z95bh8k14300
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360110sn16973554z95bh8k14300
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\Pakawadee_ON_J\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360110sn16973554z95bh8k14300
IE - HKU\Pakawadee_ON_J\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2613550
IE - HKU\Pakawadee_ON_J\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Pakawadee_ON_J\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - Reg Error: Key error. File not found
IE - HKU\Pakawadee_ON_J\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Pakawadee_ON_J\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: J:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: J:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: J:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: J:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/EPPEX: J:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi: J:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: J:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: J:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: J:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: J:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: J:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: J:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: J:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pack.google.com/Google Updater;version=14: J:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: J:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Webzen.com/NPGameWebStarter: J:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll (WEBZEN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: J:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012/01/18 01:13:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011/11/20 07:08:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/12 09:56:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/16 11:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/01 15:34:43 | 000,000,000 | ---D | M]
 
[2011/11/13 14:54:58 | 000,000,000 | ---D | M] (No name found) -- J:\Program Files (x86)\Mozilla Firefox\extensions
[2010/07/16 02:40:28 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- J:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/13 11:35:51 | 000,000,000 | ---D | M] (Yummy CONDUIT Player) -- J:\Program Files (x86)\Mozilla Firefox\extensions\YPlayer@yummy.net
[2012/01/16 11:46:35 | 000,121,816 | ---- | M] (Mozilla Foundation) -- J:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/07/17 11:47:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- J:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/13 14:54:53 | 000,001,392 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/13 14:54:53 | 000,002,252 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/13 14:54:53 | 000,001,153 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/13 14:54:53 | 000,006,805 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/13 14:54:53 | 000,001,178 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/13 14:54:53 | 000,001,105 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - J:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - J:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - J:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - J:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - J:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - J:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - J:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - J:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - J:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - J:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - J:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - J:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Pakawadee_ON_J\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - J:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKU\Pakawadee_ON_J\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - J:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\Pakawadee_ON_J\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - J:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] J:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] J:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CmPCIaudio] J:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [ISW] J:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [RtHDVCpl] J:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [4StoryPrePatch]  File not found
O4 - HKLM..\Run: [ApnUpdater] J:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [APSDaemon] J:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] J:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cl3XeOQ7Sj1b8lr] J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKLM..\Run: [CTSysVol] J:\Program Files (x86)\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] J:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NortonOnlineBackupReminder] J:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [P17RunE] J:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [ZoneAlarm] J:\Users\Pakawadee\Desktop\Programme\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\LocalService_ON_J..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_J..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Pakawadee_ON_J..\Run: [Akamai NetSession Interface] J:\Users\Pakawadee\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\Pakawadee_ON_J..\Run: [Cl3XeOQ7Sj1b8lr] J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKU\Pakawadee_ON_J..\Run: [Pando Media Booster] J:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\Pakawadee_ON_J..\Run: [Steam] J:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4:64bit: - HKLM..\RunOnce: [*Restore] J:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_J..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_J..\RunOnce: [mctadmin]  File not found
