jap 64
Malwarebytes Log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4634
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
17.09.2010 09:09:01
mbam-log-2010-09-17 (09-09-01).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 285003
Laufzeit: 1 Stunde(n), 50 Minute(n), 30 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
----------------------
EXTRA.TXTOTL Logfile: Code:
OTL Extras logfile created on: 17.09.2010 14:56:19 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\REINER\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,13 Gb Total Space | 245,72 Gb Free Space | 86,18% Space Free | Partition Type: NTFS
Drive D: | 12,76 Gb Total Space | 2,11 Gb Free Space | 16,57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REINER-PC
Current User Name: REINER
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}" = muvee Reveal
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}" = HP Support Assistant
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = SMART BRO
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"EasyBits Magic Desktop" = Magic Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.1.2
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.08.2010 13:37:44 | Computer Name = REINER-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 17.08.2010 13:40:10 | Computer Name = REINER-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 17.08.2010 13:40:31 | Computer Name = REINER-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax.
Error - 19.08.2010 06:04:26 | Computer Name = REINER-PC | Source = Application Hang | ID = 1002
Description = Programm Worm Food.exe, Version 5.0.30.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 63c Startzeit:
01cb3f85dba84d0a Endzeit: 2 Anwendungspfad: E:\200 Free Best Flash Game\Worm Food.exe
Berichts-ID:
24438235-ab79-11df-b323-c80aa93778ce
Error - 19.08.2010 06:06:24 | Computer Name = REINER-PC | Source = Application Hang | ID = 1002
Description = Programm 3D Net Blazer.exe, Version 5.0.30.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 12b8 Startzeit: 01cb3f860f4ad280 Endzeit: 24 Anwendungspfad:
E:\200 Free Best Flash Game\3D Net Blazer.exe Berichts-ID: 6aa0c8eb-ab79-11df-b323-c80aa93778ce
Error - 19.08.2010 06:06:56 | Computer Name = REINER-PC | Source = Application Hang | ID = 1002
Description = Programm 9 Ball.exe, Version 5.0.30.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 7a8 Startzeit:
01cb3f8633bef1b7 Endzeit: 2 Anwendungspfad: E:\200 Free Best Flash Game\9 Ball.exe
Berichts-ID:
7e8ec6ac-ab79-11df-b323-c80aa93778ce
Error - 21.08.2010 02:11:23 | Computer Name = REINER-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16434 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: ad4 Startzeit: 01cb40f6fc08a636 Endzeit: 60000 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: bf7e3496-acea-11df-b1a7-c80aa93778ce
Error - 22.08.2010 10:43:08 | Computer Name = REINER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
Symantec Eraser Control driver. System Error: Das System kann die angegebene Datei
nicht finden. .
Error - 22.08.2010 10:43:08 | Computer Name = REINER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
Symantec Iron Driver. System Error: Das System kann die angegebene Datei nicht finden.
.
Error - 22.08.2010 10:43:08 | Computer Name = REINER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
Symantec Vista Network Dispatch Driver. System Error: Das System kann die angegebene
Datei nicht finden. .
[ System Events ]
Error - 24.08.2010 08:41:21 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 24.08.2010 19:28:13 | Computer Name = REINER-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{0D9B53B0-80B3-443D-9986-3C32061298B9} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 25.08.2010 03:01:48 | Computer Name = REINER-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{0D9B53B0-80B3-443D-9986-3C32061298B9} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 25.08.2010 08:34:48 | Computer Name = REINER-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{0D9B53B0-80B3-443D-9986-3C32061298B9} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 25.08.2010 09:06:30 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 25.08.2010 15:25:08 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 2 Mal passiert.
