| RexRever | 22.03.2012 21:11 |
hier der Otl.txtOTL Logfile: Code:
OTL logfile created on: 22.03.2012 20:17:39 - Run 1
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Papa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,63 Gb Available Physical Memory | 70,57% Memory free
15,96 Gb Paging File | 13,23 Gb Available in Paging File | 82,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1052,09 Gb Free Space | 75,30% Space Free | Partition Type: NTFS
Drive D: | 7,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: PAPA-PC | User Name: Papa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.22 20:13:40 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\24960-OTL.exe
PRC - [2012.03.13 22:20:40 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.11.26 11:40:56 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011.11.03 19:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.11.03 19:25:08 | 008,094,080 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe
PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe
========== Modules (No Company Name) ==========
MOD - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe
MOD - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.09.08 18:29:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.08 13:42:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.03.21 15:57:27 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.03.13 22:20:40 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.11.03 19:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2011.12.15 17:29:19 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.12.15 17:29:19 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.12.02 22:24:19 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.25 22:42:39 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011.09.08 19:27:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.08 17:52:40 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.07.28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:64bit: - [2011.07.06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011.06.06 23:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.04.21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 10:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.07 10:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.13 12:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.16 02:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.04.24 14:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007.05.07 18:00:04 | 010,642,176 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2012.03.06 16:04:10 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120321.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.03.02 19:58:01 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.02.18 16:35:49 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120322.003\EX64.SYS -- (NAVEX15)
DRV - [2012.02.18 16:35:49 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120322.003\ENG64.SYS -- (NAVENG)
DRV - [2012.02.04 11:33:59 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.02.04 11:33:58 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F C4 BE B5 77 AB CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012.02.18 16:28:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_5_2 [2012.03.22 19:51:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi [2012.03.14 20:39:58 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.12.08 20:07:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2011.12.08 20:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions
[2012.01.19 00:21:32 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Papa\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Papa\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Papa\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Facemoods = C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.6_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.4_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe ()
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Papa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Papa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Papa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Papa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03B5C4AA-A3CF-4FFF-B1D6-F6A9B12D2F06}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.11.14 11:59:05 | 000,000,081 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2012.02.14 13:55:43 | 000,000,000 | R--D | M] - D:\autostarter -- [ UDF ]
O32 - AutoRun File - [2007.07.30 11:00:50 | 000,233,472 | R--- | M] () - D:\AutoStarter.exe -- [ UDF ]
O33 - MountPoints2\{396fecb6-1767-11e1-a8fc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{396fecb6-1767-11e1-a8fc-806e6f6e6963}\Shell\AutoRun\command - "" = D:\0data\cbs.exe -- [2011.11.18 17:29:39 | 003,427,328 | R--- | M] ()
O33 - MountPoints2\{a1750e8f-1d0e-11e1-841b-50e549b67340}\Shell - "" = AutoRun
O33 - MountPoints2\{a1750e8f-1d0e-11e1-841b-50e549b67340}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.03.22 20:13:40 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Papa\Desktop\24960-OTL.exe
