| |
| |||||||
Log-Analyse und Auswertung: Nach Malwarebites durchlauf Malware.N.Spack gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
20.11.2012, 18:45
| #1 |
 |  Nach Malwarebites durchlauf Malware.N.Spack gefunden Hallo wie im Titel erwähnt habe ich nach routine Malwarebytes durchlauf zwei infizierte Datien entdeckt hier im anhang der log Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.20.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 S-System :: S-SYSTEM-PC [Administrator] 20.11.2012 18:39:02 mbam-log-2012-11-20 (18-42-46).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 244580 Laufzeit: 3 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\S-System\AppData\Local\Temp\wtf31F5.tmp (Malware.NSPack) -> Keine Aktion durchgeführt. C:\Users\S-System\AppData\Local\Temp\wtf9684.tmp (Malware.NSPack) -> Keine Aktion durchgeführt. (Ende) Für die Hilfe möchte ich im vorraus danken habe nun auch einen OTL Scan durchgeführtOTL Logfile: Code:
ATTFilter OTL logfile created on: 20.11.2012 18:55:25 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\S-System\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,65% Memory free 10,00 Gb Paging File | 7,82 Gb Available in Paging File | 78,23% Paging File free Paging file location(s): c:\pagefile.sys 6142 12284 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,52 Gb Total Space | 68,20 Gb Free Space | 45,61% Space Free | Partition Type: NTFS Drive D: | 24,41 Gb Total Space | 0,78 Gb Free Space | 3,20% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 59,94 Gb Free Space | 12,87% Space Free | Partition Type: NTFS Drive F: | 14,65 Gb Total Space | 9,52 Gb Free Space | 65,00% Space Free | Partition Type: NTFS Drive G: | 90,98 Gb Total Space | 82,98 Gb Free Space | 91,21% Space Free | Partition Type: NTFS Drive H: | 414,09 Gb Total Space | 63,52 Gb Free Space | 15,34% Space Free | Partition Type: NTFS Drive I: | 367,91 Gb Total Space | 236,40 Gb Free Space | 64,25% Space Free | Partition Type: NTFS Computer Name: S-SYSTEM-PC | User Name: S-System | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Processes (SafeList) ========== PRC - C:\Users\S-System\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe () PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll () MOD - C:\Windows\SysWOW64\APOMngr.DLL () MOD - C:\Windows\SysWOW64\CmdRtr.DLL () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (mi-raysat_3dsmax2012_64) -- C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe (SiSoftware) ========== Driver Services (SafeList) ========== DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys () DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys () DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO) DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org) DRV - (AODDriver4.1) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices) DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys () DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\sandra.sys (SiSoftware) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B B8 83 9B 6B C3 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 188.95.51.206:80 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.11.01 19:43:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.11.01 19:43:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.11.01 19:43:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.02 11:27:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.31 20:45:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.31 20:45:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 18:55:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.02 11:27:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.31 20:45:42 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.31 20:45:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 18:55:32 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.03.17 00:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S-System\AppData\Roaming\mozilla\Extensions [2012.10.23 15:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S-System\AppData\Roaming\mozilla\Firefox\Profiles\2om32i1e.default\extensions [2012.10.31 20:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.31 20:45:42 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.06.17 11:48:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 05:52:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.17 11:48:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.17 11:48:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.17 11:48:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.17 11:48:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - h:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - h:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CBA1030-D865-4F27-947F-C398CACD21D7}: DhcpNameServer = 192.168.0.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.03.23 10:30:41 | 000,000,000 | ---D | M] - F:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2011.10.26 22:38:38 | 000,000,000 | ---D | M] - H:\Autodesk -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 60 Days ========== [2012.11.20 18:53:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\S-System\Desktop\OTL.exe [2012.11.15 22:32:09 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012.11.15 22:32:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012.11.15 22:27:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.11.15 22:27:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.11.15 22:27:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.11.15 22:27:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.11.15 22:27:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.11.15 22:27:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.11.15 22:27:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.11.15 