| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Crypt.zPACK.GenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.12.2010, 22:04
| #1 |
| |  TR/Crypt.zPACK.Gen Hallo, Ich weiß das dieses Thema vorhin erst gemacht wurde. Dort kann ich aber nicht reinschreiben,dort gab es so ein oldtimer Programm ich hab den Rat befolgt und habe nun zwei Textlogs hier Extras.txt OTL Extras logfile created on: 26.12.2010 21:52:34 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Golos Computer\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,51 Gb Total Space | 136,86 Gb Free Space | 14,69% Space Free | Partition Type: NTFS Drive D: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: GOLOSCOMPUTER | User Name: Golos Computer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04CB9967-A8BB-468C-ABA6-CE87328712BE}" = BloodRayne 2 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87}" = Vampire - The Masquerade Bloodlines "{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only) "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_update1.11.3.1" = Update &1 für Spiel Men of War "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15 "{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}" = Mercenaries 2: World in Flames(tm) "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{31CB0D80-1866-462A-9455-88614410971F}" = Driver: Parallel Lines "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3A1B1652-D70A-4D19-981E-BB15D0DBF253}" = Ghostbusters (TM): The Video Game "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R) "{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01] "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2 "{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™ "{54510837-257F-4E9A-B359-731000028301}" = Red Faction: Guerrilla "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5527CA99-AAEC-45E2-9EB9-CED0BB2FC2BD}" = MorphVOX Pro "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6583D00E-0924-4950-8BE9-5D09FE70B333}" = MTX "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946 "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}" = Emergency 4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{9F7FC1EC-5C07-44A4-8338-22AF90644273}_is1" = German Soldiers Mod Fields of Honor 2 "{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A64D224E-E06A-43D2-A919-8BE108F47305}_is1" = Crawler Smileys "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{B2376993-96D4-4902-A5B3-C3239D872812}_is1" = Brothers of War 1.5 "{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins "{C301D681-00D3-4597-8446-3DE54FE20F1A}" = TortoiseSVN 1.6.11.20210 (32 bit) "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1" = Stranded II 1.0.0.1 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}" = biohazard 4 "{E4406ED3-B04C-44F1-ABB4-08775B74934F}" = Call Of Cthulhu DCoTE "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "«Sigerous Mod äëÿ ÇÏ»_is1" = «Sigerous Mod v1.6» "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Aion Screensaver_õÁ·_is1" = Aion Screensaver_õÁ· "AREA-51" = AREA-51 (remove only) "ArmA 2" = ArmA 2 Uninstall "ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BattlEye" = BattlEye Uninstall "BattlEye for OA" = BattlEye for OA Uninstall "CCleaner" = CCleaner "Clonk Rage" = Clonk Rage "Combat Arms" = Combat Arms "Combat Arms EU" = Combat Arms EU "Cossacks : Back To War" = ?????? - ????? ????? "CToolbar_UNINSTALL" = Crawler Toolbar "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DemolitionCompanyDemoDE_is1" = Demolition Company Demo "DivX Setup.divx.com" = DivX-Setup "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Fallout Mod Manager_is1" = Fallout Mod Manager 0.12.6 "Fallout New Vegas_is1" = Fallout New Vegas "FLV Player" = FLV Player 2.0 (build 25) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.6 "GameTracker Lite" = GameTracker Lite "Google Chrome" = Google Chrome "GTA IV - 100% Savegame File (Vista) 1.0" = GTA IV - 100% Savegame File (Vista) 1.0 "HxD Hex Editor_is1" = HxD Hex Editor Version 1.7.7.0 "ICQToolbar" = ICQ Toolbar "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}" = Ghostbusters (TM): The Video Game "InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM) "InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946 "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full) "Mafia II_is1" = Mafia II "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mobile Partner" = Mobile Partner "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NSS" = Norton Security Scan "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Patch for "Men of War"_is1" = Patch 1.17.5 for "Men of War" "Police Pursuit Mod 7.5c 7.5c" = Police Pursuit Mod 7.5c 7.5c "Police Pursuit Mod 7.5c[X] 7.5c[X]" = Police Pursuit Mod 7.5c[X] 7.5c[X] "PunkBusterSvc" = PunkBuster Services "S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky "Snow Sakura" = Snow Sakura "SpeedFan" = SpeedFan (remove only) "Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 220" = Half-Life 2 "Steam App 27920" = Booster Trooper "Steam App 4000" = Garry's Mod "Steam App 420" = Half-Life 2: Episode Two "Steam App 42700" = Call of Duty: Black Ops "Steam App 42710" = Call of Duty: Black Ops - Multiplayer "Steam App 43110" = Metro 2033 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamViewer 5" = TeamViewer 5 "theHunter" = theHunter (remove only) "TOU" = TOU "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.5 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "WMV9_VCM" = Microsoft Windows Media Video 9 VCM "X3-Reunion2.0.02DE_is1" = X3: Reunion v2.0.02 "Xenus 2: Áåëîå Çîëîòî_is1" = Xenus 2: Áåëîå Çîëîòî "Xfire" = Xfire (remove only) "XfireXO Toolbar" = XfireXO Toolbar "XPort 360_is1" = XPort 360 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Golos Computer) "IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22.12.2010 22:55:48 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dd8cf ID des fehlerhaften Prozesses: 0x428 Startzeit der fehlerhaften Anwendung: 0x01cba24c9d5ae0c0 Pfad der fehlerhaften Anwendung: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Berichtskennung: 249c9bf0-0e40-11e0-9784-0022684958cc Error - 22.12.2010 23:39:32 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dd8cf ID des fehlerhaften Prozesses: 0xa68 Startzeit der fehlerhaften Anwendung: 0x01cba252da25dea0 Pfad der fehlerhaften Anwendung: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Berichtskennung: 40a4e9a0-0e46-11e0-9784-0022684958cc Error - 23.12.2010 02:42:06 | Computer Name = GolosComputer | Source = Application Hang | ID = 1002 Description = Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1060 Startzeit: 01cba26c4f96fcf0 Endzeit: 60000 Anwendungspfad: C:\Program Files\Windows Media Player\wmplayer.exe Berichts-ID: 946156a1-0e5f-11e0-9784-0022684958cc Error - 23.12.2010 11:29:56 | Computer Name = GolosComputer | Source = VSS | ID = 8194 Description = Error - 24.12.2010 15:24:13 