[2012.03.22 17:17:12 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\Malwarebytes
[2012.03.22 17:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.22 17:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.22 17:17:04 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.22 17:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.22 10:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012.03.22 09:35:12 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{30936325-A95E-4B14-9F90-F12EF4511280}
[2012.03.22 09:35:00 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{55459CC8-B73E-474A-93CB-13549251DFFF}
[2012.03.22 09:18:25 | 000,000,000 | ---D | C] -- C:\Users\Papa\Documents\NeocoreGames
[2012.03.21 22:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills
[2012.03.21 22:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Purplehills
[2012.03.21 22:44:42 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\Downloaded Installations
[2012.03.21 21:34:35 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{D97C6AB5-1F64-4B17-9B58-AD48398F95D2}
[2012.03.21 21:34:24 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{FE2A1B8B-F513-4094-9436-8E176B55AAC5}
[2012.03.21 09:33:59 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{226A321B-DE34-40CC-BA3A-609E75FDD7FA}
[2012.03.21 09:33:48 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{1A087A83-31F0-44F2-8981-FFD4FC7C61C0}
[2012.03.20 20:57:28 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2F8AD25C-BF03-4343-8F66-37B482A1259D}
[2012.03.20 20:57:17 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{7E0425F9-4C21-437B-A222-EACA98C7BBEA}
[2012.03.20 08:56:52 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{1FFF1204-54C3-4413-B579-C7FFCF1D6DD5}
[2012.03.20 08:56:40 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{044CBC1B-BF57-457F-96B5-C7C28188B08E}
[2012.03.19 20:56:16 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{537FB633-D3D8-4246-9BDC-934C94F8809B}
[2012.03.19 20:56:05 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2BDE81A6-E5E0-4D30-8078-672C81A2350B}
[2012.03.19 08:55:37 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{88C80C29-9D00-4F09-931A-FBAA8D93D685}
[2012.03.19 08:55:20 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{D411F4BB-788D-45E1-9697-1A2E721009AF}
[2012.03.18 12:40:55 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{60C82CF2-380A-4B65-A8F7-9B8FABFD987E}
[2012.03.18 12:40:38 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{40A9CDB1-3BA1-4A30-9B0C-1790D2D6CECA}
[2012.03.17 23:44:04 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{ABC4B077-86D7-4903-86E5-D00AAE3BBFB2}
[2012.03.17 23:43:54 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{AD58B97F-2381-4A9D-9C90-7E0DAE85F9A9}
[2012.03.17 11:43:41 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{4A14FF93-5C88-4BFF-983A-748FF56E7DFB}
[2012.03.17 11:43:31 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2B2EA311-76DF-4384-9AEA-EC27F506AA82}
[2012.03.16 23:43:05 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{FF0469B2-1C5E-401D-B879-E8E15CEB9B25}
[2012.03.16 23:42:54 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8E4CD678-2AD9-45CC-99F8-7288AC41C757}
[2012.03.16 20:37:29 | 000,000,000 | ---D | C] -- C:\Users\Papa\.emps_cache
[2012.03.16 11:42:41 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{E2D3B2B9-657A-46CC-A7F4-CCD327A6571B}
[2012.03.16 11:42:31 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{48C1B622-C4FC-4863-8D6D-FDCF0DDEC3AC}
[2012.03.15 23:42:05 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{4BA213C2-FB4F-47F8-B38F-9C808DC70919}
[2012.03.15 23:41:55 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{F130D0A6-49F1-4B14-962F-DD37059298E7}
[2012.03.15 23:02:25 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\Chromium
[2012.03.15 18:38:04 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\Funcom
[2012.03.15 18:37:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.03.15 18:37:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Funcom
[2012.03.15 17:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012.03.15 17:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.03.15 17:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012.03.15 11:41:34 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{1DBDD49C-A5FD-4A18-A70F-2191E6DE8F46}
[2012.03.15 11:41:14 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{AC9E2674-E4B6-49D2-B886-69A31320BFF7}
[2012.03.15 03:02:45 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.03.15 03:02:44 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.03.15 03:02:44 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.03.14 20:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012.03.14 20:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar
[2012.03.14 20:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.03.14 20:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012.03.14 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012.03.14 20:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012.03.14 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\BitTorrent