22:27:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.11.15 22:27:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.11.15 22:27:13 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.11.15 22:27:13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.11.15 22:27:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.11.15 22:27:12 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.11.15 22:27:12 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.11.15 22:27:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.11.15 22:25:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.11.15 22:25:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.11.15 22:25:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.11.15 22:25:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.11.15 21:31:03 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.11.15 21:31:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.11.15 21:31:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.11.15 21:31:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.11.15 21:31:00 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.11.15 21:31:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.11.15 21:31:00 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.11.15 21:30:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.11.15 21:30:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.11.15 21:30:43 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012.11.15 21:30:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.11.13 21:02:30 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Apps [2012.11.11 17:48:00 | 000,000,000 | ---D | C] -- C:\Users\S-System\Documents\BioWare [2012.11.10 16:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver [2012.11.10 16:42:22 | 000,000,000 | ---D | C] -- C:\Samsung [2012.11.10 13:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012.11.10 13:36:27 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Autodesk [2012.11.04 15:34:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.11.04 13:09:16 | 000,000,000 | ---D | C] -- C:\Users\S-System\Documents\SelfMV [2012.11.04 13:01:14 | 000,000,000 | ---D | C] -- C:\Temp [2012.11.04 12:59:23 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys [2012.11.04 12:59:23 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys [2012.11.04 12:57:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2012.11.04 12:57:15 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Samsung [2012.11.04 12:57:14 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Roaming\Samsung [2012.11.04 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\S-System\Documents\samsung [2012.11.04 12:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2012.11.04 12:55:50 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll [2012.11.04 12:55:34 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll [2012.11.04 12:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny [2012.11.04 12:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012.11.04 12:55:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2012.11.04 12:48:12 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Downloaded Installations [2012.11.03 18:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [2012.11.02 23:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware [2012.11.02 23:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware [2012.11.01 20:11:05 | 000,778,088 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPM5E12.dll [2012.11.01 20:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2012.11.01 20:09:27 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\HP [2012.10.31 20:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.30 18:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2012.10.27 11:20:32 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Focus Home Interactive [2012.10.27 07:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.10.27 07:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.10.19 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Programs [2012.10.11 19:39:56 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Razer [2012.10.11 19:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [2012.10.11 19:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer [2012.10.11 19:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer [2012.10.10 18:38:17 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.10.10 18:38:17 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.10.10 18:38:17 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.10.10 18:38:08 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.10.10 18:38:08 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.10.10 18:38:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.10.10 18:38:08 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.10.10 18:38:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.10.10 18:38:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.10.10 18:38:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.10.10 18:38:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.10.10 18:38:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.10.10 18:38:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.10.10 18:38:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.10.10 18:38:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.10.10 18:38:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 18:38:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.10.10 18:38:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.10.10 18:38:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 18:38:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.10.10 18:38:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 18:38:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 