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Metro2033.exe, Version: 1.0.0.1, Zeitstempel: 0x4c7775b7 Name des fehlerhaften Moduls: Metro2033.exe, Version: 1.0.0.1, Zeitstempel: 0x4c7775b7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0048495b ID des fehlerhaften Prozesses: 0xfd4 Startzeit der fehlerhaften Anwendung: 0x01cba39f03620c60 Pfad der fehlerhaften Anwendung: C:\program files\steam\steamapps\common\metro 2033\Metro2033.exe Pfad des fehlerhaften Moduls: C:\program files\steam\steamapps\common\metro 2033\Metro2033.exe Berichtskennung: 63c14ac0-0f93-11e0-953b-0022684958cc Error - 24.12.2010 22:26:18 | Computer Name = GolosComputer | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 24.12.2010 22:27:06 | Computer Name = GolosComputer | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Users\golos computer\AppData\Local\Temp\pccompanion\Drivers\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 25.12.2010 16:18:33 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FalloutNV.exe, Version: 1.0.0.240, Zeitstempel: 0x4c9808f2 Name des fehlerhaften Moduls: FalloutNV.exe, Version: 1.0.0.240, Zeitstempel: 0x4c9808f2 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001df464 ID des fehlerhaften Prozesses: 0x9a0 Startzeit der fehlerhaften Anwendung: 0x01cba470482ba780 Pfad der fehlerhaften Anwendung: C:\Program Files\Bethesda Softworks\Fallout New Vegas\FalloutNV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Bethesda Softworks\Fallout New Vegas\FalloutNV.exe Berichtskennung: 24d984e0-1064-11e0-8e8a-0022684958cc Error - 25.12.2010 23:19:11 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dd8cf ID des fehlerhaften Prozesses: 0x468 Startzeit der fehlerhaften Anwendung: 0x01cba4ab40769ff0 Pfad der fehlerhaften Anwendung: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Berichtskennung: e851d870-109e-11e0-8e8a-0022684958cc Error - 25.12.2010 23:25:02 | Computer Name = GolosComputer | Source = Application Hang | ID = 1002 Description = Programm firefox.exe, Version 1.9.2.3989 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1374 Startzeit: 01cba43fe8208f70 Endzeit: 501 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe Berichts-ID: b789a2d1-109f-11e0-8e8a-0022684958cc [ System Events ] Error - 26.11.2010 14:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 15:47:37 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 16:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 17:47:37 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 18:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 19:47:37 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 20:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 21:12:23 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen aktuellen Status gemeldet: 0 Error - 27.11.2010 09:18:08 | Computer Name = GolosComputer | Source = Application Popup | ID = 875 Description = Treiber atksgt.sys konnte nicht geladen werden. Error - 27.11.2010 09:18:08 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7000 Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 < End of report > ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04CB9967-A8BB-468C-ABA6-CE87328712BE}" = BloodRayne 2 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87}" = Vampire - The Masquerade Bloodlines "{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only) "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_update1.11.3.1" = Update &1 für Spiel Men of War "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15 "{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}" = Mercenaries 2: World in Flames(tm) "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{31CB0D80-1866-462A-9455-88614410971F}" = Driver: Parallel Lines "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3A1B1652-D70A-4D19-981E-BB15D0DBF253}" = Ghostbusters (TM): The Video Game "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R) "{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01] "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2 "{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™ "{54510837-257F-4E9A-B359-731000028301}" = Red Faction: Guerrilla "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5527CA99-AAEC-45E2-9EB9-CED0BB2FC2BD}" = MorphVOX Pro "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6583D00E-0924-4950-8BE9-5D09FE70B333}" = MTX "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946 "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}" = Emergency 4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{9F7FC1EC-5C07-44A4-8338-22AF90644273}_is1" = German Soldiers Mod Fields of Honor 2 "{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A64D224E-E06A-43D2-A919-8BE108F47305}_is1" = Crawler Smileys "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{B2376993-96D4-4902-A5B3-C3239D872812}_is1" = Brothers of War 1.5 "{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins "{C301D681-00D3-4597-8446-3DE54FE20F1A}" = TortoiseSVN 1.6.11.20210 (32 bit) "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1" = Stranded II 1.0.0.1 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}" = biohazard 4 "{E4406ED3-B04C-44F1-ABB4-08775B74934F}" = Call Of Cthulhu DCoTE "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "«Sigerous Mod äëÿ ÇÏ»_is1" = «Sigerous Mod v1.6» "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Aion Screensaver_õÁ·_is1" = Aion Screensaver_õÁ· "AREA-51" = AREA-51 (remove only) "ArmA 2" = ArmA 2 Uninstall "ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BattlEye" = BattlEye Uninstall "BattlEye for OA" = BattlEye for OA Uninstall "CCleaner" = CCleaner "Clonk Rage" = Clonk Rage "Combat Arms" = Combat Arms "Combat Arms EU" = Combat Arms EU "Cossacks : Back To War" = ?????? - ????? ????? "CToolbar_UNINSTALL" = Crawler Toolbar "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DemolitionCompanyDemoDE_is1" = Demolition Company Demo "DivX Setup.divx.com" = DivX-Setup "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Fallout Mod Manager_is1" = Fallout Mod Manager 0.12.6 "Fallout New Vegas_is1" = Fallout New Vegas "FLV Player" = FLV Player 2.0 (build 25) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.6 "GameTracker Lite" = GameTracker Lite "Google Chrome" = Google Chrome "GTA IV - 100% Savegame File (Vista) 1.0" = GTA IV - 100% Savegame File (Vista) 1.0 "HxD Hex Editor_is1" = HxD Hex Editor Version 1.7.7.0 "ICQToolbar" = ICQ Toolbar "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}" = Ghostbusters (TM): The Video Game "InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM) "InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946 "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full) "Mafia II_is1" = Mafia II "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mobile Partner" = Mobile Partner "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NSS" = Norton Security Scan "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Patch for "Men of War"_is1" = Patch 1.17.5 for "Men of