O4 - HKU\Pakawadee_ON_J..\RunOnce: [JavaInstallRetry] J:\Users\Pakawadee\AppData\LocalLow\Sun\Java\JRERunOnce.exe (Sun Microsystems, Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Pakawadee_ON_J\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Pakawadee_ON_J\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Pakawadee_ON_J\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - J:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000015 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - J:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} hxxp://www.moviegroup.tv/activex/DownloadMgr.cab (InetDownload Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - J:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - J:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (C:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe) - J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Pakawadee_ON_J Winlogon: Shell - (C:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe) - J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/23 13:54:03 | 000,095,744 | ---- | C] (Kassl GmbH) -- J:\Users\Pakawadee\AppData\Roaming\dwlGina3.dll
[2012/01/22 11:49:38 | 000,363,008 | ---- | C] (Pinnacle Systems) -- J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe
[2012/01/22 11:15:30 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Roaming\.minecraft
[2012/01/18 11:02:21 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{29598960-E56F-4C92-8EA1-26026B4B0F25}
[2012/01/18 11:02:09 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{F8924DA2-4808-4CAB-8A62-FB2638F71FE6}
[2012/01/15 08:31:11 | 000,000,000 | R--D | C] -- J:\Gemeinsame Festplatte
[2012/01/11 10:02:08 | 001,572,864 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\quartz.dll
[2012/01/11 10:02:08 | 001,328,128 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\quartz.dll
[2012/01/11 10:02:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\qdvd.dll
[2012/01/11 10:02:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\qdvd.dll
[2012/01/11 10:02:05 | 001,731,920 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ntdll.dll
[2012/01/11 10:02:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\packager.dll
[2012/01/11 10:02:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\packager.dll
[2012/01/08 13:59:55 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{8C395113-075C-4F78-9EFB-1FA924A07920}
[2012/01/08 13:59:43 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{64002321-27CA-4214-BDFD-50FA78CD159F}
[2012/01/08 12:46:24 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{401ED120-EE23-4DDF-90C9-B8776936DBBB}
[2012/01/06 06:38:40 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{4DC37EC9-2267-4637-9A8C-7B94704A1E48}
[2012/01/06 06:37:09 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{4C32CEC7-113F-45F2-9530-B98C1C013716}
[2012/01/03 19:48:42 | 000,354,176 | ---- | C] (DivX, Inc.) -- J:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2012/01/03 16:18:22 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/03 16:17:48 | 000,000,000 | ---D | C] -- J:\Program Files\iTunes
[2012/01/03 16:17:48 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\iTunes
[2012/01/03 16:17:48 | 000,000,000 | ---D | C] -- J:\Program Files\iPod
[2012/01/01 13:03:13 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{85F4BE38-73E2-4ED3-8B7E-4FF424CAF029}
[2012/01/01 13:02:58 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{A20D8008-3EC8-4437-A7FC-D335146189B9}
[2012/01/01 10:02:18 | 000,000,000 | ---D | C] -- J:\Users\Public\Documents\SilkroadR
[2012/01/01 08:27:44 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{1C4C2B53-A213-4BDA-AB41-C408052DB6E8}
[2012/01/01 08:27:30 | 000,000,000 | ---D | C] -- J:\Users\Pakawadee\AppData\Local\{98FF277D-361F-4A51-A0AB-13116F80452E}
[2010/01/13 13:05:16 | 000,057,344 | ---- | C] ( ) -- J:\Windows\SysWow64\vsnpstd3.dll
[2009/10/29 01:09:09 | 000,036,136 | ---- | C] (Oberon Media) -- J:\ProgramData\FullRemove.exe
[3 J:\Windows\System32\drivers\*.tmp files -> J:\Windows\System32\drivers\*.tmp -> ]
[1 J:\Windows\*.tmp files -> J:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/24 14:18:11 | 000,067,584 | --S- | M] () -- J:\Windows\bootstat.dat
[2012/01/24 14:17:39 | 2415,316,992 | -HS- | M] () -- J:\hiberfil.sys
[2012/01/23 13:54:19 | 000,001,106 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/23 13:54:03 | 000,095,744 | ---- | M] (Kassl GmbH) -- J:\Users\Pakawadee\AppData\Roaming\dwlGina3.dll
[2012/01/22 12:06:01 | 000,001,110 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/22 11:49:37 | 000,363,008 | ---- | M] (Pinnacle Systems) -- J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe
[2012/01/22 11:28:15 | 000,009,696 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/22 11:28:15 | 000,009,696 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/22 06:57:00 | 000,001,034 | ---- | M] () -- J:\Windows\tasks\Google Software Updater.job
[2012/01/18 16:01:03 | 000,010,093 | ---- | M] () -- J:\Users\Pakawadee\Desktop\Otto-Rate.ods
[2012/01/18 10:59:24 | 043,175,493 | ---- | M] () -- J:\Users\Pakawadee\Documents\SilkroadOnline_SROROfficial_v1.009(for_v1_004_008).exe
[2012/01/17 17:04:10 | 003,279,882 | ---- | M] () -- J:\Users\Pakawadee\Desktop\TheStar_8360.mp3
[2012/01/17 16:16:15 | 003,600,039 | ---- | M] () -- J:\Users\Pakawadee\Desktop\YingThitikarnrSiam.mp3
[2012/01/17 16:00:26 | 004,246,626 | ---- | M] () -- J:\Users\Pakawadee\Desktop\Aon.mp3
[2012/01/17 15:48:19 | 003,903,477 | ---- | M] () -- J:\Users\Pakawadee\Desktop\GotyeSomebodyThatIUsedToKnowFeatKimbra.mp3
[2012/01/17 10:58:16 | 000,001,792 | ---- | M] () -- J:\Users\Public\Desktop\iTunes.lnk