[2012.03.14 13:44:57 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.03.14 13:44:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.03.14 13:44:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.03.14 13:44:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.03.14 13:44:11 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.03.14 13:44:11 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.03.14 09:58:30 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{580DD921-6533-4DA0-82EC-4E7BD46D03C7}
[2012.03.14 09:58:19 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{84384132-495A-460D-BFAF-2916FE7708A7}
[2012.03.13 21:57:53 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8CCD9060-20B6-42CF-8FDB-BB85D64C6A41}
[2012.03.13 21:57:41 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{D1FF5B5F-2E56-439D-AE31-678054ECA471}
[2012.03.13 09:57:12 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{328AFE05-9349-4002-A81F-DEECB1B600F3}
[2012.03.13 09:57:01 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{EC4A76A1-D0D0-424F-AA55-105D1CA08993}
[2012.03.12 11:30:53 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2867DADB-0AFF-4476-9094-7EF32D397930}
[2012.03.12 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8C8B7FDD-3236-49C9-8E86-B4A4F49DB7FB}
[2012.03.11 11:41:31 | 000,000,000 | ---D | C] -- C:\Users\Papa\Documents\The Lord of the Rings Online
[2012.03.11 11:41:31 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\The Lord of the Rings Online
[2012.03.11 11:13:50 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\Turbine
[2012.03.11 11:11:07 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\ApplicationHistory
[2012.03.11 11:09:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2012.03.11 11:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine
[2012.03.11 11:04:58 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{38E5EE20-0A7B-4E81-ABF3-E48CD32D6F83}
[2012.03.11 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{49FA47B7-E895-44A2-9D9E-3A54F7978DDF}
[2012.03.11 10:49:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2012.03.10 23:04:17 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{6B66EBBA-3FFC-4837-A075-060B7BFFFA6E}
[2012.03.10 23:04:06 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{473747DF-966E-416C-AB1A-6C6122C5A402}
[2012.03.10 11:08:19 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\ElevatedDiagnostics
[2012.03.10 00:13:01 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{808FB9DF-CA97-425F-ADCC-1DAF51F305CA}
[2012.03.10 00:12:49 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8AE4F3B2-91FD-422F-97CD-8E0AE150696F}
[2012.03.09 09:21:36 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{24BA3F27-7B4E-490F-B1B1-53DA738759EA}
[2012.03.09 09:21:26 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{5B1192A0-FC74-4AE1-91FE-11B652BBD2AC}
[2012.03.08 11:50:28 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{E613D7ED-E7A4-4B4B-AAF5-D41BE9C9F7EF}
[2012.03.08 11:50:15 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{C30A93F1-0CD4-4CD4-940A-105CFC9FF3CC}
[2012.03.07 22:16:16 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{F6BCB105-0F38-47B3-AF00-7315ACFF3B2A}
[2012.03.07 08:46:29 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{87500DB7-7A66-4158-ABDA-807642FDCE8F}
[2012.03.07 08:46:18 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{F09EF8C6-2393-4ECA-A8C1-25ED0AFE44FE}
[2012.03.06 20:45:54 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{B7B08F6D-C1D1-4F94-9D50-32EE6478910C}
[2012.03.06 20:45:43 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{1541F8C2-2483-4FC6-A5A6-3244B8994762}
[2012.03.06 08:45:18 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{0CCF9FFA-36A2-4E44-A877-2CF4C0A6B0FC}
[2012.03.06 08:45:04 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{FA03B42B-DEA9-4377-9FB6-C4086806451E}
[2012.03.05 15:38:42 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{5E452097-DACE-4122-B314-59FBD903F041}
[2012.03.05 15:38:30 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2F7EF1DE-8581-4465-BF70-7EC7C3223EE8}
[2012.03.04 23:35:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.03.04 23:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012.03.04 23:34:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.03.04 23:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.03.04 22:41:22 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{11FB2A0A-9602-41A8-B29C-778782EFF151}
[2012.03.04 22:41:10 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{09DE7FAC-7C77-4E18-8D3E-A2D7C66068DA}
[2012.03.04 10:40:43 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8CEE3772-83C7-4DE6-9069-B8E01E9CACF5}
[2012.03.04 10:40:33 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{DC9135CA-71FC-4EE7-BB14-EF1CCB0F7E5C}
[2012.03.03 08:31:22 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{917678B9-54C5-4D36-BD26-03FA1890E358}
[2012.03.03 08:31:08 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{E30ED1A7-B2BC-46E9-B3B5-C4B81F5ECA57}
[2012.03.02 11:31:19 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{3E5AEB04-5DEF-405A-B0B8-59C0B6B5F72E}
[2012.03.02 11:31:06 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{54EC3BD1-DD4B-4D46-9212-62A8EDF01216}