18:38:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 18:38:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 18:38:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.10.10 18:38:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.10.10 18:38:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.10.10 18:38:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.10.10 18:37:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.10.10 18:37:39 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.10.10 18:37:39 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.10.09 19:17:03 | 010,220,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.09.26 20:57:16 | 000,330,240 | ---- | C] ((주)마크애니) -- C:\Windows\MASetupCaller.dll [2012.09.26 20:57:16 | 000,090,112 | ---- | C] ((주)마크애니) -- C:\Windows\MAMCityDownload.ocx [2012.09.26 20:57:14 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzdecode.ax [2012.09.26 20:57:14 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.dll [2012.09.26 20:57:14 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\SysWow64\MSLUR71.dll [2012.09.26 20:57:14 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\SysWow64\muzoggsp.ax [2012.09.26 20:57:14 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\Windows\SysWow64\MSCLib.dll [2012.09.26 20:57:14 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\SysWow64\muzwmts.dll [2012.09.26 20:57:14 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.exe [2012.09.26 20:57:14 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\Windows\SysWow64\MSFLib.dll [2012.09.26 20:57:14 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzaf1.dll [2012.09.26 20:57:14 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzmpgsp.ax [2012.09.26 20:57:14 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\SysWow64\muzeffect.ax [2012.09.26 20:57:14 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\SysWow64\MaDRM.dll [2012.09.26 20:57:14 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzmp4sp.ax [2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek) -- C:\Windows\SysWow64\MK_Lyric.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\Windows\SysWow64\MTXSYNCICON.dll [2012.09.26 20:57:14 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MaJGUILib.dll [2012.09.26 20:57:14 | 000,045,320 | ---- | C] (MARKANY) -- C:\Windows\SysWow64\MAMACExtract.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MaXMLProto.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MACXMLProto.dll [2012.09.26 20:57:14 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\Windows\SysWow64\MTTELECHIP.dll [2012.09.26 20:57:14 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\Windows\SysWow64\MASetupCleaner.exe [2012.09.25 19:20:13 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.09.22 20:25:21 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VL Sound 5.1 [2012.09.22 20:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VL Sound 5.1 [2012.09.21 21:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M [2012.09.21 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Roaming\ICQ [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 60 Days ========== [2012.11.20 18:53:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\S-System\Desktop\OTL.exe [2012.11.20 18:46:17 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.20 18:46:17 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.20 18:43:40 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.20 18:43:40 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.20 18:43:40 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.20 18:43:40 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.20 18:43:40 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.20 18:37:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.20 18:37:28 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2012.11.19 23:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.16 17:09:42 | 004,892,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.10 16:45:14 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.11.10 16:45:14 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.11.04 12:57:10 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2012.11.04 12:53:45 | 001,589,442 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.11.03 18:45:57 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Icewind Dale Complete.lnk [2012.11.02 23:13:51 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP5c.lnk [2012.11.02 23:11:44 | 000,001,231 | ---- | M] () -- C:\Users\S-System\Desktop\AIDA64 Extreme Edition.lnk [2012.11.01 20:11:04 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\HP Officejet 6100.lnk [2012.11.01 20:11:04 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6100.lnk [2012.11.01 20:10:08 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini [2012.11.01 19:43:41 | 000,637,272 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2012.10.27 07:53:08 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.27 07:36:12 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.11 19:39:14 | 000,002,144 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk [2012.10.09 19:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.10.09 19:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.10.09 19:17:03 | 010,220,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.10.09 18:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.10.08 12:31:03 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.10.08 12:22:55 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.10.08 12:22:17 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.10.08 12:18:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.10.08 12:17:35 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.10.08 12:17:26 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.10.08 12:15:59 