War" "Police Pursuit Mod 7.5c 7.5c" = Police Pursuit Mod 7.5c 7.5c "Police Pursuit Mod 7.5c[X] 7.5c[X]" = Police Pursuit Mod 7.5c[X] 7.5c[X] "PunkBusterSvc" = PunkBuster Services "S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky "Snow Sakura" = Snow Sakura "SpeedFan" = SpeedFan (remove only) "Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 220" = Half-Life 2 "Steam App 27920" = Booster Trooper "Steam App 4000" = Garry's Mod "Steam App 420" = Half-Life 2: Episode Two "Steam App 42700" = Call of Duty: Black Ops "Steam App 42710" = Call of Duty: Black Ops - Multiplayer "Steam App 43110" = Metro 2033 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamViewer 5" = TeamViewer 5 "theHunter" = theHunter (remove only) "TOU" = TOU "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.5 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "WMV9_VCM" = Microsoft Windows Media Video 9 VCM "X3-Reunion2.0.02DE_is1" = X3: Reunion v2.0.02 "Xenus 2: Áåëîå Çîëîòî_is1" = Xenus 2: Áåëîå Çîëîòî "Xfire" = Xfire (remove only) "XfireXO Toolbar" = XfireXO Toolbar "XPort 360_is1" = XPort 360 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Golos Computer) "IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22.12.2010 22:55:48 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dd8cf ID des fehlerhaften Prozesses: 0x428 Startzeit der fehlerhaften Anwendung: 0x01cba24c9d5ae0c0 Pfad der fehlerhaften Anwendung: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Berichtskennung: 249c9bf0-0e40-11e0-9784-0022684958cc Error - 22.12.2010 23:39:32 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dd8cf ID des fehlerhaften Prozesses: 0xa68 Startzeit der fehlerhaften Anwendung: 0x01cba252da25dea0 Pfad der fehlerhaften Anwendung: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Berichtskennung: 40a4e9a0-0e46-11e0-9784-0022684958cc Error - 23.12.2010 02:42:06 | Computer Name = GolosComputer | Source = Application Hang | ID = 1002 Description = Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1060 Startzeit: 01cba26c4f96fcf0 Endzeit: 60000 Anwendungspfad: C:\Program Files\Windows Media Player\wmplayer.exe Berichts-ID: 946156a1-0e5f-11e0-9784-0022684958cc Error - 23.12.2010 11:29:56 | Computer Name = GolosComputer | Source = VSS | ID = 8194 Description = Error - 24.12.2010 15:24:13 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Metro2033.exe, Version: 1.0.0.1, Zeitstempel: 0x4c7775b7 Name des fehlerhaften Moduls: Metro2033.exe, Version: 1.0.0.1, Zeitstempel: 0x4c7775b7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0048495b ID des fehlerhaften Prozesses: 0xfd4 Startzeit der fehlerhaften Anwendung: 0x01cba39f03620c60 Pfad der fehlerhaften Anwendung: C:\program files\steam\steamapps\common\metro 2033\Metro2033.exe Pfad des fehlerhaften Moduls: C:\program files\steam\steamapps\common\metro 2033\Metro2033.exe Berichtskennung: 63c14ac0-0f93-11e0-953b-0022684958cc Error - 24.12.2010 22:26:18 | Computer Name = GolosComputer | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 24.12.2010 22:27:06 | Computer Name = GolosComputer | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Users\golos computer\AppData\Local\Temp\pccompanion\Drivers\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 25.12.2010 16:18:33 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FalloutNV.exe, Version: 1.0.0.240, Zeitstempel: 0x4c9808f2 Name des fehlerhaften Moduls: FalloutNV.exe, Version: 1.0.0.240, Zeitstempel: 0x4c9808f2 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001df464 ID des fehlerhaften Prozesses: 0x9a0 Startzeit der fehlerhaften Anwendung: 0x01cba470482ba780 Pfad der fehlerhaften Anwendung: C:\Program Files\Bethesda Softworks\Fallout New Vegas\FalloutNV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Bethesda Softworks\Fallout New Vegas\FalloutNV.exe Berichtskennung: 24d984e0-1064-11e0-8e8a-0022684958cc Error - 25.12.2010 23:19:11 | Computer Name = GolosComputer | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.6.0, Zeitstempel: 0x4bb3ad56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dd8cf ID des fehlerhaften Prozesses: 0x468 Startzeit der fehlerhaften Anwendung: 0x01cba4ab40769ff0 Pfad der fehlerhaften Anwendung: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Pfad des fehlerhaften Moduls: C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe Berichtskennung: e851d870-109e-11e0-8e8a-0022684958cc Error - 25.12.2010 23:25:02 | Computer Name = GolosComputer | Source = Application Hang | ID = 1002 Description = Programm firefox.exe, Version 1.9.2.3989 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1374 Startzeit: 01cba43fe8208f70 Endzeit: 501 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe Berichts-ID: b789a2d1-109f-11e0-8e8a-0022684958cc [ System Events ] Error - 26.11.2010 14:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 15:47:37 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 16:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 17:47:37 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 18:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 19:47:37 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 20:47:38 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "SPP-Benachrichtigungsdienst" wurde mit folgendem Fehler beendet: %%5 Error - 26.11.2010 21:12:23 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen aktuellen Status gemeldet: 0 Error - 27.11.2010 09:18:08 | Computer Name = GolosComputer | Source = Application Popup | ID = 875 Description = Treiber atksgt.sys konnte nicht geladen werden. Error - 27.11.2010 09:18:08 | Computer Name = GolosComputer | Source = Service Control Manager | ID = 7000 Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 < End of report > OTL.txt OTL logfile created on: 26.12.2010 21:52:33 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Golos Computer\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,51 Gb Total Space | 136,86 Gb Free Space | 14,69% Space Free | Partition Type: NTFS Drive D: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: GOLOSCOMPUTER | User Name: Golos Computer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.12.26 21:52:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Golos Computer\Downloads\OTL.exe PRC - [2010.12.26 02:44:55 | 000,468,992 | ---- | M] (iWin software) -- C:\Users\Golos Computer\AppData\Local\Temp\ElkTBhTOiqUEWYN.exe PRC - [2010.12.11 12:21:57 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe PRC - [2010.12.11 12:21:56 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.12.08 11:55:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7.1\ICQ.exe PRC - [2010.10.01 21:41:10 | 000,619,800 | ---- | M] (hxxp://tortoisesvn.net) -- C:\Programme\Steam\steamapps\golo22\garrysmod\garrysmod\addons\bin\TSVNCache.exe PRC - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.08.02 16:09:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.07.09 20:04:34 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Programme\Xfire\Xfire.exe