Error - 27.08.2010 11:06:41 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 27.08.2010 23:40:20 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 29.08.2010 04:24:51 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 31.08.2010 10:56:53 | Computer Name = REINER-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
< End of report > --- --- ---
----------------------
OTL.TXTOTL Logfile: Code:
OTL logfile created on: 17.09.2010 14:56:19 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\REINER\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,13 Gb Total Space | 245,72 Gb Free Space | 86,18% Space Free | Partition Type: NTFS
Drive D: | 12,76 Gb Total Space | 2,11 Gb Free Space | 16,57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REINER-PC
Current User Name: REINER
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\REINER\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\SMART BRO\Modem.exe (ZTE Corporation)
PRC - C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe ()
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
========== Modules (SafeList) ==========
MOD - C:\Users\REINER\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found
SRV:64bit: - (Autorun CDROM Monitor) -- C:\Windows\SysNative\SupportAppXL\cdrom_mon.exe File not found
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Autorun CDROM Monitor) -- C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe ()
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys File not found
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com?o=10148&l=dis
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {c36177c0-224a-11da-8cd6-0800200c9a66}:2.0.0
FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.17 06:56:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.17 06:56:20 | 000,000,000 | ---D | M]
[2010.07.31 23:57:45 | 000,000,000 | ---D | M] -- C:\Users\REINER\AppData\Roaming\mozilla\Extensions
[2010.09.16 21:17:18 | 000,000,000 | ---D | M] -- C:\Users\REINER\AppData\Roaming\mozilla\Firefox\Profiles\bvoe8gbk.default\extensions
[2010.08.10 20:12:09 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\REINER\AppData\Roaming\mozilla\Firefox\Profiles\bvoe8gbk.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2010.08.29 16:21:15 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\REINER\AppData\Roaming\mozilla\Firefox\Profiles\bvoe8gbk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.23 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\REINER\AppData\Roaming\mozilla\Firefox\Profiles\bvoe8gbk.default\extensions\webmaster@keep-tube.com
[2010.08.24 18:59:59 | 000,002,393 | ---- | M] () -- C:\Users\REINER\AppData\Roaming\Mozilla\FireFox\Profiles\bvoe8gbk.default\searchplugins\askcom.xml
[2010.08.02 12:15:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.08.02 12:15:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.17 06:56:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.17 06:56:17 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.17 06:56:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.17 06:56:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.17 06:56:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.11 04:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\REINER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{72890cb1-a90f-11df-8447-c80aa93778ce}\Shell - "" = AutoRun
O33 - MountPoints2\{72890cb1-a90f-11df-8447-c80aa93778ce}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.17 14:52:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\REINER\Desktop\OTL.exe
[2010.09.17 07:05:09 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Roaming\Malwarebytes