[2012.03.01 21:31:10 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{3B15A699-2799-4704-998C-6EFACC6C47C6}
[2012.03.01 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{365600D3-C70C-469A-9ADC-6B2608F0C415}
[2012.03.01 09:30:36 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{45F739A9-2260-45C4-97F7-031258F325AA}
[2012.03.01 09:30:25 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{BF9F6A04-5636-46CD-A981-A524A2DA9A52}
[2012.02.29 09:54:20 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{81AD12A0-BD3F-4710-8EEF-70DEEC414DE2}
[2012.02.29 09:54:06 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{5C88441A-E29F-4718-98A6-C0B03EB08514}
[2012.02.28 18:32:03 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{A8D9AE2B-6D65-4437-9BE9-99434D64BC50}
[2012.02.28 18:31:53 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{F52254E1-6F6F-4C18-BD4A-DD0E045DEF2A}
[2012.02.27 22:43:22 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{F0CB0FFE-1686-4D88-8823-EE45562ACC29}
[2012.02.27 22:43:12 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{4A44A2F0-A5DC-4491-B8CC-04A7ADCC4DA4}
[2012.02.27 10:42:58 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8C3419F1-3F5E-44F9-997C-9FD3CC90A906}
[2012.02.27 10:42:48 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{740E098C-850E-453E-951E-4D40A7926176}
[2012.02.26 14:02:04 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{0D6E67B2-F118-4553-8A1F-C8E6950DBFEF}
[2012.02.26 14:01:54 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{0426C9AE-090C-47B7-B5E6-D71ED04EE266}
[2012.02.25 16:33:23 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{FCB4CADD-AC2E-4381-8030-8AB6CF577BE4}
[2012.02.25 16:33:09 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{CDD9230F-DF75-491C-B5FD-9D9E478C8A3A}
[2012.02.24 13:51:51 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{72BF0E7C-1E29-42D1-B788-CABACE82B18A}
[2012.02.24 13:51:35 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{CB77100D-296F-449F-88B4-4D8E9FD837F4}
[2012.02.23 16:54:31 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{52C72011-1936-4B6E-AEC9-2402B681815E}
[2012.02.23 16:54:18 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{C58CDDE2-C438-457F-B4CB-072D4595AF63}
[2012.02.22 22:55:13 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{EBA0C84F-1B1F-4EB3-8896-CDF57FCFBFD4}
[2012.02.22 22:55:03 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{216B12C2-46E1-4B9B-83BC-68FCFCD1A641}
[2012.02.22 10:49:43 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{9ADF9EE0-2061-40B2-8D59-E3DDF7FA2876}
[2012.02.22 10:49:32 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{A96DBC6D-7BB8-4C67-B113-AB9AC8BFE128}
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.22 20:13:40 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\24960-OTL.exe
[2012.03.22 19:59:04 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 19:59:04 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 19:51:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.22 19:51:36 | 2132,729,855 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.22 17:48:19 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2012.03.22 17:17:06 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.15 14:12:18 | 000,002,621 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2012.03.15 13:42:20 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.03.15 13:42:20 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.03.15 11:50:59 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.03.15 11:39:21 | 000,277,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.13 22:20:40 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.03.13 11:36:02 | 001,620,516 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.13 11:36:02 | 000,707,706 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.13 11:36:02 | 000,661,302 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.13 11:36:02 | 000,153,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.13 11:36:02 | 000,125,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.13 11:35:52 | 001,620,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.11 11:11:07 | 000,000,092 | ---- | M] () -- C:\Users\Papa\AppData\Local\fusioncache.dat
[2012.03.10 10:48:50 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.03.10 10:48:50 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2012.02.22 13:19:13 | 583,751,675 | ---- | M] () -- C:\Windows\MEMORY.DMP
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.22 17:17:06 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.14 20:41:34 | 000,000,898 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2012.03.13 22:22:46 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.03.11 11:11:07 | 000,000,092 | ---- | C] () -- C:\Users\Papa\AppData\Local\fusioncache.dat
[2012.02.17 13:50:17 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.17 13:50:15 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.02.17 13:50:14 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.02.16 13:49:20 | 000,000,060 | ---- | C] () -- C:\Windows\Bibi_Tina.ini
