|  | 
| 
 | |||||||
| Log-Analyse und Auswertung: Mein pc stürzt ab bei spielen mit guter grafikWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. | 
|  29.04.2011, 02:41 | #1 | 
|  |   Mein pc stürzt ab bei spielen mit guter grafik das Extra-Notepad   OTL Extras logfile created on: 4/29/2011 3:18:32 AM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dimitri\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97.66 Gb Total Space | 8.92 Gb Free Space | 9.13% Space Free | Partition Type: NTFS Drive D: | 368.10 Gb Total Space | 221.49 Gb Free Space | 60.17% Space Free | Partition Type: NTFS Computer Name: DIMITRI-PC | User Name: Dimitri | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24 "{2881063B-C58F-49EB-97FD-8BF58EC580F9}" = Nitro PDF Reader "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.2 "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R) "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars "{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04 "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010 "{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox! "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "BitTorrent" = BitTorrent "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "Crysis Warhead_is1" = Crysis Warhead "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324 "GamersFirst LIVE!" = GamersFirst LIVE! "GamersFirst War Rock" = War Rock "InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM) "JDownloader" = JDownloader "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de) "NVIDIA Drivers" = NVIDIA Drivers "Uninstall_is1" = Uninstall 1.0.0.1 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.00 (32-Bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 3/26/2011 3:45:04 AM | Computer Name = ***-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Users\Dimitri\AppData\Local\Temp\RarSFX0\redist.dll". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 3/26/2011 2:00:01 PM | Computer Name = ***-PC | Source = VSS | ID = 8194 Description = Error - 3/26/2011 2:00:04 PM | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary ALLOW-IO. System Error: The system cannot find the file specified. . Error - 3/27/2011 6:57:24 PM | Computer Name = ***-PC | Source = VSS | ID = 8194 Description = Error - 4/11/2011 2:31:27 AM | Computer Name = ***-PC | Source = Application Error | ID = 1000 Description = Faulting application name: PMB.exe, version: 2.3.3.6, time stamp: 0x4b575878 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae Exception code: 0xe06d7363 Fault offset: 0x00009617 Faulting process id: 0x858 Faulting application start time: 0x01cbf769bc5365c0 Faulting application path: C:\Program Files\Pando Networks\Media Booster\PMB.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 53a456c0-6405-11e0-80c5-00183705948a Error - 4/13/2011 6:35:01 PM | Computer Name = ***-PC | Source = BugSplat | ID = 1 Description = Error - 4/28/2011 8:21:46 PM | Computer Name = ***-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 4/28/2011 8:21:46 PM | Computer Name = ***-PC | Source = .NET Runtime Optimization Service | ID = 1111 Description = Error - 4/29/2011 3:03:59 AM | Computer Name = ***-PC | Source = VSS | ID = 8194 Description = [ System Events ] Error - 4/29/2011 2:54:24 AM | Computer Name = ***-PC | Source = DCOM | ID = 10010 Description = Error - 4/29/2011 3:02:34 AM | Computer Name = ***-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 00:00:51 on ?29.?04.?2011 was unexpected. Error - 4/29/2011 3:18:36 AM | Computer Name = ***-PC | Source = BugCheck | ID = 1001 Description = Error - 4/29/2011 3:32:58 AM | Computer Name = ***-PC | Source = Service Control Manager | ID = 7022 Description = The Windows Media Player Network Sharing Service service hung on starting. Error - 4/29/2011 3:35:28 AM | Computer Name = ***-PC | Source = Microsoft-Windows-Kernel-Power | ID = 86 Description = The system was shut down due to a critical thermal event. Shutdown Time = 2011-04-29T07:35:28.429600000Z ACPI Thermal Zone = ACPI\ThermalZone\THRM _CRT = 363K Error - 4/29/2011 3:36:40 AM | Computer Name = ***-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 00:35:27 on ?29.?04.?2011 was unexpected. Error - 4/29/2011 6:04:33 AM | Computer Name = ***-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 03:03:26 on ?29.?04.?2011 was unexpected. Error - 4/29/2011 6:08:10 AM | Computer Name = ***-PC | Source = Microsoft-Windows-Kernel-Power | ID = 86 Description = The system was shut down due to a critical thermal event. Shutdown Time = 2011-04-29T10:08:10.704400000Z ACPI Thermal Zone = ACPI\ThermalZone\THRM _CRT = 363K Error - 4/29/2011 6:09:24 AM | Computer Name = ***-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 03:07:25 on ?29.?04.?2011 was unexpected. Error - 4/29/2011 6:14:02 AM | Computer Name = ***-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 03:12:16 on ?29.?04.?2011 was unexpected. < End of report > das otl -notepadOTL logfile created on: 4/29/2011 3:18:32 AM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dimitri\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97.66 Gb Total Space | 8.92 Gb Free Space | 9.13% Space Free | Partition Type: NTFS Drive D: | 368.10 Gb Total Space | 221.49 Gb Free Space | 60.17% Space Free | Partition Type: NTFS Computer Name: DIMITRI-PC | User Name: Dimitri | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe () PRC - C:\Users\***\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe (Nitro PDF Software) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Dimitri\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (NitroReaderDriverReadSpool) -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe (Nitro PDF Software) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 99 9D 36 89 EB CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/26 18:56:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/03 17:18:15 | 000,000,000 | ---D | M] [2011/03/26 18:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dimitri\AppData\Roaming\Mozilla\Extensions [2011/03/26 19:13:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\dogzgjjt.default\extensions [2011/03/26 19:13:05 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\dogzgjjt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/03/31 22:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/03/27 16:12:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011/03/30 21:56:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/03/31 22:33:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2011/03/18 10:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010/01/01 01:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml [2010/01/01 01:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010/01/01 01:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010/01/01 01:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010/01/01 01:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - Startup: C:\Users\Dimitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dimitri\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{7e0ec3c7-5783-11e0-8abe-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7e0ec3c7-5783-11e0-8abe-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Launch.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/04/29 03:16:57 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Dimitri\Desktop\OTL.exe [2011/04/29 02:55:30 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\Desktop\Nw3 [2011/04/28 23:48:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2011/04/28 23:48:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011/04/28 23:48:27 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011/04/28 23:48:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011/04/28 23:48:25 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011/04/28 23:48:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011/04/28 23:48:20 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011/04/28 23:48:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011/04/28 23:48:19 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/04/28 23:48:19 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011/04/28 23:48:19 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011/04/28 23:48:19 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011/04/28 23:48:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/04/28 23:48:19 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011/04/28 23:48:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/04/28 23:48:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011/04/28 23:48:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011/04/28 23:48:06 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll [2011/04/28 23:48:06 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2011/04/28 23:48:06 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2011/04/28 23:47:44 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011/04/28 23:47:42 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2011/04/28 23:47:40 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011/04/28 23:47:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011/04/28 23:47:34 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011/04/28 23:46:20 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011/04/28 23:46:20 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011/04/28 23:43:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{796DEC96-22F0-45F6-B36E-2A7D0C6DA349} [2011/04/28 23:42:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011/04/28 23:34:16 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\InstallShield [2011/04/28 21:30:50 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\New folder (2) [2011/04/28 17:30:11 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Prototype [2011/04/28 17:09:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{158E96BB-0A36-41D4-BEB7-0D97C148742B} [2011/04/28 09:51:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{8EB80022-D0DD-4ACB-A786-5C98822095EA} [2011/04/28 01:37:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{7E8283AF-B33D-4CD7-B32C-E659278FF7D5} [2011/04/13 15:34:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C4F44F54-0541-4E52-B9D9-EA2C8DF9E6BE} [2011/04/13 10:25:47 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Alpha [2011/04/13 10:25:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{01F85EDD-0031-4389-9476-D84CA2842806} [2011/04/12 13:42:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{D561644A-A182-4C0B-AC88-51B13B09F919} [2011/04/11 07:15:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ElevatedDiagnostics [2011/04/10 10:16:35 | 000,000,000 | ---D | C] -- C:\Users\D***\AppData\Local\{7069B1D4-62B4-4069-ACD6-3BDA181627CA} [2011/04/10 03:50:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Nitro PDF [2011/04/10 03:12:53 | 000,026,416 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon.dll [2011/04/10 03:12:53 | 000,017,712 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui.dll [2011/04/10 03:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF [2011/04/10 03:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF [2011/04/09 23:22:02 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\My Games [2011/04/09 23:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis Warhead [2011/04/09 22:21:53 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Roaming\bizarre creations [2011/04/09 22:21:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2011/04/09 22:21:04 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2011/04/09 22:21:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2011/04/09 22:21:03 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2011/04/09 22:21:03 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2011/04/09 22:21:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2011/04/09 22:21:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2011/04/09 22:21:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2011/04/09 22:21:03 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2011/04/09 22:21:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2011/04/09 22:21:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2011/04/09 22:21:02 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2011/04/09 