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.10.08 12:13:54 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.10.08 12:09:39 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.10.08 08:47:44 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.10.08 08:46:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.10.08 08:44:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.10.08 08:43:05 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.10.08 08:41:19 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.10.08 08:37:23 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.10.03 18:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.10.03 18:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.10.03 18:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.10.03 17:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.10.03 17:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.10.03 17:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.09.29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.26 20:57:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll [2012.09.26 20:57:16 | 000,330,240 | ---- | M] ((주)마크애니) -- C:\Windows\MASetupCaller.dll [2012.09.26 20:57:16 | 000,090,112 | ---- | M] ((주)마크애니) -- C:\Windows\MAMCityDownload.ocx [2012.09.26 20:57:16 | 000,030,568 | ---- | M] () -- C:\Windows\MusiccityDownload.exe [2012.09.26 20:57:14 | 000,974,848 | ---- | M] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.09.26 20:57:14 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzdecode.ax [2012.09.26 20:57:14 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.dll [2012.09.26 20:57:14 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\SysWow64\MSLUR71.dll [2012.09.26 20:57:14 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\Windows\SysWow64\muzoggsp.ax [2012.09.26 20:57:14 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWow64\MSCLib.dll [2012.09.26 20:57:14 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\SysWow64\muzwmts.dll [2012.09.26 20:57:14 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.exe [2012.09.26 20:57:14 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWow64\MSFLib.dll [2012.09.26 20:57:14 | 000,143,360 | ---- | M] () -- C:\Windows\SysWow64\3DAudio.ax [2012.09.26 20:57:14 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzaf1.dll [2012.09.26 20:57:14 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzmpgsp.ax [2012.09.26 20:57:14 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\Windows\SysWow64\muzeffect.ax [2012.09.26 20:57:14 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\SysWow64\MaDRM.dll [2012.09.26 20:57:14 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzmp4sp.ax [2012.09.26 20:57:14 | 000,081,920 | ---- | M] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | M] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\SysWow64\MK_Lyric.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\SysWow64\MTXSYNCICON.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.09.26 20:57:14 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MaJGUILib.dll [2012.09.26 20:57:14 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\SysWow64\MAMACExtract.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MaXMLProto.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MACXMLProto.dll [2012.09.26 20:57:14 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\SysWow64\MTTELECHIP.dll [2012.09.26 20:57:14 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\Windows\SysWow64\MASetupCleaner.exe [2012.09.26 20:57:12 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll [2012.09.25 23:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.09.25 23:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.15 22:32:11 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.15 22:25:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.11.04 12:57:10 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2012.11.03 18:45:57 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Icewind Dale Complete.lnk [2012.11.02 23:14:11 | 011,624,448 | ---- | C] () -- C:\Users\S-System\AppData\Roaming\Sandra.mdb [2012.11.02 23:13:51 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP5c.lnk [2012.11.01 20:11:04 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet 6100.lnk [2012.11.01 20:11:04 | 000,001,832 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6100.lnk [2012.11.01 20:10:08 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.10.27 07:36:12 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.11 19:39:14 | 000,002,144 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk [2012.09.26 20:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.09.26 20:57:14 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\3DAudio.ax [2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.06.13 09:00:01 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2012.06.13 09:00:01 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2012.06.13 09:00:00 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2012.06.13 09:00:00 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2012.06.13 09:00:00 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012.06.06 20:02:47 | 000,000,782 | ---- | C] () -- C:\Windows\wiso.ini [2012.06.02 11:23:22 | 000,245,227 | ---- | C] () -- C:\Windows\hpoins19.dat [2012.06.02 11:23:22 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2012.05.10 15:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.17 18:47:24 | 000,007,597 | ---- | C] () -- C:\Users\S-System\AppData\Local\Resmon.ResmonCfg [2012.03.23 10:41:03 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.03.19 10:11:06 | 000,280,856 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.03.19 10:11:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.03.17 01:26:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.03.17 00:59:17 | 000,017,408 | ---- | C] () -- C:\Users\S-System\AppData\Local\WebpageIcons.db [2012.03.16 23:34:39 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012.03.16 23:34:39 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2012.02.15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.02.15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.11.2012 18:55:25 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\S-System\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,65% Memory free
