Code:
OTL logfile created on: 01.04.2012 15:02:04 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Krush\Desktop\Virus
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 5,29 Gb Available Physical Memory | 88,23% Memory free
11,98 Gb Paging File | 11,31 Gb Available in Paging File | 94,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1863,01 Gb Total Space | 1155,40 Gb Free Space | 62,02% Space Free | Partition Type: NTFS
Drive D: | 366,76 Gb Total Space | 81,78 Gb Free Space | 22,30% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 15,61 Gb Free Space | 6,70% Space Free | Partition Type: NTFS
Drive F: | 550,10 Gb Total Space | 110,03 Gb Free Space | 20,00% Space Free | Partition Type: NTFS
Drive L: | 3,73 Gb Total Space | 3,42 Gb Free Space | 91,75% Space Free | Partition Type: FAT32
Computer Name: KRUSH-PC | User Name: Krush | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.01 14:59:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Krush\Desktop\Virus\OTL(2).exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.03.21 20:51:40 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.26 15:57:31 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.09.08 10:45:10 | 001,034,752 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010.09.08 10:44:42 | 000,485,376 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010.09.08 10:42:42 | 000,288,256 | ---- | M] (WDC) [Auto | Stopped] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010.03.28 16:47:30 | 000,246,520 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2007.05.31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.02.15 21:10:29 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.10.11 15:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.26 17:43:16 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.01.26 17:43:14 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.04.28 01:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.28 01:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.28 01:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 23:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 23:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.03.10 16:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.13 11:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb121?a=6OyxxPhTTL&i=26
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 60 2D 25 B5 29 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb121/?search={searchTerms}&loc=IB_DS&a=6OyxxPhTTL&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb121?a=6OyxxPhTTL&i=26"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.9.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:3.0.1.0
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..extensions.enabledItems: crossriderapp2258@crossrider.com:0.80.26
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb121/?loc=IB_DS&a=6OyxxPhTTL&&i=26&search="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Krush\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.02.16 23:11:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.02.16 23:11:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Krush\AppData\Roaming\01015 [2012.03.16 20:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.12 13:54:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.21 11:26:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Krush\AppData\Roaming\01015 [2012.03.16 20:20:12 | 000,000,000 | ---D | M]
[2010.07.22 20:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krush\AppData\Roaming\mozilla\Extensions
[2012.04.01 14:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krush\AppData\Roaming\mozilla\Firefox\Profiles\960ajwla.default\extensions
[2012.01.03 14:55:14 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Krush\AppData\Roaming\mozilla\Firefox\Profiles\960ajwla.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.01.09 10:38:22 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Krush\AppData\Roaming\mozilla\Firefox\Profiles\960ajwla.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.14 14:12:12 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Krush\AppData\Roaming\mozilla\Firefox\Profiles\960ajwla.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.01 14:04:44 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\Krush\AppData\Roaming\mozilla\Firefox\Profiles\960ajwla.default\extensions\crossriderapp2258@crossrider.com
[2012.04.01 14:04:52 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Krush\AppData\Roaming\mozilla\Firefox\Profiles\960ajwla.default\extensions\ffxtlbr@incredibar.com
[2012.03.28 19:08:57 | 000,001,056 | ---- | M] () -- C:\Users\Krush\AppData\Roaming\Mozilla\Firefox\Profiles\960ajwla.default\searchplugins\icqplugin.xml
[2012.04.01 14:04:49 | 000,002,203 | ---- | M] () -- C:\Users\Krush\AppData\Roaming\Mozilla\Firefox\Profiles\960ajwla.default\searchplugins\MyStart Search.xml