PRC - [2010.05.28 11:21:36 | 000,914,432 | ---- | M] (Crawler.com) -- C:\Programme\Crawler\Smileys\CSmileysH.exe PRC - [2010.05.28 07:59:16 | 002,484,176 | ---- | M] (Crawler.com) -- C:\Programme\Crawler\CToolbar.exe PRC - [2010.05.21 12:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2010.04.16 21:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe PRC - [2010.04.14 16:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) -- C:\Programme\GameTracker\GSInGameService.exe PRC - [2010.04.14 16:51:16 | 003,831,648 | ---- | M] (ClanServers Hosting LLC) -- C:\Programme\GameTracker\GTLite.exe PRC - [2010.04.12 23:46:36 | 001,135,912 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\DTLite.exe PRC - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.12.09 00:30:24 | 000,341,504 | ---- | M] (Crawler.com) -- C:\Programme\Crawler\Smileys\CSmileysIM.exe PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2009.06.18 10:04:36 | 000,772,096 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2007.02.02 16:26:44 | 000,283,136 | ---- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\FRITZWLANMini.exe ========== Modules (SafeList) ========== MOD - [2010.12.26 21:52:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Golos Computer\Downloads\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010.07.09 20:04:44 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Programme\Xfire\xfire_toucan_43094.dll MOD - [2009.07.14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.12.22 04:51:15 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.12.08 11:55:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.09.13 12:44:50 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.05.21 12:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010.04.14 16:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Programme\GameTracker\GSInGameService.exe -- (GS In-Game Service) SRV - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV) SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT) DRV - [2010.12.20 14:54:52 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.12.08 11:55:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.10.01 19:41:20 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010.10.01 19:41:19 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010.09.22 20:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss) DRV - [2010.09.13 12:44:50 | 003,100,776 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.06.16 23:15:11 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.04.03 23:55:31 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009.12.07 18:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.11.25 23:06:34 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009.06.28 08:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2009.03.25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009.03.25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009.03.25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009.03.25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009.03.25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009.03.25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009.03.25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2007.01.26 00:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB) DRV - [2007.01.26 00:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject) DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 B8 DA 55 E9 45 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com) IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Crawler Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2612669&SearchSource=13" FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6 FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0 FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2010.06.17 12:53:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.11 12:21:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 12:21:58 | 000,000,000 | ---D | M] [2010.10.19 03:38:08 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Extensions [2010.10.19 03:38:08 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2010.12.25 22:47:50 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions [2010.06.21 18:56:43 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2010.10.21 15:53:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.19 03:36:27 | 000,000,000 | ---D | M] (IMVU Inc Toolbar) -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8} [2010.06.29 05:35:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.13 00:24:26 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\battlefieldheroespatcher@ea.com [2010.12.21 17:36:26 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\bug489729@alice0775 [2010.06.17 12:53:42 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\DTToolbar@toolbarnet.com [2031.05.31 07:42:03 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\illimitux@illimitux.net [2010.10.16 11:59:41 | 000,000,000 | ---D | M] -- C:\Users\Golos Computer\AppData\Roaming\mozilla\Firefox\Profiles\maafo25v.default\extensions\toolbar@ask.com [2010.06.21 15:10:56 | 000,001,819 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\bing.xml [2010.10.12 17:21:06 | 000,000,919 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\conduit.xml [2010.06.16 23:15:42 | 000,002,059 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\daemon-search.xml [2010.12.25 15:37:50 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-1.xml [2010.12.12 12:43:34 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-10.xml [2010.07.21 20:04:52 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-2.xml [2010.07.24 22:36:04 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-3.xml [2010.09.09 04:55:12 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-4.xml [2010.09.17 14:34:43 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-5.xml [2010.10.17 01:52:10 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-6.xml [2010.10.21 15:53:36 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-7.xml [2010.10.22 19:44:12 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-8.xml [2010.10.31 09:31:24 | 000,000,950 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin-9.xml [2038.05.31 16:07:41 | 000,000,947 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Mozilla\FireFox\Profiles\maafo25v.default\searchplugins\icqplugin.xml [2010.12.25 22:47:50 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.12.10 07:07:49 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.04.01 17:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml [2010.04.01 17:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 17:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 17:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 17:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) O4 - HKLM..\Run: [CSmileys] C:\Program Files\Crawler\Smileys\CSmileysIM.exe (Crawler.com) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKCU..\Run: [CSmileys] C:\Programme\Crawler\Smileys\CSmileysIM.exe (Crawler.com) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [ElkTBhTOiqUEWYN.exe] C:\Users\GOLOSC~1\AppData\Local\Temp\ElkTBhTOiqUEWYN.exe (iWin software) O4 - HKCU..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\Golos Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\Golos Computer\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe () O4 - Startup: C:\Users\Golos Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Golos Computer\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Golos Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.02.10 02:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2010.02.10 07:21:09 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ] O32 - AutoRun File - [2010.01.31 09:21:13 | 000,367,686 | R--- | M] () - D:\Autorun.ico -- [ CDFS ] O32 - AutoRun File - [2010.02.10 03:55:03 | 009,965,568 | R--- | M] () - D:\autorun.dat -- [ CDFS ] O32 - AutoRun File - [2010.02.10 03:54:55 | 000,000,155 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{139a8d88-73a8-11df-a876-0022684958cc}\Shell - "" = AutoRun O33 - MountPoints2\{139a8d88-73a8-11df-a876-0022684958cc}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O33 - MountPoints2\{139a8d93-73a8-11df-a876-0022684958cc}\Shell - "" = AutoRun O33 - MountPoints2\{139a8d93-73a8-11df-a876-0022684958cc}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O33 - MountPoints2\{139a8d9d-73a8-11df-a876-0022684958cc}\Shell - "" = AutoRun O33 - MountPoints2\{139a8d9d-73a8-11df-a876-0022684958cc}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O33 - MountPoints2\{af7bc1f0-68ef-11df-a98c-0022684958cc}\Shell - "" = AutoRun O33 - MountPoints2\{af7bc1f0-68ef-11df-a98c-0022684958cc}\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found O33 - MountPoints2\{c7a1a0c5-b85d-11dc-a145-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c7a1a0c5-b85d-11dc-a145-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2010.02.10 02:55:59 | 000,423,304 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2038.06.03 17:37:31 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Skype [2038.06.03 17:36:02 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2038.06.03 17:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2038.06.03 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\TeamViewer [2038.06.03 17:25:11 | 000,000,000 | ---D | C] -- C:\Programme\TeamViewer [2038.06.01 23:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Crawler [2031.05.31 08:06:48 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2031.05.31 08:06:42 | 000,000,000 | ---D | C] -- C:\Programme\ICQ6Toolbar [2031.05.31 08:06:40 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information [2031.05.31 08:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2031.05.31 08:06:28 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\ICQ [2031.05.31 08:06:28 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Local\AOL [2031.05.31 08:06:25 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.1 [2031.05.31 07:51:27 | 000,000,000 | ---D | C] -- C:\cannonhill [2031.05.30 17:09:50 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\DivX [2031.05.30 17:09:46 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine [2031.05.30 17:09:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared [2031.05.30 17:08:39 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Local\Google [2031.05.30 17:08:39 | 000,000,000 | ---D | C] -- C:\Programme\Google [2031.05.30 17:08:34 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2031.05.30 17:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2031.05.28 07:39:49 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2031.05.28 05:00:47 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Clonk Rage [2031.05.28 05:00:47 | 000,000,000 | ---D | C] -- C:\Programme\Clonk Rage [2031.05.28 03:51:15 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2031.05.28 02:32:57 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\Documents\my games [2031.05.28 02:00:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2031.05.28 00:24:59 | 000,000,000 | ---D | C] -- C:\Programme\Aspyr [2031.05.27 23:40:36 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2031.05.27 23:40:34 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2031.05.27 23:40:34 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2031.05.27 23:40:31 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2031.05.27 23:40:30 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2031.05.27 23:40:30 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2031.05.27 23:40:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2031.05.27 23:40:26 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2031.05.27 23:40:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2031.05.27 23:40:26 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2031.05.27 23:40:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2031.05.27 23:40:25 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2031.05.27 11:28:20 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\ClonkRage [2031.05.27 10:59:48 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader [2031.05.27 10:58:23 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll [2031.05.27 10:58:23 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2031.05.27 10:58:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2031.05.27 10:58:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2031.05.27 10:58:13 | 000,000,000 | ---D | C] -- C:\Programme\Java [2031.05.27 09:48:30 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Macromedia [2031.05.27 09:48:30 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Adobe [2031.05.27 09:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2031.05.27 09:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2031.05.27 09:48:16 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan [2031.05.27 09:43:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2031.05.27 09:22:58 | 000,000,000 | ---D | C] -- C:\Programme\Steam [2031.05.27 09:22:58 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam [2010.12.26 21:52:01 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Golos Computer\Desktop\OTL.exe [2010.12.25 03:00:39 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Local\Sony Ericsson [2010.12.25 02:59:43 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdm.sys [2010.12.25 02:59:43 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018unic.sys [2010.12.25 02:59:43 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mgmt.sys [2010.12.25 02:59:43 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018obex.sys [2010.12.25 02:59:43 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018bus.sys [2010.12.25 02:59:43 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018nd5.sys [2010.12.25 02:59:43 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdfl.sys [2010.12.25 02:59:43 