22:21:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2011/04/09 22:21:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2011/04/09 22:21:01 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2011/04/09 22:21:01 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2011/04/09 22:21:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2011/04/09 22:21:01 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2011/04/09 22:21:01 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2011/04/09 22:21:01 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2011/04/09 22:21:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2011/04/09 22:21:01 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2011/04/09 22:21:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2011/04/09 22:21:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2011/04/09 22:21:00 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2011/04/09 22:21:00 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2011/04/09 22:21:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2011/04/09 22:21:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2011/04/09 22:21:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2011/04/09 22:21:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2011/04/09 22:21:00 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2011/04/09 22:21:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2011/04/09 22:21:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2011/04/09 22:20:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2011/04/09 22:20:59 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2011/04/09 22:20:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2011/04/09 22:20:59 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2011/04/09 22:20:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2011/04/09 22:20:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2011/04/09 22:20:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2011/04/09 22:20:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2011/04/09 22:20:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2011/04/09 22:20:58 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2011/04/09 22:20:58 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2011/04/09 22:20:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2011/04/09 22:20:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2011/04/09 22:20:58 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2011/04/09 22:20:57 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2011/04/09 22:20:57 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2011/04/09 22:20:57 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2011/04/09 22:20:57 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2011/04/09 22:20:56 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2011/04/09 22:20:56 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2011/04/09 22:20:56 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2011/04/09 22:20:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2011/04/09 22:20:56 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2011/04/09 22:20:56 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2011/04/09 22:20:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2011/04/09 22:20:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2011/04/09 22:20:55 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2011/04/09 22:20:55 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2011/04/09 22:20:55 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2011/04/09 22:20:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2011/04/09 22:20:55 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2011/04/09 22:20:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2011/04/09 22:20:54 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2011/04/09 22:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur(TM) [2011/04/09 22:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information [2011/04/09 19:22:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{5A289F9A-A8B6-4230-9FFB-EB55B14C39C5} [2011/04/09 11:43:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{FF9EE843-4962-41D3-9944-89C4C744F1C8} [2011/04/09 08:43:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{4FC68405-E875-43F6-9A69-8B763AE4BE3A} [2011/04/08 10:50:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{46434D5E-BB5F-447C-9663-9F757B20B683} [2011/04/07 11:49:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{FEE43D24-C43D-4C86-9289-4C17CC9FD6DD} [2011/04/05 14:07:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{1A9C5563-548D-472F-BD51-1645DFF70D0D} [2011/04/04 21:33:42 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\New folder [2011/04/04 15:53:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{487907FC-F596-4531-9387-0C4919680E76} [2011/04/03 19:16:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2011/04/03 19:16:19 | 000,000,000 | ---D | C] -- C:\Users\***\.thumbnails [2011/04/03 10:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\***\AppData\Local\{70421F2E-7541-4DC3-A6A6-8C3D698E251C} [2011/04/02 22:19:37 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\Documents\gegl-0.0 [2011/04/02 22:19:37 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\.gimp-2.6 [2011/04/02 20:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011/04/02 20:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2011/04/02 13:38:00 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\{D682D2E2-C77A-4183-97F3-6918E8B86954} [2011/04/01 23:47:17 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\{7992C6D1-A43C-4B59-AFB5-35E61B7315A6} [2011/04/01 10:59:38 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\{0388C6C5-CDFB-4B3D-A403-A1330FBC16C0} [2011/03/31 22:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011/03/31 22:33:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/03/31 22:33:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/03/31 22:33:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/03/31 17:38:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{6C3DAA44-B18B-46D2-B5ED-8F98514D8145} [2011/03/30 