[2012/01/17 10:58:16 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/15 08:31:39 | 000,000,866 | ---- | M] () -- J:\Users\Pakawadee\Desktop\Gemeinsame Festplatte.lnk
[2012/01/12 09:56:39 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/01/11 14:25:14 | 001,621,332 | ---- | M] () -- J:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/11 14:25:14 | 000,707,908 | ---- | M] () -- J:\Windows\System32\perfh007.dat
[2012/01/11 14:25:14 | 000,661,504 | ---- | M] () -- J:\Windows\System32\perfh009.dat
[2012/01/11 14:25:14 | 000,153,394 | ---- | M] () -- J:\Windows\System32\perfc007.dat
[2012/01/11 14:25:14 | 000,125,590 | ---- | M] () -- J:\Windows\System32\perfc009.dat
[2012/01/04 06:29:25 | 000,415,916 | ---- | M] () -- J:\Windows\System32\drivers\vsconfig.xml
[2012/01/03 19:48:42 | 000,354,176 | ---- | M] (DivX, Inc.) -- J:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2012/01/03 16:02:59 | 000,002,515 | ---- | M] () -- J:\Users\Pakawadee\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/01/03 16:02:59 | 000,002,503 | ---- | M] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/01/03 15:57:56 | 000,001,245 | ---- | M] () -- J:\Windows\System32\mapisvc.inf
[2012/01/01 11:52:14 | 000,003,835 | ---- | M] () -- J:\Users\Pakawadee\Desktop\Silkroad.exe - Verknüpfung.lnk
[3 J:\Windows\System32\drivers\*.tmp files -> J:\Windows\System32\drivers\*.tmp -> ]
[1 J:\Windows\*.tmp files -> J:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/01/18 16:01:02 | 000,010,093 | ---- | C] () -- J:\Users\Pakawadee\Desktop\Otto-Rate.ods
[2012/01/18 10:58:39 | 043,175,493 | ---- | C] () -- J:\Users\Pakawadee\Documents\SilkroadOnline_SROROfficial_v1.009(for_v1_004_008).exe
[2012/01/17 17:04:06 | 003,279,882 | ---- | C] () -- J:\Users\Pakawadee\Desktop\TheStar_8360.mp3
[2012/01/17 16:16:05 | 003,600,039 | ---- | C] () -- J:\Users\Pakawadee\Desktop\YingThitikarnrSiam.mp3
[2012/01/17 15:58:34 | 004,246,626 | ---- | C] () -- J:\Users\Pakawadee\Desktop\Aon.mp3
[2012/01/17 15:48:08 | 003,903,477 | ---- | C] () -- J:\Users\Pakawadee\Desktop\GotyeSomebodyThatIUsedToKnowFeatKimbra.mp3
[2012/01/17 10:58:16 | 000,001,792 | ---- | C] () -- J:\Users\Public\Desktop\iTunes.lnk
[2012/01/15 08:31:39 | 000,000,866 | ---- | C] () -- J:\Users\Pakawadee\Desktop\Gemeinsame Festplatte.lnk
[2012/01/01 11:52:14 | 000,003,835 | ---- | C] () -- J:\Users\Pakawadee\Desktop\Silkroad.exe - Verknüpfung.lnk
[2011/08/07 09:51:58 | 000,000,097 | ---- | C] () -- J:\Users\Pakawadee\AppData\Local\fusioncache.dat
[2011/05/17 08:31:23 | 001,621,332 | ---- | C] () -- J:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/04 13:05:54 | 000,069,632 | R--- | C] () -- J:\Windows\SysWow64\xmltok.dll
[2011/05/04 13:05:54 | 000,036,864 | R--- | C] () -- J:\Windows\SysWow64\xmlparse.dll
[2011/05/02 09:50:54 | 000,252,928 | ---- | C] () -- J:\Windows\SysWow64\DShowRdpFilter.dll
[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- J:\Windows\SysWow64\xlive.dll.cat
[2010/12/27 11:42:00 | 000,002,954 | ---- | C] () -- J:\Windows\SysWow64\AudioDrv.ini
[2010/12/27 11:36:24 | 000,166,912 | ---- | C] () -- J:\Windows\SysWow64\APOMngr.DLL
[2010/12/27 11:36:24 | 000,073,728 | ---- | C] () -- J:\Windows\SysWow64\CmdRtr.DLL
[2010/12/27 11:29:28 | 000,001,578 | ---- | C] () -- J:\Windows\P17EPLS.ini
[2010/12/27 11:29:28 | 000,001,489 | ---- | C] () -- J:\Windows\P17EP51.ini
[2010/10/30 04:04:53 | 000,143,360 | ---- | C] () -- J:\Windows\SysWow64\VmixP6.dll
[2010/10/30 04:04:35 | 000,000,376 | ---- | C] () -- J:\Windows\Cmicnfg3.ini.cfl
[2010/10/29 13:46:23 | 000,002,123 | ---- | C] () -- J:\Windows\Cmicnfg3.ini.cfg
[2010/10/29 13:46:23 | 000,000,149 | ---- | C] () -- J:\Windows\Cmicnfg3.ini.imi
[2010/10/27 13:28:23 | 000,004,096 | ---- | C] () -- J:\Windows\d3dx.dat
[2010/09/12 06:49:54 | 000,000,032 | ---- | C] () -- J:\Windows\CD_Start.INI
[2010/07/13 11:35:43 | 000,352,648 | ---- | C] () -- J:\Windows\SysWow64\SysCheck2.dll
[2010/07/09 14:04:40 | 000,041,872 | ---- | C] () -- J:\Windows\SysWow64\xfcodec.dll
[2010/06/10 15:42:19 | 000,005,984 | ---- | C] () -- J:\Windows\WinInit.Ini
[2010/05/16 08:56:57 | 000,021,504 | ---- | C] () -- J:\Windows\jestertb.dll
[2010/05/16 08:18:30 | 000,000,036 | ---- | C] () -- J:\Users\Pakawadee\AppData\Roaming\TheHunterSettings.cfg
[2010/03/17 15:08:20 | 000,011,144 | ---- | C] () -- J:\Windows\SysWow64\imsinstall_loc0407.dll
[2010/03/17 15:08:20 | 000,007,048 | ---- | C] () -- J:\Windows\SysWow64\imslsp_install_loc0407.dll
[2010/03/07 11:16:44 | 000,000,600 | ---- | C] () -- J:\Users\Pakawadee\AppData\Local\PUTTY.RND
[2010/01/17 11:04:26 | 000,000,000 | ---- | C] () -- J:\ProgramData\LauncherAccess.dt
[2010/01/17 10:59:56 | 000,005,632 | ---- | C] () -- J:\Windows\SysWow64\drivers\StarOpen.sys
[2010/01/13 14:03:48 | 000,000,119 | ---- | C] () -- J:\Windows\Podcasts.INI
[2010/01/13 13:41:47 | 000,000,056 | -H-- | C] () -- J:\ProgramData\ezsidmv.dat
[2010/01/13 13:05:16 | 000,015,478 | ---- | C] () -- J:\Windows\snpstd3.ini
[2010/01/13 12:13:13 | 000,000,000 | ---- | C] () -- J:\Windows\nsreg.dat
[2009/12/10 22:28:23 | 000,002,754 | ---- | C] () -- J:\Windows\cmudax3.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- J:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- J:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- J:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- J:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- J:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- J:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- J:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- J:\Windows\SysWow64\mlang.dat
[2009/03/02 05:33:32 | 000,067,584 | ---- | C] () -- J:\Windows\SysWow64\ff_vfw.dll
[2008/11/13 00:07:24 | 000,002,177 | ---- | C] () -- J:\Windows\P17EP.ini
 