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018whnt.sys [2010.12.25 02:59:43 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018wh.sys [2010.12.25 02:59:43 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cmnt.sys [2010.12.25 02:59:43 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cm.sys [2010.12.25 02:59:43 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cr.sys [2010.12.25 02:59:41 | 000,000,000 | ---D | C] -- C:\Programme\Sony Ericsson [2010.12.25 02:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2010.12.24 07:44:04 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\Desktop\A World Of Pain [2010.12.23 16:33:40 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\Documents\4A Games [2010.12.23 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Local\4A Games [2010.12.23 07:44:57 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\vlc [2010.12.23 07:43:49 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN [2010.12.22 22:34:09 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\FDNY Pierce Fire Truck [2010.12.22 03:55:02 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Media Player Classic [2010.12.15 21:45:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.15 21:44:59 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.12.15 21:44:57 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.15 21:44:57 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.15 21:44:57 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.15 21:44:57 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.15 21:44:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.15 21:44:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.15 21:44:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.15 21:44:57 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.15 21:44:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.15 21:44:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.15 21:44:52 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.15 21:44:52 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.15 21:44:52 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.15 21:44:52 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2010.12.15 21:44:48 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.15 21:44:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.15 21:44:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2010.12.15 21:44:46 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.15 21:44:44 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.15 19:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2010.12.15 19:13:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Blizzard Entertainment [2010.12.15 19:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard [2010.12.15 18:45:51 | 000,000,000 | ---D | C] -- C:\Programme\World of Warcraft [2010.12.13 00:33:21 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\Documents\Battlefield Heroes [2010.12.12 15:50:30 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\Documents\theHunter [2010.12.12 15:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Hunter [2010.12.12 15:19:56 | 000,000,000 | ---D | C] -- C:\Programme\theHunter [2010.12.11 13:14:46 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Mael [2010.12.11 13:05:35 | 000,000,000 | ---D | C] -- C:\Programme\HxD [2010.12.10 07:07:12 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2010.12.06 12:40:45 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Avira [2010.12.06 12:36:26 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.12.06 12:36:26 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.12.06 12:36:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.12.06 12:36:25 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2010.12.06 12:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.12.04 01:53:09 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\Cryostasis [2010.12.02 22:51:58 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\K9 [2010.12.01 17:20:31 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\GtaMania.ru_Ford Focus RS '2009 [2010.11.28 18:03:01 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2010.11.28 18:03:01 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll [2010.11.28 17:31:45 | 000,000,000 | ---D | C] -- C:\Programme\Rockstar Games [2010.11.28 13:57:49 | 000,000,000 | ---D | C] -- C:\Programme\Team-NeO [2010.11.28 13:13:55 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\AppData\Roaming\Datel [2010.11.28 13:13:51 | 000,000,000 | ---D | C] -- C:\Programme\Datel [2010.11.28 13:05:24 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\uP RDR Save Creator [2010.11.27 23:19:02 | 000,000,000 | ---D | C] -- C:\Users\Golos Computer\GTA IV CRACK [2010.11.27 16:46:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2038.06.03 06:59:49 | 147,114,166 | ---- | M] () -- C:\Users\Golos Computer\otuGVSCLAtK.480.flv [2038.05.31 20:41:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2031.05.31 08:06:50 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.1.lnk [2031.05.27 11:13:00 | 050,091,807 | ---- | M] () -- C:\Users\Golos Computer\ClonkRage.rar [2031.05.27 10:58:14 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll [2031.05.27 10:58:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2031.05.27 10:58:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2031.05.27 10:58:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2031.05.27 09:48:16 | 000,001,882 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2031.05.27 09:27:02 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.12.26 21:55:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.12.26 21:52:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Golos Computer\Desktop\OTL.exe [2010.12.26 21:49:19 | 000,000,888 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2010.12.26 20:48:08 | 000,020,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 20:48:08 | 000,020,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 18:48:08 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.12.26 18:46:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.26 18:46:32 | 2616,635,392 | -HS- | M] () -- C:\hiberfil.sys [2010.12.25 23:59:21 | 000,138,416 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.12.25 23:59:13 | 000,270,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2010.12.25 23:57:38 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2010.12.25 22:47:08 | 000,664,396 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.12.25 22:47:08 | 000,624,578 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.25 22:47:08 | 000,134,564 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.12.25 22:47:08 | 000,110,216 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.25 22:15:41 | 000,064,887 | ---- | M] () -- C:\Users\Golos Computer\Desktop\bigstockphoto_Sports_Referee_3654200.jpg [2010.12.25 19:53:00 | 000,000,492 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Golos Computer.job [2010.12.25 17:39:54 | 002,435,082 | ---- | M] () -- C:\Users\Golos Computer\DSC00005.JPG [2010.12.25 08:13:23 | 213,779,396 | ---- | M] () -- C:\Users\Golos Computer\x9NkhK0x5ao.480.flv [2010.12.25 02:59:43 | 000,002,210 | ---- | M] () -- C:\Users\Golos Computer\Sony Ericsson PC Companion 1.5.lnk [2010.12.24 06:44:50 | 281,909,109 | R--- | M] () -- C:\Users\Golos Computer\Desktop\kleidungsmod new vegas einfügen.rar [2010.12.23 16:24:05 | 000,000,215 | ---- | M] () -- C:\Users\Golos Computer\Desktop\Metro 2033.url [2010.12.23 07:44:01 | 000,001,024 | ---- | M] () -- C:\Users\Golos Computer\VLC media player.lnk [2010.12.22 03:50:51 | 105,796,265 | R--- | M] () -- C:\Users\Golos Computer\sexo-ham-ninakortney-101207-sample.wmv [2010.12.20 18:29:26 | 000,135,103 | ---- | M] () -- C:\Users\Golos Computer\ken-block-ford-fiesta-xgames-394s.jpg [2010.12.20 18:28:56 | 000,751,107 | ---- | M] () -- C:\Users\Golos Computer\ken_block_rally_fiesta.jpg [2010.12.20 18:26:45 | 000,303,790 | ---- | M] () -- C:\Users\Golos Computer\ken_block_ford_fiesta_images_001.jpg [2010.12.20 18:26:26 | 000,066,825 | ---- | M] () -- C:\Users\Golos Computer\ken_block_gymkhana_three_3_ford_fiesta.jpg [2010.12.20 14:54:52 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.12.16 12:35:03 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.12.14 14:40:27 | 000,138,056 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\PnkBstrK.sys [2010.12.13 17:33:18 | 000,013,508 | ---- | M] () -- C:\Users\Golos Computer\69935_rubbel_die_katz-medium.jpg [2010.12.13 17:30:56 | 000,239,559 | ---- | M] () -- C:\Users\Golos Computer\fat-kid.jpg [2010.12.13 17:29:39 | 000,080,885 | ---- | M] () -- C:\Users\Golos Computer\Fat boy.jpg [2010.12.13 16:16:47 | 000,000,042 | ---- | M] () -- C:\Users\Golos Computer\AppData\Roaming\TheHunterSettings_live.cfg [2010.12.13 00:32:41 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe [2010.12.11 13:05:35 | 000,000,851 | ---- | M] () -- C:\Users\Golos Computer\HxD.lnk [2010.12.10 07:33:19 | 001,170,527 | ---- | M] () -- C:\Users\Golos Computer\ISMFOF - BeautyIsInTheEyesOfABeerholder.mp3 [2010.12.09 01:50:33 | 000,001,147 | ---- | M] () -- C:\Users\Golos Computer\shoot2.gif [2010.12.08 22:57:38 | 000,177,696 | ---- | M] () -- C:\Users\Golos Computer\Fortune Arterial 2.jpg [2010.12.08 22:56:59 | 000,158,897 | ---- | M] () -- C:\Users\Golos Computer\Fortune Arterial cosplay.jpg [2010.12.08 21:35:02 | 000,004,972 | ---- | M] () -- C:\Users\Golos Computer\6-db828115a2b1fe30.jpg [2010.12.08 20:27:05 | 000,115,980 | ---- | M] () -- C:\Users\Golos Computer\49bce6f9_fortune arterial 10.jpg [2010.12.08 14:49:15 | 000,029,034 | ---- | M] () -- C:\Users\Golos Computer\deinemutteruwfckbrz.jpg [2010.12.08 11:55:59 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.12.06 12:36:33 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.12.06 09:28:22 | 021,407,964 | R--- | M] () -- C:\Users\Golos Computer\www.pbtv.de-paintball-save-paintball-2009.mp4 [2010.12.05 20:40:34 | 000,007,314 | -HS- | M] () -- C:\Users\Golos Computer\Desktop\Folder.jpg [2010.12.05 20:40:34 | 000,007,314 | -HS- | M] () -- C:\Users\Golos Computer\Desktop\AlbumArt_{45177A46-00E4-4A6F-928A-3328491B456C}_Large.jpg [2010.12.05 20:40:34 | 000,002,028 | -HS- | M] () -- C:\Users\Golos Computer\Desktop\AlbumArtSmall.jpg [2010.12.05 20:40:34 | 000,002,028 | -HS- | M] () -- C:\Users\Golos Computer\Desktop\AlbumArt_{45177A46-00E4-4A6F-928A-3328491B456C}_Small.jpg [2010.12.05 00:44:57 | 164,958,595 | ---- | M] () -- C:\Users\Golos Computer\OBHiPws4Dl8.480.flv [2010.12.03 16:03:27 | 000,027,729 | ---- | M] () -- C:\Users\Golos Computer\ken-blocks-gymkhana-three-ford-fiesta-suggested-3.jpg [2010.12.03 16:01:13 | 000,043,439 | ---- | M] () -- C:\Users\Golos Computer\53375d62174cb242df90068480f562da.jpg [2010.12.03 15:57:01 | 000,094,090 | ---- | M] () -- C:\Users\Golos Computer\Ken-Block-Gymkhana-Fiesta-fq-690x459.jpg [2010.12.03 14:24:08 | 000,023,040 | ---- | M] () -- C:\Users\Golos Computer\Thurv1.doc [2010.12.01 17:13:42 | 002,250,303 | R--- | M] () -- C:\Users\Golos Computer\1274197562_MIT_EVO_X_08.rar [2010.11.30 00:36:23 | 732,956,672 | R--- | M] () -- C:\Users\Golos Computer\Gridlock'd 2pacpt1.avi [2010.11.29 01:16:19 | 000,053,193 | ---- | M] () -- C:\Users\Golos Computer\museum-of-wax-figures18.jpg [2010.11.28 18:03:01 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2010.11.28 18:03:01 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll [2010.11.28 17:57:32 | 000,002,142 | ---- | M] () -- C:\Users\Golos Computer\Grand Theft Auto IV.lnk [2010.11.28 13:13:51 | 000,001,017 | ---- | M] () -- C:\Users\Golos Computer\XPort 360.lnk [2010.11.28 13:05:11 | 000,110,592 | ---- | M] () -- C:\Users\Golos Computer\RDR2MPSAVE.SAV [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2038.06.03 06:27:36 | 147,114,166 | ---- | C] () -- C:\Users\Golos Computer\otuGVSCLAtK.480.flv [2038.05.31 20:41:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2031.05.31 08:06:50 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.1.lnk [2031.05.30 17:08:44 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2031.05.30 17:08:44 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2031.05.28 03:50:37 | 000,053,551 | ---- | C] () -- C:\Windows\Professional.xml [2031.05.27 11:28:27 | 050,091,807 | ---- | C] () -- C:\Users\Golos Computer\ClonkRage.rar [2031.05.27 09:48:16 | 000,001,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2031.05.27 09:22:58 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.12.25 22:15:38 | 000,064,887 | ---- | C] () -- C:\Users\Golos Computer\Desktop\bigstockphoto_Sports_Referee_3654200.jpg [2010.12.25 17:45:56 | 002,435,082 | ---- | C] () -- C:\Users\Golos Computer\DSC00005.JPG [2010.12.25 07:41:35 | 213,779,396 | ---- | C] () -- C:\Users\Golos Computer\x9NkhK0x5ao.480.flv [2010.12.25 02:59:43 | 000,002,210 | ---- | C] () -- C:\Users\Golos Computer\Sony Ericsson PC Companion 1.5.lnk [2010.12.24 07:43:50 | 281,909,109 | R--- | C] () -- C:\Users\Golos Computer\Desktop\kleidungsmod new vegas einfügen.rar [2010.12.23 16:24:05 | 000,000,215 | ---- | C] () -- C:\Users\Golos Computer\Desktop\Metro 2033.url [2010.12.23 07:44:01 | 000,001,024 | ---- | C] () -- C:\Users\Golos Computer\VLC media player.lnk [2010.12.23 04:36:07 | 000,639,167 | ---- | C] () -- C:\Users\Golos Computer\firetruk.wft [2010.12.23 04:36:07 | 000,604,851 | ---- | C] () -- C:\Users\Golos Computer\firetruk.wtd [2010.12.22 03:50:51 | 105,796,265 | R--- | C] () -- C:\Users\Golos Computer\sexo-ham-ninakortney-101207-sample.wmv [2010.12.20 18:29:26 | 000,135,103 | ---- | C] () -- C:\Users\Golos Computer\ken-block-ford-fiesta-xgames-394s.jpg [2010.12.20 18:28:55 | 000,751,107 | ---- | C] () -- C:\Users\Golos Computer\ken_block_rally_fiesta.jpg [2010.12.20 18:26:44 | 000,303,790 | ---- | C] () -- C:\Users\Golos Computer\ken_block_ford_fiesta_images_001.jpg [2010.12.20 18:26:25 | 000,066,825 | ---- | C] () -- C:\Users\Golos Computer\ken_block_gymkhana_three_3_ford_fiesta.jpg [2010.12.19 20:42:02 | 001,241,512 | ---- | C] () -- C:\Users\Golos Computer\sultanrs.wtd [2010.12.19 20:42:01 | 002,178,598 | ---- | C] () -- C:\Users\Golos Computer\sultanrs.wft [2010.12.18 02:57:52 | 004,699,163 | ---- | C] () -- C:\Users\Golos Computer\noose.wft [2010.12.18 02:57:52 | 001,391,948 | ---- | C] () -- C:\Users\Golos Computer\noose.wtd [2010.12.13 17:33:17 | 000,013,508 | ---- | C] () -- C:\Users\Golos Computer\69935_rubbel_die_katz-medium.jpg [2010.12.13 17:30:55 | 000,239,559 | ---- | C] () -- C:\Users\Golos Computer\fat-kid.jpg [2010.12.13 17:29:38 | 000,080,885 | ---- | C] () -- C:\Users\Golos Computer\Fat boy.jpg [2010.12.13 00:32:41 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe [2010.12.12 15:50:24 | 000,000,042 | ---- | C] () -- C:\Users\Golos Computer\AppData\Roaming\TheHunterSettings_live.cfg [2010.12.11 13:05:35 | 000,000,851 | ---- | C] () -- C:\Users\Golos Computer\HxD.lnk [2010.12.10 07:33:19 | 001,170,527 | ---- | C] () -- C:\Users\Golos Computer\ISMFOF - BeautyIsInTheEyesOfABeerholder.mp3 [2010.12.09 01:50:32 | 000,001,147 | ---- | C] () -- C:\Users\Golos Computer\shoot2.gif [2010.12.08 22:57:37 | 000,177,696 | ---- | C] () -- C:\Users\Golos Computer\Fortune Arterial 2.jpg [2010.12.08 22:56:58 | 000,158,897 | ---- | C] () -- C:\Users\Golos Computer\Fortune Arterial cosplay.jpg [2010.12.08 21:35:01 | 000,004,972 | ---- | C] () -- C:\Users\Golos Computer\6-db828115a2b1fe30.jpg [2010.12.08 20:27:03 | 000,115,980 | ---- | C] () -- C:\Users\Golos Computer\49bce6f9_fortune arterial 10.jpg [2010.12.08 14:49:14 | 000,029,034 | ---- | C] () -- C:\Users\Golos Computer\deinemutteruwfckbrz.jpg [2010.12.06 12:36:33 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.12.06 09:28:22 | 021,407,964 | R--- | C] () -- C:\Users\Golos Computer\www.pbtv.de-paintball-save-paintball-2009.mp4 [2010.12.06 08:52:05 | 000,023,040 | ---- | C] () -- C:\Users\Golos Computer\Thurv1.doc [2010.12.05 20:40:34 | 000,007,314 | -HS- | C] () -- C:\Users\Golos Computer\Desktop\AlbumArt_{45177A46-00E4-4A6F-928A-3328491B456C}_Large.jpg [2010.12.05 20:40:34 | 000,002,028 | -HS- | C] () -- C:\Users\Golos Computer\Desktop\AlbumArt_{45177A46-00E4-4A6F-928A-3328491B456C}_Small.jpg [2010.12.05 05:02:20 | 000,000,000 | ---- | C] () -- C:\Users\Golos Computer\Tigerland cd2 24 min.txt [2010.12.05 00:22:20 | 164,958,595 | ---- | C] () -- C:\Users\Golos Computer\OBHiPws4Dl8.480.flv [2010.12.03 16:03:26 | 000,027,729 | ---- | C] () -- C:\Users\Golos Computer\ken-blocks-gymkhana-three-ford-fiesta-suggested-3.jpg [2010.12.03 16:01:12 | 000,043,439 | ---- | C] () -- C:\Users\Golos Computer\53375d62174cb242df90068480f562da.jpg [2010.12.03 15:56:59 | 000,094,090 | ---- | C] () -- C:\Users\Golos Computer\Ken-Block-Gymkhana-Fiesta-fq-690x459.jpg [2010.12.01 17:20:15 | 002,250,303 | R--- | C] () -- C:\Users\Golos Computer\1274197562_MIT_EVO_X_08.rar [2010.11.30 00:36:23 | 732,956,672 | R--- | C] () -- C:\Users\Golos Computer\Gridlock'd 2pacpt1.avi [2010.11.29 01:16:17 | 000,053,193 | ---- | C] () -- C:\Users\Golos Computer\museum-of-wax-figures18.jpg [2010.11.28 17:57:32 | 000,002,142 | ---- | C] () -- C:\Users\Golos Computer\Grand Theft Auto IV.lnk [2010.11.28 13:13:51 | 000,001,017 | ---- | C] () -- C:\Users\Golos Computer\XPort 360.lnk [2010.11.28 13:05:07 | 000,110,592 | ---- | C] () -- C:\Users\Golos Computer\RDR2MPSAVE.SAV [2010.11.27 23:09:29 | 000,081,920 | ---- | C] () -- C:\Users\Golos Computer\xlive.dll [2010.10.14 01:37:41 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.10.02 17:18:39 | 000,157,184 | -HS- | C] () -- C:\Windows\System32\SCS.dll [2010.10.02 17:18:39 | 000,113,152 | -HS- | C] () -- C:\Windows\System32\SCX.dll [2010.10.01 19:41:20 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.10.01 19:41:19 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.09.11 11:31:34 | 000,000,292 | ---- | C] () -- C:\Windows\vtmb.ini [2010.09.11 07:04:16 | 000,000,000 | R--- | C] () -- C:\Users\Golos Computer\AppData\Roaming\I11Em.txt [2010.08.30 15:20:55 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010.08.30 15:20:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010.08.30 15:20:53 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010.08.30 15:20:53 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.08.30 15:20:52 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010.08.10 05:09:11 | 000,000,000 | ---- | C] () -- C:\Windows\Aion Screensaver_õÁ·.ini [2010.07.29 05:06:21 | 000,018,432 | ---- | C] () -- C:\Users\Golos Computer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.24 01:03:30 | 000,000,102 | ---- | C] () -- C:\Users\Golos Computer\AppData\Local\fusioncache.dat [2010.07.16 15:08:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010.07.09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.07.05 19:38:13 | 000,028,672 | ---- | C] () -- C:\Windows\System32\death.dll [2010.06.20 21:12:38 | 000,138,416 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.06.20 21:12:38 | 000,138,056 | ---- | C] () -- C:\Users\Golos Computer\AppData\Roaming\PnkBstrK.sys [2010.06.16 23:15:11 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010.06.12 12:24:37 | 000,706,566 | ---- | C] () -- C:\Programme\unins000.exe [2010.06.12 12:24:37 | 000,009,383 | ---- | C] () -- C:\Programme\unins000.dat [2010.06.11 15:30:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.07.14 00:11:12 | 000,000,392 | R-S- | C] () -- C:\Users\Golos Computer\AppData\Roaming\usernt.dat [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Files - Unicode (All) ========== [2010.06.29 05:37:49 | 003,149,824 | ---- | M] ()(C:\Users\Golos Computer\Bruce Willis Love Makes The World Go Around ?.mp3) -- C:\Users\Golos Computer\Bruce Willis Love Makes The World Go Around ?.mp3 [2010.06.23 13:28:09 | 000,000,000 | ---D | M](C:\Users\Golos Computer\Documents\?? ???) -- C:\Users\Golos Computer\Documents\?? ??? [2010.06.23 13:28:09 | 000,000,000 | ---D | C](C:\Users\Golos Computer\Documents\?? ???) -- C:\Users\Golos Computer\Documents\?? ??? < End of report > |
|
27.12.2010, 13:20
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/Crypt.zPACK.GenZitat:
Für Dich geht es hier weiter => Neuaufsetzen des Systems Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken. Danach nie wieder sowas anrühren!
__________________ |
|
| Themen zu TR/Crypt.zPACK.Gen |
| 2.0.7, 32 bit, ?????, autorun, avgntflt.sys, avira, bho, black, call of duty, computer, conduit, converter, corp./icp, desktop, disabletaskmgr, error, firefox.exe, flash player, focus, fontcache, format, google, google chrome, grand theft auto, home, install.exe, installation, jdownloader, langs, location, logfile, metro, mozilla, mp3, nicht gefunden, nvlddmkm.sys, nvstor.sys, oldtimer, plug-in, popup, programdata, programm, registry, rundll, saver, scan, searchplugins, security, security scan, shell32.dll, software, sptd.sys, start menu, stick, teamspeak, vlc media player, webcheck, windows, world at war |
Linear-Darstellung