22:00:19 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DESKOPT [2011/03/30 21:58:54 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2011/03/30 21:57:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011/03/30 21:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2011/03/30 21:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011/03/30 21:56:18 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011/03/30 21:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/03/30 18:12:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{B10686D6-06BD-44BC-BCC3-19780E5DB8BD} [2011/03/30 16:11:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{AEAA7ABB-C8A7-42DD-8ABF-65600F65F60B} [2011/03/30 16:11:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{5F906E6F-48C8-41F2-B6AA-700F93B0BDB3} ========== Files - Modified Within 30 Days ========== [2011/04/29 03:18:22 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/04/29 03:18:22 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/04/29 03:17:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dimitri\Desktop\OTL.exe [2011/04/29 03:14:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/04/29 03:13:55 | 1559,142,400 | -HS- | M] () -- C:\hiberfil.sys [2011/04/29 03:01:01 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1667241585-3745313624-1476325285-1001UA.job [2011/04/29 02:13:53 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1667241585-3745313624-1476325285-1001Core.job [2011/04/29 00:43:50 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/29 00:43:50 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/29 00:28:50 | 000,292,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/04/29 00:18:26 | 184,594,194 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011/04/28 17:35:59 | 000,001,114 | ---- | M] () -- C:\Users\***\Desktop\Prototype.lnk [2011/04/13 13:07:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011/04/12 22:00:27 | 002,709,632 | ---- | M] () -- C:\Users\***\Desktop\Afrojack Feat. Eva Simons - Take Over Control (Official Video HD).mp3 [2011/04/10 03:17:34 | 000,000,550 | ---- | M] () -- C:\Users\Public\Desktop\War Rock.lnk [2011/04/09 23:20:52 | 000,000,761 | ---- | M] () -- C:\Users\***\Desktop\Crysis Warhead.lnk [2011/04/04 22:03:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf [2011/04/03 19:25:56 | 000,002,716 | ---- | M] () -- C:\Users\***\.recently-used.xbel [2011/04/02 20:56:20 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011/03/30 21:59:23 | 000,001,197 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011/03/30 21:57:55 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk ========== Files Created - No Company Name ========== [2011/04/29 00:18:26 | 184,594,194 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011/04/28 23:53:09 | 000,001,114 | ---- | C] () -- C:\Users\***\Desktop\Prototype.lnk [2011/04/13 13:07:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011/04/12 22:00:11 | 002,709,632 | ---- | C] () -- C:\Users\***\Desktop\Afrojack Feat. Eva Simons - Take Over Control (Official Video HD).mp3 [2011/04/10 03:17:34 | 000,000,550 | ---- | C] () -- C:\Users\Public\Desktop\War Rock.lnk [2011/04/10 03:12:51 | 000,002,491 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro PDF Reader.lnk [2011/04/09 23:20:52 | 000,000,761 | ---- | C] () -- C:\Users\***\Desktop\Crysis Warhead.lnk [2011/04/04 22:03:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf [2011/04/03 19:25:56 | 000,002,716 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2011/04/02 20:56:20 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011/03/30 21:59:23 | 000,001,197 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011/03/30 21:57:55 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011/03/27 16:13:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009/07/13 21:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 21:33:53 | 000,292,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/13 19:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/13 19:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/13 19:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/13 19:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/13 19:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/13 19:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/13 17:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009/07/13 16:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 16:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008/06/05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll ========== LOP Check ========== [2011/03/27 22:55:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BitTorrent [2011/04/09 22:21:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\bizarre creations [2011/03/26 19:13:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2011/04/03 19:25:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2011/04/10 03:50:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nitro PDF [2011/04/10 03:11:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy [2011/03/30 21:58:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2011/03/28 18:05:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TubeBox [2011/03/26 11:00:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Uniblue [2009/07/13 21:53:46 | 000,018,966 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > das scan-notepad:: netsvcsmsconfig %SYSTEMDRIVE%\*. %PROGRAMFILES%\*.exe %LOCALAPPDATA%\*.exe %systemroot%\*. /mp /s /md5start explorer.exe winlogon.exe wininit.exe userinit.exe /md5stop HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs CREATERESTOREPOINT | 
| Themen zu Mein pc stürzt ab bei spielen mit guter grafik | 
| 32-bit, adobe, assembly, autorun, bho, converter, defender, error, explorer, failed, firefox, flash player, format, google, google chrome, install.exe, installation, jdownloader, langs, location, logfile, mozilla, mp3, nvlddmkm.sys, oldtimer, plug-in, rarsfx0, registry, rundll, saver, scan, searchplugins, security, shell32.dll, shut down, software, spielen, start menu, system error, taskhost.exe, temp, tubebox, usb, webcheck, windows |