[2012.04.01 14:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.01.05 19:07:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.05.22 09:40:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.10.20 23:16:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.02.16 23:11:27 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.02.16 23:11:27 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2012.03.16 20:20:12 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\KRUSH\APPDATA\ROAMING\01015
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.14 00:04:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.14 00:04:04 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.14 00:04:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.14 00:04:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.14 00:04:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX HiQ = C:\Users\Krush\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Krush\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKCU..\Run: [] C:\Users\Krush\AppData\Local\Temp\ch8l0.exe ()
O4 - HKCU..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [SecureBanking] C:\Program Files (x86)\Secure Banking\v1.4\SecureBanking.exe (Secure Banking)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Krush\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Krush\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A53F46AD-91FF-480D-913A-EB30777AF679}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7217751e-95a3-11df-91af-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7217751e-95a3-11df-91af-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Start.exe
O33 - MountPoints2\{7b9c8cde-cbd2-11df-989c-0022684c3c9c}\Shell - "" = AutoRun
O33 - MountPoints2\{7b9c8cde-cbd2-11df-989c-0022684c3c9c}\Shell\AutoRun\command - "" = "L:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{7b9c8d11-cbd2-11df-989c-0022684c3c9c}\Shell - "" = AutoRun
O33 - MountPoints2\{7b9c8d11-cbd2-11df-989c-0022684c3c9c}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.04.01 14:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Incredibar.com
[2012.04.01 14:04:44 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Local\I Want This
[2012.04.01 14:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\I Want This
[2012.04.01 14:04:40 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uncompressor
[2012.04.01 14:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uncompressor
[2012.04.01 11:53:13 | 000,000,000 | ---D | C] -- C:\Users\Krush\Desktop\Virus
[2012.03.19 00:06:42 | 000,000,000 | ---D | C] -- C:\Users\Krush\Documents\SimCity 4
[2012.03.18 17:37:52 | 000,000,000 | ---D | C] -- C:\Users\Krush\Documents\SHIFT 2 UNLEASHED
[2012.03.17 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\DarknessIIDemo
[2012.03.17 17:50:13 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Industriegigant 2- Demo
[2012.03.17 16:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secure Banking
[2012.03.16 20:20:12 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\01015
[2012.03.16 20:20:02 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\xmldm
[2012.03.16 20:20:01 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\kock
[2012.03.11 21:47:52 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Roaming\BigHugeEngine
[2012.03.11 21:20:08 | 000,000,000 | ---D | C] -- C:\Users\Krush\Desktop\Garmin laufuhr
[2012.03.11 13:09:37 | 000,000,000 | ---D | C] -- C:\Users\Krush\AppData\Local\Garmin
[2012.03.05 01:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdoms of Amalur Reckoning - Demo
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Krush\AppData\Roaming\*.tmp files -> C:\Users\Krush\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.04.01 14:04:54 | 000,000,447 | ---- | M] () -- C:\user.js
[2012.04.01 14:04:40 | 000,001,061 | ---- | M] () -- C:\Users\Krush\Desktop\Uncompressor.lnk
[2012.04.01 14:03:16 | 001,776,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.01 14:03:16 | 000,763,140 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.04.01 14:03:16 | 000,706,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.01 14:03:16 | 000,170,258 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.04.01 14:03:16 | 000,138,532 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.01 13:33:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.01 13:32:58 | 529,928,191 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.01 13:32:03 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.01 13:32:03 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.01 13:24:44 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.01 11:54:03 | 000,000,000 | ---- | M] () -- C:\Users\Krush\defogger_reenable
[2012.04.01 11:08:25 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.01 09:41:18 | 285,686,398 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.03.31 19:09:25 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.03.31 19:09:25 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.03.31 11:48:06 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.03.30 20:10:45 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.03.23 21:20:35 | 000,208,176 | ---- | M] () -- C:\Users\Krush\Desktop\Rechnung simcity Origin.xps