========== LOP Check ==========
 
[2010/07/14 13:48:50 | 000,000,000 | ---D | M] -- J:\ProgramData\Aliasworlds
[2010/01/13 11:33:22 | 000,000,000 | -HSD | M] -- J:\ProgramData\Anwendungsdaten
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Application Data
[2010/03/17 15:05:59 | 000,000,000 | ---D | M] -- J:\ProgramData\Avanquest Deutschland GmbH
[2010/02/16 09:55:09 | 000,000,000 | -H-D | M] -- J:\ProgramData\CanonBJ
[2012/01/08 12:53:56 | 000,000,000 | ---D | M] -- J:\ProgramData\CanonIJPLM
[2011/05/25 09:43:20 | 000,000,000 | ---D | M] -- J:\ProgramData\CCP
[2010/03/14 13:30:59 | 000,000,000 | ---D | M] -- J:\ProgramData\CheckPoint
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Desktop
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Documents
[2010/01/13 11:33:22 | 000,000,000 | -HSD | M] -- J:\ProgramData\Dokumente
[2011/08/19 05:03:47 | 000,000,000 | -HSD | M] -- J:\ProgramData\DSS
[2011/08/19 04:52:14 | 000,000,000 | ---D | M] -- J:\ProgramData\EA Core
[2011/08/19 04:52:14 | 000,000,000 | ---D | M] -- J:\ProgramData\Electronic Arts
[2009/10/29 01:27:11 | 000,000,000 | ---D | M] -- J:\ProgramData\eMachines
[2010/01/14 11:35:11 | 000,000,000 | ---D | M] -- J:\ProgramData\FarmFrenzy2
[2010/01/13 11:33:22 | 000,000,000 | -HSD | M] -- J:\ProgramData\Favoriten
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Favorites
[2010/10/23 12:38:38 | 000,000,000 | ---D | M] -- J:\ProgramData\freshgames
[2011/02/05 17:02:51 | 000,000,000 | ---D | M] -- J:\ProgramData\Friends Games
[2011/01/20 06:16:12 | 000,000,000 | ---D | M] -- J:\ProgramData\ICQ
[2010/11/07 13:01:26 | 000,000,000 | ---D | M] -- J:\ProgramData\Legacy Interactive
[2010/10/30 04:25:25 | 000,000,000 | ---D | M] -- J:\ProgramData\Mean Hamster
[2010/10/24 05:14:17 | 000,000,000 | ---D | M] -- J:\ProgramData\Meridian93
[2010/07/21 12:57:42 | 000,000,000 | ---D | M] -- J:\ProgramData\MythPeople
[2011/04/13 00:27:17 | 000,000,000 | ---D | M] -- J:\ProgramData\Nexon
[2010/01/13 11:34:08 | 000,000,000 | ---D | M] -- J:\ProgramData\OEM
[2010/01/24 09:37:10 | 000,000,000 | ---D | M] -- J:\ProgramData\Partner
[2010/11/11 16:06:57 | 000,000,000 | ---D | M] -- J:\ProgramData\PlayFirst
[2011/01/22 15:52:21 | 000,000,000 | ---D | M] -- J:\ProgramData\Playrix Entertainment
[2011/08/07 06:46:15 | 000,000,000 | ---D | M] -- J:\ProgramData\PMB Files
[2010/01/13 13:49:40 | 000,000,000 | ---D | M] -- J:\ProgramData\RapidSolution
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Start Menu
[2010/01/13 11:33:22 | 000,000,000 | -HSD | M] -- J:\ProgramData\Startmenü
[2010/10/27 14:28:48 | 000,000,000 | ---D | M] -- J:\ProgramData\SugarGames
[2011/02/05 17:13:54 | 000,000,000 | ---D | M] -- J:\ProgramData\TEMP
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Templates
[2010/10/28 07:42:50 | 000,000,000 | ---D | M] -- J:\ProgramData\Vogue Tales
[2010/01/13 11:33:22 | 000,000,000 | -HSD | M] -- J:\ProgramData\Vorlagen
[2010/08/03 13:53:12 | 000,000,000 | ---D | M] -- J:\ProgramData\XBlades
[2010/12/27 15:52:00 | 000,000,000 | ---D | M] -- J:\ProgramData\ZA_PreservedFiles
[2010/11/24 11:30:26 | 000,000,000 | ---D | M] -- J:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/11/07 14:19:25 | 000,032,640 | ---- | M] () -- J:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2012/01/17 17:14:48 | 003,763,879 | ---- | M] ()(J:\Users\Pakawadee\Desktop\??????????????????????????? ??????.mp3) -- J:\Users\Pakawadee\Desktop\ความแตกต่างระหว่างรักของเรา เอิร์น.mp3
[2012/01/17 17:14:41 | 003,763,879 | ---- | C] ()(J:\Users\Pakawadee\Desktop\??????????????????????????? ??????.mp3) -- J:\Users\Pakawadee\Desktop\ความแตกต่างระหว่างรักของเรา เอิร์น.mp3
[2012/01/17 17:07:56 | 003,790,210 | ---- | M] ()(J:\Users\Pakawadee\Desktop\??????????????????????????? Earn The star.mp3) -- J:\Users\Pakawadee\Desktop\ความแตกต่างระหว่างรักของเรา Earn The star.mp3
[2012/01/17 17:07:53 | 003,790,210 | ---- | C] ()(J:\Users\Pakawadee\Desktop\??????????????????????????? Earn The star.mp3) -- J:\Users\Pakawadee\Desktop\ความแตกต่างระหว่างรักของเรา Earn The star.mp3
[2012/01/17 17:06:42 | 004,833,437 | ---- | M] ()(J:\Users\Pakawadee\Desktop\??????????????????????? ??????.mp3) -- J:\Users\Pakawadee\Desktop\ไม่ใช่แค่เขาที่เหงาเป็น เอิร์น.mp3
[2012/01/17 17:06:30 | 004,833,437 | ---- | C] ()(J:\Users\Pakawadee\Desktop\??????????????????????? ??????.mp3) -- J:\Users\Pakawadee\Desktop\ไม่ใช่แค่เขาที่เหงาเป็น เอิร์น.mp3
[2012/01/17 17:01:17 | 003,279,882 | ---- | M] ()(J:\Users\Pakawadee\Desktop\?????????????????????? ?????? ????????? .mp3) -- J:\Users\Pakawadee\Desktop\เหตุผลที่ฉันต้องรักเธอ เอิร์น เดอะสตาร์ .mp3
[2012/01/17 17:01:06 | 003,279,882 | ---- | C] ()(J:\Users\Pakawadee\Desktop\?????????????????????? ?????? ????????? .mp3) -- J:\Users\Pakawadee\Desktop\เหตุผลที่ฉันต้องรักเธอ เอิร์น เดอะสตาร์ .mp3
[2011/12/21 14:56:27 | 000,000,000 | ---D | M](J:\Users\Pakawadee\Desktop\??????? ?????????) -- J:\Users\Pakawadee\Desktop\พุ่มพวง ดวงจันทร์
[2011/08/01 07:30:13 | 000,000,000 | ---D | C](J:\Users\Pakawadee\Desktop\??????? ?????????) -- J:\Users\Pakawadee\Desktop\พุ่มพวง ดวงจันทร์
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 149 bytes -> J:\ProgramData\TEMP:A5264343
@Alternate Data Stream - 148 bytes -> J:\ProgramData\TEMP:AB82C54F
@Alternate Data Stream - 147 bytes -> J:\ProgramData\TEMP:393F7B1E
@Alternate Data Stream - 143 bytes -> J:\ProgramData\TEMP:517B507A
@Alternate Data Stream - 141 bytes -> J:\ProgramData\TEMP:56F368C9
@Alternate Data Stream - 140 bytes -> J:\ProgramData\TEMP:9D5BB34A
@Alternate Data Stream - 139 bytes -> J:\ProgramData\TEMP:10CFA7D4
@Alternate Data Stream - 137 bytes -> J:\ProgramData\TEMP:C611D6C8
@Alternate Data Stream - 137 bytes -> J:\ProgramData\TEMP:ADFAD95A
@Alternate Data Stream - 133 bytes -> J:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 133 bytes -> J:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 127 bytes -> J:\ProgramData\TEMP:FEEEFFAD
@Alternate Data Stream - 126 bytes -> J:\ProgramData\TEMP:D9987109
@Alternate Data Stream - 125 bytes -> J:\ProgramData\TEMP:B3942462
@Alternate Data Stream - 122 bytes -> J:\ProgramData\TEMP:059167AF
@Alternate Data Stream - 121 bytes -> J:\ProgramData\TEMP:1B9E79B3
@Alternate Data Stream - 120 bytes -> J:\ProgramData\TEMP:8CCDAB14
@Alternate Data Stream - 120 bytes -> J:\ProgramData\TEMP:61A065F2
@Alternate Data Stream - 120 bytes -> J:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 117 bytes -> J:\ProgramData\TEMP:FECEF728
@Alternate Data Stream - 117 bytes -> J:\ProgramData\TEMP:AE2EA3C2
@Alternate Data Stream - 117 bytes -> J:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 115 bytes -> J:\ProgramData\TEMP:EF794BCD
@Alternate Data Stream - 113 bytes -> J:\ProgramData\TEMP:A688EF17
@Alternate Data Stream - 113 bytes -> J:\ProgramData\TEMP:413E2927
@Alternate Data Stream - 112 bytes -> J:\ProgramData\TEMP:FDCAE7B5
@Alternate Data Stream - 101 bytes -> J:\ProgramData\TEMP:52E1DB1D
@Alternate Data Stream - 100 bytes -> J:\ProgramData\TEMP:BDF08FAF
< End of report >
         