[2010.09.17 07:04:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.17 07:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.17 07:04:52 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.17 07:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.16 22:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.09.16 22:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.09.01 23:30:50 | 000,000,000 | ---D | C] -- C:\Users\REINER\Desktop\Hi
[2010.09.01 23:30:46 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Roaming\WinRAR
[2010.09.01 23:30:39 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.09.01 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Local\ElevatedDiagnostics
[2010.09.01 00:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.09.01 00:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.09.01 00:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.08.29 21:37:16 | 000,000,000 | R-SD | C] -- C:\Users\REINER\Documents\My Stationery
[2010.08.29 16:58:30 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Roaming\TeamViewer
[2010.08.29 16:58:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.08.28 21:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010.08.28 10:16:51 | 000,000,000 | ---D | C] -- C:\Users\REINER\Documents\OneNote-Notizbücher
[2010.08.28 01:49:21 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Roaming\dvdcss
[2010.08.28 01:47:35 | 000,000,000 | -H-D | C] -- C:\Users\REINER\Desktop\ANGULIMALA
[2010.08.25 23:09:09 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Local\Diagnostics
[2010.08.25 00:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2010.08.24 16:22:12 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Roaming\PhotoFiltre
[2010.08.24 16:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010.08.24 16:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre
[2010.08.22 21:43:48 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.08.22 21:43:46 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.08.22 21:43:46 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.08.22 21:43:46 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.08.22 21:43:45 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.08.22 21:43:29 | 000,000,000 | ---D | C] -- C:\Users\REINER\AppData\Roaming\TuneUp Software
[2010.08.22 21:43:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010
[2010.08.22 21:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.08.22 21:42:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.08.22 21:01:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
========== Files - Modified Within 30 Days ==========
[2010.09.17 14:57:55 | 005,767,168 | -HS- | M] () -- C:\Users\REINER\NTUSER.DAT
[2010.09.17 14:53:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\REINER\Desktop\OTL.exe
[2010.09.17 09:54:50 | 000,017,309 | ---- | M] () -- C:\Users\REINER\Desktop\OJJKKL.jpg
[2010.09.17 09:45:39 | 000,073,516 | ---- | M] () -- C:\Users\REINER\Desktop\Perfect072.jpg
[2010.09.17 07:33:11 | 000,198,986 | ---- | M] () -- C:\Users\REINER\Desktop\Foto5435
[2010.09.17 07:04:56 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.17 07:01:54 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.17 07:01:53 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.17 06:59:22 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.17 06:59:22 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.17 06:59:22 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.17 06:59:22 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.17 06:59:22 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.17 06:54:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.17 06:54:15 | 3195,211,776 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.17 06:05:08 | 004,928,275 | -H-- | M] () -- C:\Users\REINER\AppData\Local\IconCache.db
[2010.09.16 22:04:39 | 000,001,258 | ---- | M] () -- C:\Users\REINER\Desktop\Spybot - Search & Destroy.lnk