[2012.01.25 14:59:33 | 001,620,516 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.19 16:04:03 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2012.01.19 16:03:16 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2012.01.19 16:02:58 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2012.01.14 12:29:06 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe
[2012.01.14 12:29:06 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2012.01.14 12:29:06 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2012.01.14 12:29:05 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll
[2012.01.14 12:29:05 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll
[2012.01.14 12:29:05 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll
[2011.11.25 22:21:07 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.11.25 22:21:07 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.11.25 14:48:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.25 14:25:18 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.11.25 14:23:16 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.01.26 19:21:31 | 000,000,000 | ---D | M] -- C:\.minecraft
[2011.11.25 14:45:23 | 000,000,000 | ---D | M] -- C:\ATI
[2012.02.16 13:49:16 | 000,000,000 | ---D | M] -- C:\Bibi_und_Tina
[2012.01.13 17:46:37 | 000,000,000 | ---D | M] -- C:\Champions Online BT FC.20.20110627.3
[2012.01.13 18:32:38 | 000,000,000 | ---D | M] -- C:\Cryptic Studios
[2011.12.02 22:39:23 | 000,000,000 | ---D | M] -- C:\Dead Island
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.11.25 14:23:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.01.20 12:02:54 | 000,000,000 | ---D | M] -- C:\Games
[2012.02.18 17:03:41 | 000,000,000 | ---D | M] -- C:\Lop SD
[2012.02.06 19:29:20 | 000,000,000 | ---D | M] -- C:\Perfect World Entertainment
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.02.18 17:09:16 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.03.22 18:42:02 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.03.22 17:48:14 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.11.25 14:23:04 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.11.25 14:23:04 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.02.21 14:54:26 | 000,000,000 | ---D | M] -- C:\sh4ldr
[2012.03.22 20:20:09 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.26 15:41:28 | 000,000,000 | ---D | M] -- C:\The Elder Scrolls V- Skyrim
[2011.11.25 14:23:08 | 000,000,000 | R--D | M] -- C:\Users
[2012.03.22 18:42:03 | 000,000,000 | ---D | M] -- C:\Windows
[2012.01.27 13:28:28 | 000,000,000 | ---D | M] -- C:\__temp
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.02.08 17:54:36 | 000,005,841 | ---- | M] () -- C:\Users\Papa\.recently-used.xbel
[2012.03.22 20:37:51 | 002,359,296 | -HS- | M] () -- C:\Users\Papa\ntuser.dat
[2012.03.22 20:37:50 | 000,262,144 | -HS- | M] () -- C:\Users\Papa\ntuser.dat.LOG1
[2011.11.25 14:23:08 | 000,000,000 | -HS- | M] () -- C:\Users\Papa\ntuser.dat.LOG2
[2011.11.25 14:47:28 | 000,065,536 | -HS- | M] () -- C:\Users\Papa\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.11.25 14:47:28 | 000,524,288 | -HS- | M] () -- C:\Users\Papa\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.11.25 14:47:28 | 000,524,288 | -HS- | M] () -- C:\Users\Papa\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.02.18 17:49:05 | 000,065,536 | -HS- | M] () -- C:\Users\Papa\ntuser.dat{356e5519-5a3f-11e1-ac3f-50e549b67340}.TM.blf
[2012.02.18 17:49:05 | 000,524,288 | -HS- | M] () -- C:\Users\Papa\ntuser.dat{356e5519-5a3f-11e1-ac3f-50e549b67340}.TMContainer00000000000000000001.regtrans-ms
[2012.02.18 17:49:05 | 000,524,288 | -HS- | M] () -- C:\Users\Papa\ntuser.dat{356e5519-5a3f-11e1-ac3f-50e549b67340}.TMContainer00000000000000000002.regtrans-ms
[2012.02.21 23:50:40 | 000,065,536 | -HS- | M] () -- C:\Users\Papa\ntuser.dat{c5dcfcd4-5c87-11e1-851e-50e549b67340}.TM.blf
[2012.02.21 23:50:40 | 000,524,288 | -HS- | M] () -- C:\Users\Papa\ntuser.dat{c5dcfcd4-5c87-11e1-851e-50e549b67340}.TMContainer00000000000000000001.regtrans-ms
[2012.02.21 23:50:40 | 000,524,288 | -HS- | M] () -- C:\Users\Papa\ntuser.dat{c5dcfcd4-5c87-11e1-851e-50e549b67340}.TMContainer00000000000000000002.regtrans-ms
[2011.11.25 14:23:08 | 000,000,020 | -HS- | M] () -- C:\Users\Papa\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
--- --- ---
Hier der Extra.txtOTL Logfile: Code:
OTL Extras logfile created on: 22.03.2012 20:17:39 - Run 1
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Papa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,63 Gb Available Physical Memory | 70,57% Memory free
15,96 Gb Paging File | 13,23 Gb Available in Paging File | 82,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1052,09 Gb Free Space | 75,30% Space Free | Partition Type: NTFS
Drive D: | 7,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: PAPA-PC | User Name: Papa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CC44ABB-62F1-FDA7-02C8-DCCC2A239DDE}" = AMD Fuel
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{44E3AB6B-453B-8DAE-9777-1C48F5AB8965}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Blender" = Blender
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"WinGimp-2.0_is1" = GIMP 2.6.8