[2012.03.23 21:14:21 | 000,168,662 | ---- | M] () -- C:\Users\Krush\Desktop\Wetterstation für Windrad.xps
[2012.03.17 17:50:13 | 000,001,169 | ---- | M] () -- C:\Users\Krush\Desktop\IndustrieGigant 2 - Demo.lnk
[2012.03.17 17:16:28 | 000,007,647 | ---- | M] () -- C:\Users\Krush\AppData\Local\Resmon.ResmonCfg
[2012.03.16 20:22:14 | 000,000,016 | ---- | M] () -- C:\Users\Krush\AppData\Roaming\blckdom.res
[2012.03.14 21:01:54 | 000,001,057 | ---- | M] () -- C:\Users\Krush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.4988229586092411.exe.lnk
[2012.03.14 21:01:50 | 000,001,063 | ---- | M] () -- C:\Users\Krush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.7197944704608805h7i.exe.lnk
[2012.03.14 04:20:06 | 000,413,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.10 12:34:32 | 000,110,483 | ---- | M] () -- C:\Users\Krush\Desktop\muskelaufbau-trainingsplan-1.pdf
[2012.03.05 01:34:10 | 000,001,370 | ---- | M] () -- C:\Users\Public\Desktop\Kingdoms of Amalur Reckoning - Demo.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Krush\AppData\Roaming\*.tmp files -> C:\Users\Krush\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.01 14:04:53 | 000,000,447 | ---- | C] () -- C:\user.js
[2012.04.01 14:04:40 | 000,001,061 | ---- | C] () -- C:\Users\Krush\Desktop\Uncompressor.lnk
[2012.04.01 11:54:03 | 000,000,000 | ---- | C] () -- C:\Users\Krush\defogger_reenable
[2012.03.23 21:20:34 | 000,208,176 | ---- | C] () -- C:\Users\Krush\Desktop\Rechnung simcity Origin.xps
[2012.03.23 21:14:20 | 000,168,662 | ---- | C] () -- C:\Users\Krush\Desktop\Wetterstation für Windrad.xps
[2012.03.17 17:50:13 | 000,001,169 | ---- | C] () -- C:\Users\Krush\Desktop\IndustrieGigant 2 - Demo.lnk
[2012.03.16 20:20:08 | 000,000,016 | ---- | C] () -- C:\Users\Krush\AppData\Roaming\blckdom.res
[2012.03.14 21:01:54 | 000,001,057 | ---- | C] () -- C:\Users\Krush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.4988229586092411.exe.lnk
[2012.03.14 21:01:50 | 000,001,063 | ---- | C] () -- C:\Users\Krush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.7197944704608805h7i.exe.lnk
[2012.03.10 12:34:32 | 000,110,483 | ---- | C] () -- C:\Users\Krush\Desktop\muskelaufbau-trainingsplan-1.pdf
[2012.03.05 01:34:10 | 000,001,370 | ---- | C] () -- C:\Users\Public\Desktop\Kingdoms of Amalur Reckoning - Demo.lnk
[2012.02.01 11:57:10 | 000,153,088 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2011.12.30 15:47:33 | 000,007,647 | ---- | C] () -- C:\Users\Krush\AppData\Local\Resmon.ResmonCfg
[2011.12.25 13:48:12 | 000,000,043 | ---- | C] () -- C:\Users\Krush\AppData\Roaming\TheHunterSettings_live.cfg
[2011.11.21 10:34:35 | 000,000,000 | ---- | C] () -- C:\Users\Krush\AppData\Local\{F0559998-0887-4608-BDC2-1C78301EF2C6}
[2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.05.15 05:14:49 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.02.19 12:23:12 | 001,661,884 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.29 14:24:57 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.29 14:24:56 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.01.29 12:40:53 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.12.19 11:34:19 | 000,039,605 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010.08.02 17:55:08 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.07.26 19:59:15 | 000,045,227 | ---- | C] () -- C:\Windows\War3Unin.dat
========== LOP Check ==========
[2011.04.23 10:30:57 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\.minecraft
[2012.03.16 20:20:12 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\01015
[2012.03.11 21:47:52 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\BigHugeEngine
[2011.07.24 11:05:26 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Bioshock2
[2012.03.17 21:07:34 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\DarknessIIDemo
[2010.08.14 14:12:11 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.11 13:09:37 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Garmin
[2011.07.10 21:52:17 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\ICQ
[2012.03.16 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\kock
[2011.01.06 15:29:45 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Leadertech
[2011.01.22 14:52:54 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Minecraft Backup Tool
[2010.07.25 20:28:12 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Mount&Blade Warband
[2011.07.16 22:28:45 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Mount&Blade With Fire and Sword
[2012.01.21 16:06:51 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Need for Speed World
[2011.12.27 14:10:54 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Origin
[2012.02.22 15:03:04 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\ProtectDisc
[2011.11.20 10:02:38 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\TS3Client