[2010.09.15 01:30:51 | 000,007,603 | ---- | M] () -- C:\Users\REINER\AppData\Local\Resmon.ResmonCfg
[2010.09.15 01:10:40 | 000,119,471 | ---- | M] () -- C:\Users\REINER\Desktop\b3070c17dc.jpg
[2010.09.15 00:36:41 | 000,039,214 | ---- | M] () -- C:\Users\REINER\Desktop\Unbenannt.JPG
[2010.09.14 22:33:49 | 000,010,511 | ---- | M] () -- C:\Users\REINER\Desktop\bigeyedbunny.jpg
[2010.09.02 15:00:07 | 005,399,638 | ---- | M] () -- C:\Users\REINER\Desktop\Untitled 1.png
[2010.09.02 02:21:04 | 005,660,840 | ---- | M] () -- C:\Users\REINER\Desktop\Luffy_Gear_Second_by_AsilaydyingJohnyyy.jpg
[2010.09.01 16:10:04 | 002,095,311 | ---- | M] () -- C:\Users\REINER\Desktop\aa45494d56.gif
[2010.09.01 00:27:20 | 000,001,572 | ---- | M] () -- C:\Users\REINER\Desktop\DivX Movies.lnk
[2010.09.01 00:01:24 | 099,433,646 | ---- | M] () -- C:\Users\REINER\Desktop\yyy.wav
[2010.09.01 00:01:15 | 000,000,000 | ---- | M] () -- C:\Users\REINER\Desktop\sfds-backup1.wav
[2010.08.31 23:59:28 | 000,994,380 | ---- | M] () -- C:\Users\REINER\Desktop\sfds.wav
[2010.08.31 22:50:39 | 000,055,533 | ---- | M] () -- C:\Users\REINER\Desktop\sonstige15.jpg
[2010.08.29 23:06:36 | 000,123,349 | ---- | M] () -- C:\Users\REINER\Desktop\Untitled 5.png
[2010.08.29 22:58:15 | 000,097,917 | ---- | M] () -- C:\Users\REINER\Desktop\paedtidt.jpg
[2010.08.29 22:47:50 | 000,126,469 | ---- | M] () -- C:\Users\REINER\Desktop\stock-vector-sanskrit-seamless-vector-wallpaper-based-on-ancient-oriental-manuscript-3591956.jpg
[2010.08.29 21:37:06 | 000,089,484 | ---- | M] () -- C:\Users\REINER\Desktop\l_80a41e8a03d242e999f26b8a1783847c.jpg
[2010.08.29 21:21:27 | 000,168,957 | ---- | M] () -- C:\Users\REINER\Desktop\wheeloflife.jpg
[2010.08.29 16:58:26 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.08.28 10:16:50 | 000,001,352 | ---- | M] () -- C:\Users\REINER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2010.08.28 01:57:47 | 000,000,004 | ---- | M] () -- C:\Users\REINER\Desktop\vvbcb.ps
[2010.08.27 21:58:34 | 005,234,732 | ---- | M] () -- C:\Users\REINER\Desktop\angulimala.wav
[2010.08.27 18:38:35 | 015,186,988 | ---- | M] () -- C:\Users\REINER\Desktop\TiSarana.wav
[2010.08.27 18:23:07 | 002,106,293 | ---- | M] () -- C:\Users\REINER\Desktop\Unbenannt.wma
[2010.08.26 01:07:04 | 000,039,589 | ---- | M] () -- C:\Users\REINER\Desktop\51C463CDJ1L.jpg
[2010.08.25 07:18:27 | 000,552,753 | ---- | M] () -- C:\Users\REINER\Desktop\A Chinese Ghost Story Theme.wma
[2010.08.25 00:32:41 | 000,000,943 | ---- | M] () -- C:\Users\REINER\Desktop\Audacity.lnk
[2010.08.23 21:42:14 | 367,749,464 | ---- | M] () -- C:\Windows\MEMORY.DMP
========== Files Created - No Company Name ==========
[2010.09.17 09:54:48 | 000,017,309 | ---- | C] () -- C:\Users\REINER\Desktop\OJJKKL.jpg
[2010.09.17 09:45:38 | 000,073,516 | ---- | C] () -- C:\Users\REINER\Desktop\Perfect072.jpg
[2010.09.17 09:08:32 | 000,053,901 | ---- | C] () -- C:\Users\REINER\Desktop\nix
[2010.09.17 09:06:38 | 000,065,214 | ---- | C] () -- C:\Users\REINER\Desktop\nix
[2010.09.17 07:32:32 | 000,198,986 | ---- | C] () -- C:\Users\REINER\Desktop\nix
[2010.09.17 07:04:56 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.16 22:04:39 | 000,001,258 | ---- | C] () -- C:\Users\REINER\Desktop\Spybot - Search & Destroy.lnk
[2010.09.15 01:10:39 | 000,119,471 | ---- | C] () -- C:\Users\REINER\Desktop\b3070c17dc.jpg
[2010.09.15 00:36:41 | 000,039,214 | ---- | C] () -- C:\Users\REINER\Desktop\Unbenannt.JPG
[2010.09.14 22:33:47 | 000,010,511 | ---- | C] () -- C:\Users\REINER\Desktop\bigeyedbunny.jpg
[2010.09.02 15:00:01 | 005,399,638 | ---- | C] () -- C:\Users\REINER\Desktop\Untitled 1.png
[2010.09.02 02:20:24 | 005,660,840 | ---- | C] () -- C:\Users\REINER\Desktop\Luffy_Gear_Second_by_AsilaydyingJohnyyy.jpg
[2010.09.01 16:07:32 | 002,095,311 | ---- | C] () -- C:\Users\REINER\Desktop\aa45494d56.gif