--- --- ---

Geändert von sullu (24.01.2012 um 21:05 Uhr)

Alt 24.01.2012, 21:34   #12
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



der erfolg ist nicht zu verachten, wir können ja arbeiten jetzt :-)
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O4 - HKU\Pakawadee_ON_J..\Run: [Cl3XeOQ7Sj1b8lr] J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKLM..\Run: [Cl3XeOQ7Sj1b8lr] J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O20 - HKLM Winlogon: Shell - (C:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe) - J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O20 - HKU\Pakawadee_ON_J Winlogon: Shell - (C:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe) - J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe (Pinnacle
Systems)
[2012/01/23 13:54:03 | 000,095,744 | ---- | C] (Kassl GmbH) -- J:\Users\Pakawadee\AppData\Roaming\dwlGina3.dll
[2012/01/22 11:49:38 | 000,363,008 | ---- | C] (Pinnacle Systems) -- J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe

:Files
J:\Users\Pakawadee\AppData\Roaming\5u4hw45eu.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         
dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.


Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( J: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.01.2012, 21:59   #13
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



*Edit: So PC bootet wieder, hierfür schonmal aller besten Dank! OLT.txt wird allerdings nicht geöffnet!
Mein Systemlaufwirk wird auch wieder als C: angezeigt. Komisch warum es mit der BootCD J war

Datei: MovedFiles.zip empfangen

Vorgang erfolgreich abgeschlossen.


Bis hierher schonmal vielen Dank! Was kommt nun ?
PS: Ich habe keine Icons mehr auf dem Desktop und kann diesen auch nichtmehr "rechtsklicken".

Geändert von sullu (24.01.2012 um 22:43 Uhr)

Alt 25.01.2012, 16:19   #14
markusg
/// Malware-holic
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



hi, danke erst mal für den upload.
wie sieht es aus, wenn du das gerät neu startest, f8 drückst, dort abgesicherter modus mit netzwerk wählst, kannst du da arbeiten?
falls ja:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.01.2012, 18:59   #15
sullu
 
PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Standard

PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht



Hallo!
Der Text ist zu lang, deswegen poste ich ihn in 2 posts.