[2012.01.09 00:18:58 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Ubisoft
[2010.09.18 17:39:58 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\uTorrent
[2011.07.24 13:57:01 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\wargaming.net
[2010.09.29 22:26:36 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\Western Digital
[2012.03.16 20:20:02 | 000,000,000 | ---D | M] -- C:\Users\Krush\AppData\Roaming\xmldm
[2012.03.09 14:50:16 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Und hier das OTL Extras Logfile Code:
OTL Extras logfile created on: 01.04.2012 15:02:04 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Krush\Desktop\Virus
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 5,29 Gb Available Physical Memory | 88,23% Memory free
11,98 Gb Paging File | 11,31 Gb Available in Paging File | 94,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1863,01 Gb Total Space | 1155,40 Gb Free Space | 62,02% Space Free | Partition Type: NTFS
Drive D: | 366,76 Gb Total Space | 81,78 Gb Free Space | 22,30% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 15,61 Gb Free Space | 6,70% Space Free | Partition Type: NTFS
Drive F: | 550,10 Gb Total Space | 110,03 Gb Free Space | 20,00% Space Free | Partition Type: NTFS
Drive L: | 3,73 Gb Total Space | 3,42 Gb Free Space | 91,75% Space Free | Partition Type: FAT32
Computer Name: KRUSH-PC | User Name: Krush | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{639673E9-D53F-44F4-A046-485C8A6ADA16}" = Paint.NET v3.5.6
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6F482C75-174D-42EB-A2CF-B00A1F354F7B}" = WD SmartWare
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"sp6" = Logitech SetPoint 6.20
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028BB5A9-6385-4CF6-A6FF-D512D5015DBA}" = Garmin Lifetime Updater
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{1B0FBB9A-995D-47CD-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 29
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3CD5832D-13D9-4751-8B22-3A7D3F4ACA42}" = Quake Live Mozilla Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{50C913B1-A091-48B8-A434-6C9670284888}" = Garmin Training Center
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5A7A96D2-B123-470F-BE6D-2C6570FC4FF0}" = WD Software Upgrader
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Kingdoms of Amalur: Reckoning - Demo
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89247EDA-8288-49CE-A0CA-5EBC17D71031}" = Nero 7 Premium
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1683CA7-4850-4A21-982B-C6D853C79AF7}" = Mass Effect™ 3 Demo
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{CCB71FF8-DE82-469C-8641-44378F4443EB}" = Garmin WebUpdater
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye" = BattlEye Uninstall
"DeskTopDyno5 Engine Simulation v.5.01.0929" = DeskTopDyno5 Engine Simulation v.5.01.0929
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Google Chrome" = Google Chrome
"HP iPAQ Setup-Assistent" = HP iPAQ Setup-Assistent v1.2.16.0
"I Want This" = I Want This
"ICQToolbar" = ICQ Toolbar
"incredibar" = Incredibar Toolbar on IE
"IndustrieGigant 2- Demo " = IndustrieGigant 2- Demo
"mIRC" = mIRC
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 220" = Half-Life 2
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 22380" = Fallout: New Vegas
"Steam App 22480" = GECK - New Vegas Edition
"Steam App 33230" = Assassin's Creed II
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 48720" = Mount & Blade: With Fire and Sword
"Steam App 50130" = Mafia II
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8850" = BioShock 2
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
"Uncompressor" = Uncompressor
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.03.2012 18:52:31 | Computer Name = Krush-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4f28cccc Ausnahmecode: 0xc0000005 Fehleroffset: 0x5f94f1c9
ID
des fehlerhaften Prozesses: 0x6f8 Startzeit der fehlerhaften Anwendung: 0x01cd0479157f6606
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\steiger_georg\day
of defeat source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
e020a680-7083-11e1-bd3d-0022684c3c9c
Error - 18.03.2012 08:10:49 | Computer Name = Krush-PC | Source = Application Hang | ID = 1002
Description = Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: cf0 Startzeit:
01cd04fba939ff45 Endzeit: 170 Anwendungspfad: c:\program files (x86)\steam\steamapps\steiger_georg\day
of defeat source\hl2.exe Berichts-ID:
Error - 18.03.2012 08:49:07 | Computer Name = Krush-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4f28cccc Ausnahmecode: 0xc0000005 Fehleroffset: 0x5a7df1c9
ID
des fehlerhaften Prozesses: 0x1534 Startzeit der fehlerhaften Anwendung: 0x01cd050029e1bdaf
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\steiger_georg\day
of defeat source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
bfc76f4e-70f8-11e1-abc0-0022684c3c9c