10,00 Gb Paging File | 7,82 Gb Available in Paging File | 78,23% Paging File free
Paging file location(s): c:\pagefile.sys 6142 12284 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,52 Gb Total Space | 68,20 Gb Free Space | 45,61% Space Free | Partition Type: NTFS
Drive D: | 24,41 Gb Total Space | 0,78 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 59,94 Gb Free Space | 12,87% Space Free | Partition Type: NTFS
Drive F: | 14,65 Gb Total Space | 9,52 Gb Free Space | 65,00% Space Free | Partition Type: NTFS
Drive G: | 90,98 Gb Total Space | 82,98 Gb Free Space | 91,21% Space Free | Partition Type: NTFS
Drive H: | 414,09 Gb Total Space | 63,52 Gb Free Space | 15,34% Space Free | Partition Type: NTFS
Drive I: | 367,91 Gb Total Space | 236,40 Gb Free Space | 64,25% Space Free | Partition Type: NTFS
Computer Name: S-SYSTEM-PC | User Name: S-System | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034C2F04-86F2-4FCF-8292-E6FC6614B993}" = lport=137 | protocol=17 | dir=in | app=system |
"{11D859D1-5586-49AF-835D-8D8D3129BF40}" = lport=10243 | protocol=6 | dir=in | app=system |
"{155CB6D4-D973-49DA-ABB9-92F82D0138B9}" = rport=138 | protocol=17 | dir=out | app=system |
"{1636722E-508B-485B-80CD-68F3A337A37E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17FF79BC-1FD8-4491-A43F-8322E37707A6}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\rpcagentsrv.exe |
"{24FFF4AE-D2BC-4522-9CB2-25DF360C6BDA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{302D78DA-35D1-4433-A88A-CE181FC0D462}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E0E34D8-BCC6-45C1-A1E0-B3A16959CCDB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F70A495-25EE-454C-82B2-F16875560A19}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{493662E2-812B-4421-9B3E-81A3614372B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54B05118-49FE-4B17-8C44-4178856E1EC3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5ED48A2D-6BC8-429A-9710-7524E47F559B}" = rport=137 | protocol=17 | dir=out | app=system |
"{621B09F9-051E-41E2-81D5-4784F42005E2}" = lport=138 | protocol=17 | dir=in | app=system |
"{6ACBF02E-F4DD-4EC1-B05C-7CEBC1A315E6}" = lport=139 | protocol=6 | dir=in | app=system |
"{6F89E7E1-D3B4-42BA-B780-1BFB0C4615AE}" = lport=445 | protocol=6 | dir=in | app=system |
"{8BFA0138-69CF-44E2-83FF-66B8D1A249AE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6D8D3B0-1326-4AB9-8910-6FAEFF26F7DB}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\wnt500x64\rpcsandrasrv.exe |
"{BDDDF2CF-4848-489A-900A-85F68702FDAB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C10D7C4D-CB7B-4D2D-8287-852DC20A205B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5AC6D91-C542-4655-AAC3-937856D32611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D19633C7-4482-41D6-A468-05F57DCD630F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D363F5F7-B6F7-441B-AF7C-A4849C28B0E4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D5C2C494-C8DD-432E-A811-96BD61BD1850}" = rport=445 | protocol=6 | dir=out | app=system |
"{FD3534C5-1461-47DE-898C-221FD6E1E291}" = rport=139 | protocol=6 | dir=out | app=system |
"{FE4C6F93-6767-4041-B9F4-9993270A7D9C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0239C405-83D1-470F-9F55-2B12A410548C}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{0772C4EF-08FE-40E8-BE4E-65354565C0DB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\support\ea help\electronic_arts_technical_support.htm |
"{0AA89188-5D55-42C9-B5F9-09B9B06E9269}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{0CCDF762-582D-475C-AEAC-2DE7C613BF18}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{0CD6AD9D-258E-4348-A061-72BDEC58BB1F}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe |
"{0DBC5C16-4F95-49EE-8244-4CF715625FA3}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{128B5A73-7D16-4F52-AD15-F1EC8CD169B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15AD9656-EDEA-4DBB-B67B-20DA73543AC1}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{168F1C2F-36EE-4C1E-95DB-D3B2FE4A6020}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{189ECC3E-6B3F-4738-A9D3-18907908EC87}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{18A499C7-6D72-43AA-973A-43E8D52BDF8A}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{190AA9A7-95B0-4897-9AF2-615C0B2091CE}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{1B9D6AC9-FC69-4490-B378-AF62F9571A13}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1D85C25C-087E-4D47-A308-7411B63622C1}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{1E1A2D8A-AC5D-4BB5-B4FB-F63C84F35B15}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{1F762FA5-DBA9-4EE2-9522-23FE86150026}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{20BBB6F4-988C-4D6B-B072-BA23D699DD80}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{228A9560-934A-4853-9205-3F72CF3AE06E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\il-2 sturmovik cliffs of dover\launcher.exe |
"{22A20DD2-5E72-4535-87A5-D63C7046E196}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\il-2 sturmovik cliffs of dover\launcher.exe |