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = AMD VISION Engine Control Center
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 30
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}" = Darkest of Days
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AEFE4FD-8EF1-4D61-B3CF-52016EAE6692}" = Hama Webcam Suite
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}" = Medal of Honor Pacific Assault(tm)
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AF9D464-6627-4FB9-AEF9-15D6C972CA84}_is1" = Minecraft Beta Version 1.7.3
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{82225685-1513-4975-B624-155C10F3EE16}" = The Whispered World
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA179F5-EAE2-4997-B03E-989068643DBF}" = Brickshooter Egypt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam RW-100
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.05.01.8027
"1ClickDownload" = 1ClickDownload
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Age of Conan_is1" = Age of Conan: Unchained
"BitTorrent" = BitTorrent
"Black Prophecy_is1" = Black Prophecy
"Champions Online" = Champions Online
"Company of Heroes" = Company of Heroes
"DAEMON Tools Lite" = DAEMON Tools Lite
"Der Herr der Ringe - Der Krieg im Norden (c) Warner Bros._is1" = Der Herr der Ringe - Der Krieg im Norden (c) Warner Bros. version 1
"Eastern Front" = Eastern Front
"facemoods" = Facemoods Toolbar
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Full Spectrum Warrior" = Full Spectrum Warrior (remove only)
"Graboid Video" = Graboid Video 2.4
"GTA ]I[" = GTA ]I[
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Mafia II_is1" = Mafia II
"MAGIX Goya burnR D" = MAGIX Goya burnR 2.3.1.3 (D)
"MAGIX Music Maker Hip Hop Edition 2 D" = MAGIX Music Maker Hip Hop Edition 2 4.0.0.10 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"N360" = Norton 360
"OpenAL" = OpenAL
"Pandemonium" = Pandemonium for Windows
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"STARWARS: The Battle of Endor v2.1_is1" = STARWARS: The Battle of Endor version 2.1
"Steam App 113400" = APB Reloaded
"Steam App 1213" = Red Orchestra: Ostfront 41-45
"Steam App 13140" = America's Army 3
"Steam App 13180" = America's Army 3 Dedicated Server
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 17515" = Age of Chivalry Dedicated Server
"Steam App 240" = Counter-Strike: Source
"Steam App 24400" = King Arthur - The Role-playing Wargame
"Steam App 300" = Day of Defeat: Source
"Stronghold 3 (c) THQ_is1" = Stronghold 3 (c) THQ version 1
"TeamViewer 6" = TeamViewer 6
"Tom Clancy's Splinter Cell Conviction_is1" = Tom Clancy's Splinter Cell Conviction
"Tomb Raider: Legend" = Tomb Raider: Legend 1.2
"TV3D65_is1" = TV3D SDK 6.5 Prerelease
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Zip Uncompressor" = Zip Uncompressor
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.03.2012 05:47:07 | Computer Name = Papa-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: YontooIEClient.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4f175f2b Ausnahmecode: 0xc0000005 Fehleroffset:
0x5f15e36b ID des fehlerhaften Prozesses: 0x888 Startzeit der fehlerhaften Anwendung:
0x01cd0747921c1ca2 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Pfad des fehlerhaften Moduls: YontooIEClient.dll Berichtskennung:
d1e4ce86-733a-11e1-9016-50e549b67340
Error - 21.03.2012 07:41:14 | Computer Name = Papa-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4f28cccc Ausnahmecode: 0xc0000005 Fehleroffset: 0x5f2ff1c9
ID
des fehlerhaften Prozesses: 0xe94 Startzeit der fehlerhaften Anwendung: 0x01cd0748aa0c2194
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\donleone13\day
of defeat source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
c34fb5cc-734a-11e1-9016-50e549b67340
Error - 21.03.2012 10:58:39 | Computer Name = Papa-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.03.2012 12:58:19 | Computer Name = Papa-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.03.2012 14:37:47 | Computer Name = Papa-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4f28cccc Ausnahmecode: 0xc0000005 Fehleroffset: 0x67c7f1c9
ID
des fehlerhaften Prozesses: 0x6c8 Startzeit der fehlerhaften Anwendung: 0x01cd0784d4c689c7
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\donleone13\day
of defeat source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
f42b0530-7384-11e1-80df-50e549b67340
Error - 21.03.2012 17:43:47 | Computer Name = Papa-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.03.2012 19:33:53 | Computer Name = Papa-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 22.03.2012 03:37:27 | Computer Name = Papa-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.03.2012 03:42:24 | Computer Name = Papa-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 22.03.2012 03:43:14 | Computer Name = Papa-PC | Source = MsiInstaller | ID = 1013
Description =
[ System Events ]
Error - 22.03.2012 13:42:24 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:24 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:24 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.03.2012 13:42:25 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
--- --- ---
Wie kann ich denn den Log von Malwarebytes finden?