[2010.09.01 00:27:20 | 000,001,572 | ---- | C] () -- C:\Users\REINER\Desktop\DivX Movies.lnk
[2010.09.01 00:01:21 | 099,433,646 | ---- | C] () -- C:\Users\REINER\Desktop\yyy.wav
[2010.09.01 00:01:15 | 000,000,000 | ---- | C] () -- C:\Users\REINER\Desktop\sfds-backup1.wav
[2010.08.31 23:59:28 | 000,994,380 | ---- | C] () -- C:\Users\REINER\Desktop\sfds.wav
[2010.08.31 22:50:39 | 000,055,533 | ---- | C] () -- C:\Users\REINER\Desktop\sonstige15.jpg
[2010.08.31 22:36:59 | 000,496,015 | ---- | C] () -- C:\Users\REINER\Desktop\02012008033.jpg
[2010.08.29 23:06:34 | 000,123,349 | ---- | C] () -- C:\Users\REINER\Desktop\Untitled 5.png
[2010.08.29 22:58:14 | 000,097,917 | ---- | C] () -- C:\Users\REINER\Desktop\paedtidt.jpg
[2010.08.29 22:47:50 | 000,126,469 | ---- | C] () -- C:\Users\REINER\Desktop\stock-vector-sanskrit-seamless-vector-wallpaper-based-on-ancient-oriental-manuscript-3591956.jpg
[2010.08.29 21:37:04 | 000,089,484 | ---- | C] () -- C:\Users\REINER\Desktop\l_80a41e8a03d242e999f26b8a1783847c.jpg
[2010.08.29 21:21:27 | 000,168,957 | ---- | C] () -- C:\Users\REINER\Desktop\wheeloflife.jpg
[2010.08.29 16:58:26 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.08.28 10:16:50 | 000,001,352 | ---- | C] () -- C:\Users\REINER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2010.08.28 01:57:42 | 000,000,004 | ---- | C] () -- C:\Users\REINER\Desktop\vvbcb.ps
[2010.08.27 21:58:33 | 005,234,732 | ---- | C] () -- C:\Users\REINER\Desktop\angulimala.wav
[2010.08.27 19:18:14 | 000,583,108 | ---- | C] () -- C:\Users\REINER\Desktop\01012008030 - Kopie.jpg
[2010.08.27 18:38:35 | 015,186,988 | ---- | C] () -- C:\Users\REINER\Desktop\TiSarana.wav
[2010.08.27 18:23:07 | 002,106,293 | ---- | C] () -- C:\Users\REINER\Desktop\Unbenannt.wma
[2010.08.26 01:07:03 | 000,039,589 | ---- | C] () -- C:\Users\REINER\Desktop\51C463CDJ1L.jpg
[2010.08.25 07:18:27 | 000,552,753 | ---- | C] () -- C:\Users\REINER\Desktop\A Chinese Ghost Story Theme.wma
[2010.08.25 00:32:41 | 000,000,943 | ---- | C] () -- C:\Users\REINER\Desktop\Audacity.lnk
[2010.08.24 14:31:09 | 000,593,172 | ---- | C] () -- C:\Users\REINER\Desktop\01012008031.jpg
[2010.08.24 14:31:09 | 000,583,108 | ---- | C] () -- C:\Users\REINER\Desktop\01012008030.jpg
[2010.08.22 21:01:51 | 367,749,464 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.08.07 02:56:46 | 000,007,603 | ---- | C] () -- C:\Users\REINER\AppData\Local\Resmon.ResmonCfg
[2010.07.28 02:59:59 | 000,000,000 | ---- | C] () -- C:\Users\REINER\AppData\Local\QSwitch.txt
[2010.07.28 02:59:59 | 000,000,000 | ---- | C] () -- C:\Users\REINER\AppData\Local\DSwitch.txt
[2010.07.28 02:59:59 | 000,000,000 | ---- | C] () -- C:\Users\REINER\AppData\Local\AtStart.txt
[2010.07.28 02:59:57 | 000,000,281 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009.11.09 20:02:34 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009.11.09 19:59:29 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009.11.09 19:58:34 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009.11.09 19:58:09 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009.11.05 07:36:53 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009.11.05 07:36:48 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009.11.05 07:36:35 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009.11.05 07:36:16 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009.11.05 07:35:40 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009.11.05 07:23:31 | 000,000,289 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2009.11.05 07:23:31 | 000,000,230 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2009.09.29 21:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 06:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.14 04:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report > --- --- ---
:daumenhoc |