Teil 1
Code:
ATTFilter
ComboFix 12-01-23.02 - Pakawadee 25.01.2012  18:26:05.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3071.1963 [GMT 1:00]
ausgeführt von:: C:\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\Common Files\emachines.ico
c:\windows\jestertb.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-25 bis 2012-01-25  ))))))))))))))))))))))))))))))
.
.
2012-01-25 17:36 . 2012-01-25 17:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-01-25 17:36 . 2012-01-25 17:36	--------	d-----w-	c:\users\test\AppData\Local\temp
2012-01-25 03:31 . 2011-07-13 02:55	2237440	----a-r-	C:\OTLPE.exe
2012-01-25 02:52 . 2012-01-24 21:38	--------	d-----w-	C:\_OTL
2012-01-24 21:42 . 2012-01-06 05:15	8602168	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8799349C-B93C-4385-8C37-BEF0098CE508}\mpengine.dll
2012-01-22 16:15 . 2012-01-22 16:33	--------	d-----w-	c:\users\Pakawadee\AppData\Roaming\.minecraft
2012-01-16 16:46 . 2012-01-16 16:46	626688	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-16 16:46 . 2012-01-16 16:46	548864	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-16 16:46 . 2012-01-16 16:46	479232	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-16 16:46 . 2012-01-16 16:46	43992	----a-w-	c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-15 13:31 . 2012-01-18 16:08	--------	d-----r-	C:\Gemeinsame Festplatte
2012-01-11 15:02 . 2011-10-26 05:25	1572864	----a-w-	c:\windows\system32\quartz.dll
2012-01-11 15:02 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\SysWow64\quartz.dll
2012-01-11 15:02 . 2011-10-26 05:25	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-01-11 15:02 . 2011-10-26 04:32	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-01-11 15:02 . 2011-11-17 06:41	1731920	----a-w-	c:\windows\system32\ntdll.dll
2012-01-11 15:02 . 2011-11-17 05:38	1292080	----a-w-	c:\windows\SysWow64\ntdll.dll
2012-01-11 15:02 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-01-11 15:02 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-01-04 00:48 . 2012-01-04 00:48	354176	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2012-01-03 21:17 . 2012-01-03 21:18	--------	d-----w-	c:\program files\iTunes
2012-01-03 21:17 . 2012-01-03 21:18	--------	d-----w-	c:\program files (x86)\iTunes
2012-01-03 21:17 . 2012-01-03 21:17	--------	d-----w-	c:\program files\iPod
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 04:52 . 2011-12-13 20:59	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2010-03-14 18:20	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-11-05 05:32 . 2011-12-13 20:59	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-05 04:26 . 2011-12-13 20:59	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-11-04 01:53 . 2011-12-13 21:20	2309120	----a-w-	c:\windows\system32\jscript9.dll
2011-11-04 01:44 . 2011-12-13 21:20	1390080	----a-w-	c:\windows\system32\wininet.dll
2011-11-04 01:44 . 2011-12-13 21:20	1493504	----a-w-	c:\windows\system32\inetcpl.cpl
2011-11-04 01:34 . 2011-12-13 21:20	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-11-03 22:47 . 2011-12-13 21:20	1798144	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-11-03 22:40 . 2011-12-13 21:20	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-11-03 22:39 . 2011-12-13 21:20	1127424	----a-w-	c:\windows\SysWow64\wininet.dll
2011-11-03 22:31 . 2011-12-13 21:20	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}"= "c:\program files (x86)\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 2517088]
.
[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-04 19:20	1514152	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}"= "c:\program files (x86)\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 2517088]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-08-07 3077528]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-02 1242448]
"Akamai NetSession Interface"="c:\users\Pakawadee\AppData\Local\Akamai\netsession_win.exe" [2011-12-23 3334432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"P17RunE"="P17RunE.dll" [2008-03-28 14848]
"CTSysVol"="c:\program files (x86)\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-09-08 888488]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"ZoneAlarm"="c:\users\Pakawadee\Desktop\Programme\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-09 73360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\users\Pakawadee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-9-19 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-12 135664]
R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2010-12-27 79360]
R3 dump_wmimmc;dump_wmimmc;c:\spiele\Neuer Ordner\Dragonica\Release\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-12 135664]
R3 hxctlflt;hxctlflt;c:\windows\system32\DRIVERS\hxctlflt.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 X6va001;X6va001;c:\users\PAKAWA~1\AppData\Local\Temp\001EB59.tmp [x]
R4 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2009-10-29 332272]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2009-07-04 240160]
S3 netr28ux;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
2009-03-04 15:32	8192	----a-w-	c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-29 17:07]
.
2012-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-12 19:48]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-12 19:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2009-10-29 06:28	750064	----a-w-	c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-06 2114376]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-10-30 8151040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2613550
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360110sn16973554z95bh8k14300
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Pakawadee\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
FF - ProfilePath - c:\users\Pakawadee\AppData\Roaming\Mozilla\Firefox\Profiles\xjtxvbw6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2883880&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Abacho Customized Web Search
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - user.js: signed.applets.codebase_principal_support - true
/* To avoid the user interaction, add the following lines: */
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/
/* GLDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/
/* BGFR */
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/
/* BILD */
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/
/* BTUK */
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/
/* CLIC */
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/
/* COUK */
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/
/* MEDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/
/* EUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/
/* FUNR */
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/
/* GONE */
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/
/* GUDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/
/* META */
FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/
/* MNDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/
/* MNFR */
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/
/* MNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/
/* NCNU */
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/
/* QPUK */
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/
/* SFFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/
/* SPDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/
/* WOJ_ */
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.id - hxxp://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.id - hxxps://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.id - hxxp://prod.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.id - hxxps://prod.jeu.orange.fr/
user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.id,hxxps://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.id,hxxp://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.id,hxxps://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0010.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0010.id,hxxp://ads.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0011.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0011.id,hxxps://ads.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0012.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0012.id,hxxp://ag.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0013.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0013.id,hxxps://ag.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0014.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0014.id,hxxp://alice.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0015.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0015.id,hxxps://alice.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0016.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0016.id,hxxp://allocine.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0017.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0017.id,hxxps://allocine.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0018.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0018.id,hxxp://am.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0019.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0019.id,hxxps://am.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0020.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0020.id,hxxp://aol.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0021.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0021.id,hxxps://aol.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0022.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0022.id,hxxp://bc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0023.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0023.id,hxxps://bc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0024.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0024.id,hxxp://linternaute.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0025.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0025.id,hxxps://linternaute.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0026.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0026.id,hxxp://bild.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0027.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0027.id,hxxps://bild.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0028.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0028.id,hxxp://btvision.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0029.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0029.id,hxxps://btvision.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0030.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0030.id,hxxp://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0031.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0031.id,hxxp://cg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0032.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0032.id,hxxps://cg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0033.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0033.id,hxxp://cibleclick.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0034.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0034.id,hxxps://cibleclick.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0035.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0035.id,hxxp://cegetel.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0036.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0036.id,hxxps://cegetel.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0037.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0037.id,hxxp://choc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0038.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0038.id,hxxps://choc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0039.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0039.id,hxxp://cj.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0040.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0040.id,hxxps://cj.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0041.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0041.id,hxxp://cj.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0042.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0042.id,hxxps://cj.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0043.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0043.id,hxxp://cj.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0044.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0044.id,hxxps://cj.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0045.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0045.id,hxxp://cj.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0046.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0046.id,hxxps://cj.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0047.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0047.id,hxxp://metaboli.clubic.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0048.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0048.id,hxxps://metaboli.clubic.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0049.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0049.id,hxxp://metaboli.club-internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0050.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0050.id,hxxps://metaboli.club-internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0051.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0051.id,hxxp://coeur.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0052.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0052.id,hxxps://coeur.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0053.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0053.id,hxxp://come.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0054.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0054.id,hxxps://come.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0055.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0055.id,hxxp://lesaccros2.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0056.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0056.id,hxxps://lesaccros2.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0057.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0057.id,hxxp://surcouf.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0058.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0058.id,hxxps://surcouf.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0059.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0059.id,hxxp://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0060.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0060.id,hxxps://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0061.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0061.id,hxxp://cs.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0062.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0062.id,hxxps://cs.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0063.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0063.id,hxxp://custompc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0064.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0064.id,hxxps://custompc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0065.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0065.id,hxxp://cvg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0066.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0066.id,hxxps://cvg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0067.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0067.id,hxxp://daooda.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0068.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0068.id,hxxps://daooda.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0069.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0069.id,hxxp://daooda.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0070.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0070.id,hxxps://daooda.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0071.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0071.id,hxxp://daooda.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0072.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0072.id,hxxps://daooda.