Error - 18.03.2012 13:37:20 | Computer Name = Krush-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: shift2u.exe, Version: 1.0.0.0, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: shift2u.exe, Version: 1.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x005009fe ID des fehlerhaften Prozesses:
0x152c Startzeit der fehlerhaften Anwendung: 0x01cd051e6f6e6c22 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Origin Games\SHIFT 2 UNLEASHED\shift2u.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Origin Games\SHIFT 2 UNLEASHED\shift2u.exe
Berichtskennung:
02d4caa8-7121-11e1-abc0-0022684c3c9c
Error - 18.03.2012 13:42:46 | Computer Name = Krush-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: shift2u.exe, Version: 1.0.0.0, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: shift2u.exe, Version: 1.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004d69c0 ID des fehlerhaften Prozesses:
0x1730 Startzeit der fehlerhaften Anwendung: 0x01cd052dccc3ee64 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Origin Games\SHIFT 2 UNLEASHED\shift2u.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Origin Games\SHIFT 2 UNLEASHED\shift2u.exe
Berichtskennung:
c500608e-7121-11e1-abc0-0022684c3c9c
Error - 18.03.2012 13:59:26 | Computer Name = Krush-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: shift2u.exe, Version: 1.0.2.0, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: shift2u.exe, Version: 1.0.2.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0077067e ID des fehlerhaften Prozesses:
0x17e0 Startzeit der fehlerhaften Anwendung: 0x01cd052f412d1c3a Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Origin Games\SHIFT 2 UNLEASHED\shift2u.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Origin Games\SHIFT 2 UNLEASHED\shift2u.exe
Berichtskennung:
19350a87-7124-11e1-abc0-0022684c3c9c
Error - 18.03.2012 17:09:44 | Computer Name = Krush-PC | Source = VSS | ID = 12305
Description =
Error - 18.03.2012 19:25:36 | Computer Name = Krush-PC | Source = VSS | ID = 12305
Description =
Error - 18.03.2012 19:25:37 | Computer Name = Krush-PC | Source = System Restore | ID = 8193
Description =
Error - 18.03.2012 19:25:37 | Computer Name = Krush-PC | Source = System Restore | ID = 8211
Description =
[ Media Center Events ]
Error - 06.03.2011 03:52:22 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 08:52:22 - Fehler beim Herstellen der Internetverbindung. 08:52:22
- Serververbindung konnte nicht hergestellt werden..
Error - 06.03.2011 03:52:30 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 08:52:27 - Fehler beim Herstellen der Internetverbindung. 08:52:27
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 04:41:04 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 09:41:04 - Fehler beim Herstellen der Internetverbindung. 09:41:04
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 04:41:41 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 09:41:34 - Fehler beim Herstellen der Internetverbindung. 09:41:34
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 05:42:29 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 10:42:29 - Fehler beim Herstellen der Internetverbindung. 10:42:29
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 05:43:00 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 10:42:58 - Fehler beim Herstellen der Internetverbindung. 10:42:58
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 06:43:37 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 11:43:37 - Fehler beim Herstellen der Internetverbindung. 11:43:37
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 06:44:08 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 11:44:07 - Fehler beim Herstellen der Internetverbindung. 11:44:07
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 07:44:56 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 12:44:56 - Fehler beim Herstellen der Internetverbindung. 12:44:56
- Serververbindung konnte nicht hergestellt werden..
Error - 21.11.2011 07:45:27 | Computer Name = Krush-PC | Source = MCUpdate | ID = 0
Description = 12:45:26 - Fehler beim Herstellen der Internetverbindung. 12:45:26
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 10.07.2011 07:08:44 | Computer Name = Krush-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1547
seconds with 1380 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 01.04.2012 08:51:30 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 08:53:36 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 08:53:36 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 08:53:36 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 08:58:36 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 08:58:36 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 08:58:36 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 09:00:44 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 09:00:44 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.04.2012 09:00:44 | Computer Name = Krush-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