:D
Und wie kann dir jetzt dieser Log weiterhelfen :D ? Würde mich brennend interessieren damit ich später für solche sachen gerüstet bin! :D
Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org
Datenbank Version: v2012.03.22.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Papa :: PAPA-PC [Administrator]
Schutz: Aktiviert
22.03.2012 17:18:00
mbam-log-2012-03-22 (17-18-00).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 188744
Laufzeit: 2 Minute(n), 33 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 3
C:\Users\Papa\Downloads\DownloadSetup (1).exe (Affiliate.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Papa\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Papa\Downloads\SoftonicDownloader_fuer_epsxe.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org
Datenbank Version: v2012.03.22.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Papa :: PAPA-PC [Administrator]
Schutz: Aktiviert
22.03.2012 17:25:05
mbam-log-2012-03-22 (17-25-05).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 459728
Laufzeit: 1 Stunde(n), 2 Minute(n), 26 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
2012/03/22 17:17:54 +0100 PAPA-PC Papa MESSAGE Starting protection
2012/03/22 17:17:56 +0100 PAPA-PC Papa MESSAGE Protection started successfully
2012/03/22 17:17:59 +0100 PAPA-PC Papa MESSAGE Starting IP protection
2012/03/22 17:18:00 +0100 PAPA-PC Papa MESSAGE IP Protection started successfully
2012/03/22 17:22:36 +0100 PAPA-PC Papa MESSAGE Executing scheduled update: Daily
2012/03/22 17:22:37 +0100 PAPA-PC Papa MESSAGE Database already up-to-date
2012/03/22 17:23:00 +0100 PAPA-PC Papa MESSAGE Starting protection
2012/03/22 17:23:03 +0100 PAPA-PC Papa MESSAGE Protection started successfully
2012/03/22 17:23:06 +0100 PAPA-PC Papa MESSAGE Starting IP protection
2012/03/22 17:23:06 +0100 PAPA-PC Papa MESSAGE IP Protection started successfully
2012/03/22 18:34:11 +0100 PAPA-PC Papa MESSAGE Stopping IP protection
2012/03/22 18:35:01 +0100 PAPA-PC Papa MESSAGE IP Protection stopped
2012/03/22 19:53:59 +0100 PAPA-PC Papa MESSAGE Starting protection
2012/03/22 19:54:01 +0100 PAPA-PC Papa MESSAGE Protection started successfully
2012/03/22 19:54:04 +0100 PAPA-PC Papa MESSAGE Starting IP protection
2012/03/22 19:54:05 +0100 PAPA-PC Papa MESSAGE IP Protection started successfully
2012/03/22 19:57:34 +0100 PAPA-PC Papa MESSAGE Stopping IP protection
2012/03/22 19:58:26 +0100 PAPA-PC Papa MESSAGE IP Protection stopped
hier ist der Log den ich gefunden habe :0 hoffentlich ist das was nutzvolles für dich :D
GEIIIIL!!! HABS GESCHAFFT! :D
Total komisch es Lag doch an der Maus -.-*. Tut mir Leid für den AUfstand! Bei mir auf dem Laptop geht sie einwandfrei aber auf dem Gamer Rechner hat sie aussetzer ö_Ö ? wieso? die Maus ist dann also doch nicht kaputt weil sie gestern ja noch auf dem Gamer-PC lief. ö_Ö Und heute auf einmal aussetzer hmmmm woran kann das liegen "sry auch wenn das nichtmerh so ganz zum Thema past" |