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0073.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0073.id,hxxp://digitaldownload.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0074.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0074.id,hxxps://digitaldownload.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0075.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0075.id,hxxp://eurogamer.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0076.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0076.id,hxxps://eurogamer.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0077.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0077.id,hxxp://eurogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0078.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0078.id,hxxps://eurogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0079.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0079.id,hxxp://exagame.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0080.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0080.id,hxxps://exagame.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0081.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0081.id,hxxp://fb.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0082.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0082.id,hxxps://fb.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0083.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0083.id,hxxp://fb.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0084.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0084.id,hxxps://fb.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0085.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0085.id,hxxp://fb.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0086.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0086.id,hxxps://fb.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0087.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0087.id,hxxp://firstcoffee.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0088.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0088.id,hxxps://firstcoffee.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0089.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0089.id,hxxp://fnac.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0090.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0090.id,hxxps://fnac.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0091.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0091.id,hxxp://fox.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0092.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0092.id,hxxps://fox.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0093.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0093.id,hxxp://fox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0094.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0094.id,hxxps://fox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0095.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0095.id,hxxp://fox.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0096.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0096.id,hxxps://fox.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0097.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0097.id,hxxp://free.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0098.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0098.id,hxxps://free.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0099.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0099.id,hxxp://funsta.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0100.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0100.id,hxxps://funsta.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0101.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0101.id,hxxp://funsta.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0102.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0102.id,hxxps://funsta.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0103.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0103.id,hxxp://metaboli.funradio.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0104.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0104.id,hxxps://metaboli.funradio.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0105.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0105.id,hxxp://fastweb.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0106.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0106.id,hxxps://fastweb.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0107.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0107.id,hxxp://god1.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0108.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0108.id,hxxps://god1.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0109.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0109.id,hxxp://god2.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0110.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0110.id,hxxps://god2.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0111.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0111.id,hxxp://god3.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0112.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0112.id,hxxps://god3.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0113.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0113.id,hxxp://gamona.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0114.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0114.id,hxxps://gamona.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0115.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0115.id,hxxp://giga.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0116.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0116.id,hxxps://giga.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0117.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0117.id,hxxp://gameseek.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0118.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0118.id,hxxps://gameseek.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0119.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0119.id,hxxp://www.gamesflatrate.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0120.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0120.id,hxxps://www.gamesflatrate.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0121.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0121.id,hxxp://games24.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0122.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0122.id,hxxps://games24.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0123.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0123.id,hxxp://ondemand.game.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0124.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0124.id,hxxps://ondemand.game.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0125.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0125.id,hxxp://google.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0126.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0126.id,hxxps://google.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0127.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0127.id,hxxp://google.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0128.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0128.id,hxxps://google.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0129.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0129.id,hxxp://gameone.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0130.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0130.id,hxxps://gameone.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0131.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0131.id,hxxp://google.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0132.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0132.id,hxxps://google.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0133.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0133.id,hxxp://goog.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0134.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0134.id,hxxps://goog.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0135.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0135.id,hxxp://google.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0136.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0136.id,hxxps://google.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0137.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0137.id,hxxp://gameplay.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0138.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0138.id,hxxps://gameplay.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0139.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0139.id,hxxp://gamesonradar.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0140.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0140.id,hxxps://gamesonradar.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0141.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0141.id,hxxp://gameshadow.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0142.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0142.id,hxxps://gameshadow.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0143.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0143.id,hxxp://gametap.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0144.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0144.id,hxxps://gametap.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0145.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0145.id,hxxp://gametap2.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0146.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0146.id,hxxps://gametap2.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0147.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0147.id,hxxp://gamespot.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0148.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0148.id,hxxps://gamespot.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0149.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0149.id,hxxp://gamerunlimited.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0150.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0150.id,hxxps://gamerunlimited.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0151.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0151.id,hxxp://guts.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0152.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0152.id,hxxps://guts.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0153.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0153.id,hxxp://gameswelt.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0154.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0154.id,hxxps://gameswelt.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0155.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0155.id,hxxp://gmx.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0156.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0156.id,hxxps://gmx.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0157.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0157.id,hxxp://hoaxbuster.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0158.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0158.id,hxxps://hoaxbuster.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0159.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0159.id,hxxp://incgamers.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0160.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0160.id,hxxps://incgamers.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0161.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0161.id,hxxp://imbogames.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0162.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0162.id,hxxps://imbogames.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0163.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0163.id,hxxp://ja.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0164.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0164.id,hxxps://ja.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0165.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0165.id,hxxp://janews.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0166.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0166.id,hxxps://janews.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0167.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0167.id,hxxp://jvfr.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0168.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0168.id,hxxps://jvfr.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0169.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0169.id,hxxp://jeux-pc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0170.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0170.id,hxxps://jeux-pc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0171.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0171.id,hxxp://kelkoo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0172.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0172.id,hxxps://kelkoo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0173.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0173.id,hxxp://gamekult.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0174.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0174.id,hxxps://gamekult.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0175.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0175.id,hxxp://ld.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0176.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0176.id,hxxps://ld.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0177.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0177.id,hxxp://leguide.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0178.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0178.id,hxxps://leguide.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0179.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0179.id,hxxp://leguide.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0180.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0180.id,hxxps://leguide.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0181.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0181.id,hxxp://leguide.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0182.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0182.id,hxxps://leguide.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0183.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0183.id,hxxp://leguide.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0184.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0184.id,hxxps://leguide.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0185.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0185.id,hxxp://jeuvideo.m6jeux.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0186.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0186.id,hxxps://jeuvideo.m6jeux.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0187.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0187.id,hxxp://magcity.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0188.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0188.id,hxxps://magcity.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0189.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0189.id,hxxp://medion.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0190.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0190.id,hxxps://medion.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0191.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0191.id,hxxp://medion.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0192.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0192.id,hxxps://medion.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0193.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0193.id,hxxp://www.metaboli.de);
         

Antwort

Themen zu PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht
.dll, anleitung, bluescreen, boot-cd, booten, booten mit otlpe, direkt, dwlgina3.dll, englisch, erstell, erstellt, forum, funktioniert, funktioniert nicht, nichts, pc startet nicht, problem, starte, starten, startet, startet nicht, system, thema, verhindern, versuche, versucht, virus, windows, windows 7, windows-xp



Ähnliche Themen: PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht


  1. GVU Trojaner auf windows8 , booten funktioniert nicht richtig
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (3)
  2. Windows XP startet nicht - Recovery-CD funktioniert nicht
    Alles rund um Windows - 16.03.2014 (3)
  3. Windows 7 weißer Sperrbildschirm/ Abgesicherter Modus funktioniert nicht / LogFile mit OTLPE erstellt
    Log-Analyse und Auswertung - 04.11.2013 (27)
  4. Windows 7 - Weißer Bildschirm nach Anmeldung - OTLPE funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (8)
  5. Booten von DVD funktioniert nicht
    Alles rund um Windows - 03.11.2012 (6)
  6. nach UKASH Trojaner startet windows nicht mehr, kaspersky rescue disc funktioniert nicht
    Log-Analyse und Auswertung - 26.03.2012 (3)
  7. Bundespolizeivirus - Windows startet nicht mehr - OTLPE genutzt - Logfile erstellt
    Log-Analyse und Auswertung - 24.03.2012 (1)
  8. Computer startet nicht mehr, dwlgina3.dll wurde nicht gefunden
    Log-Analyse und Auswertung - 23.02.2012 (29)
  9. dwlgina3.dll, vista startet nicht mehr
    Log-Analyse und Auswertung - 31.01.2012 (5)
  10. Rechner startet nicht, weil er die dwlgina3.dll datei nicht findet
    Log-Analyse und Auswertung - 27.01.2012 (41)
  11. can not find dwlgina3.dll. windows 7 startet nicht.
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (7)
  12. BKA Trojaner / Booten von OTLPE nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 06.09.2011 (42)
  13. BKA Trojaner, booten mit OTLPE funktioniert nicht =(
    Plagegeister aller Art und deren Bekämpfung - 30.07.2011 (10)
  14. Habe den BKA- Virus. schaffe es nicht die cd mit OTLPE zu booten. es öffnet sich reatogo x pe
    Log-Analyse und Auswertung - 27.07.2011 (29)
  15. Metropolitan Police Virus - OTLPE funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 20.06.2011 (8)
  16. Metropolitan Police - OTLPE startet nicht
    Plagegeister aller Art und deren Bekämpfung - 20.06.2011 (0)
  17. Booten von OTLPE-Cd funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (2)

Zum Thema PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht - Hallo! Wir haben das gleiche Problem / den gleichen Virus wie in diesem Thema : http://www.trojaner-board.de/107995-...ei-findet.html Ich habe alles genau nach Ihrer Anleitung versucht und bin soweit, dass ich die - PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht...
Archiv
Du betrachtest: PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.