"{22C82CD0-621B-4A45-86BC-9E3840A9FF82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{22CC0A9C-B8C1-4F0A-9028-AE7481C7E1A2}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{255B16B7-9E4B-4E67-B78D-6A91BC7B09BD}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{26AEAA5C-3B88-40C9-9B68-D12E5D4D8F78}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{29B5D7D0-3283-47EB-9492-5B12ECE7E355}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{29DCF9FD-BCC0-4EAA-A8CA-098A577D04B2}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steam.exe |
"{2BCD7443-AAD3-41A7-A92D-8A60B2B9D8B2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2BD69A9A-003E-4033-85CF-BD3C73E5E512}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{2CF354BD-7526-4337-86DE-27F4FDF33E22}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 3 descent\binaries\alienbreed3descent.exe |
"{2E438164-0B21-49EA-A9A5-CDC493C097C2}" = dir=in | app=c:\program files\hp\hp officejet 6100\bin\devicesetup.exe |
"{2EB25A22-27DB-4CA5-A56C-7384ED7FF46C}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{3249885F-C38D-4032-9AB3-00EFC32053C7}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{3338F499-823D-4394-A6AD-01505BDED11F}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{35DF79A1-B2CD-4C0D-AF03-703526F78A0D}" = protocol=17 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{360887F1-BBEA-4E23-A27E-490D2A47D09F}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{3B1C2D1F-DCB3-4C94-873F-3F6EDA636BA5}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |
"{3D01C839-C469-4B4F-9B3F-5A649E8CFCB5}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3F5B9BEA-7366-4535-9EE1-A800E054295E}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{3FADC0E7-F1A8-4A57-9D25-B69E62E2BC4E}" = protocol=6 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3956\hpdiagnosticcoreui.exe |
"{4078289B-A90E-48E8-BF21-5D64580BA178}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\support\ea help\electronic_arts_technical_support.htm |
"{4342DD29-B7F5-4141-9FD1-A9B0D00F6530}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{46B84E4B-16E8-4FD6-A865-C24BBD551CD3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47EDFD72-EF6F-4AC4-9D54-9DB72C3C5801}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49B10D0B-345B-4BDF-9DC6-FA473F46FB6A}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{4A30763F-3A29-4FDC-A2BF-BA23F33C4E54}" = protocol=17 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{4AC7C645-02A7-481E-8C98-F5100D8442AA}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe |
"{4B8BF1F4-EF56-4BB7-B3FC-8DBB91ABF8D6}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4BC6782E-D438-40EB-B435-26ED2356DB1A}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{4C65D34B-2599-461F-B386-FA40D0012CC6}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{4D0D9076-0B78-417D-B632-A288B4B206FC}" = protocol=6 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{4D782717-7EF2-4E46-846F-ACA739FFCD6F}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{5035BAC8-2BFD-4A75-B2C2-9CFC1EF073D4}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{54466E6E-A0EE-403C-9C19-15B696C67805}" = protocol=6 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{5519F756-14C2-4BA0-988A-1BFCDFB7DB11}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{561356BB-8D8D-44AB-AA0C-31FFCD3F5123}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56137BAB-CBA0-4CF9-B373-CC3C88D84969}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{58AC2894-DAE7-489E-A05D-3F951997343D}" = protocol=17 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3ad1\hpdiagnosticcoreui.exe |
"{5BA9219B-A3E2-40E4-9998-887E61330311}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's pirates!\pirates!.exe |
"{5C004F81-7761-4059-9741-84EE8897A975}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5DC8DAF7-715F-4584-847A-D290689F2302}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{5FD2968D-12DC-4613-A2E1-6CA2A4734077}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{620F8496-27BD-4783-985A-847651319B03}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{62CAA28E-4FFA-47B8-9FCC-0C04E6738CD6}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{65585809-0630-4EA3-843B-D7BB2CBDAEBB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\ndsrv.exe |
"{672825F8-1FC1-4C5F-8FB4-3354DAB9F145}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{683AF175-5764-472D-BF85-D9E4E8EA6C58}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6B1E661D-3402-42D6-B657-3C9CE6F20FC8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6B9B2F0C-E01B-446E-9505-D15E9624696F}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sword of the stars ii\bin\x86\sots2.exe |
"{6D7FEAEC-EAF9-4806-B67D-37AC2896BE8A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe |
"{6FD835C0-5DFA-4144-8399-EA804823E5C3}" = protocol=6 | dir=in | app=h:\program files (x86)\stardock games\fallenenchantress\fallenenchantress.exe |
"{72558B36-7463-4578-AEB3-1B41D008BF34}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{75D46335-DFCF-472B-85A8-4AD24CAFB4FF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{77234755-172C-42CF-A12F-02166B7DAA86}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{77BAD646-14CB-4EE6-B9EE-7EB4FD1E7490}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sword of the stars ii\bin\x86\sots2.exe |
"{7936043B-A226-4740-9319-1A860E98F798}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7F7D67A4-220F-4C84-8EAC-D98106A1D206}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{80B5E7CD-8A1C-411F-B12C-5030AADBD61A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{824FAC24-F1C1-4EED-9B05-05EED22D2677}" = protocol=6 | dir=in | app=h:\program files (x86)\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe |
"{828F2E82-4AA9-4E1E-9B57-DE2078D0A5EB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{8548C8FC-DEED-4959-8ECE-E646B37BED8D}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{86022E2F-D105-43D0-97C5-011F28AA1B93}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{86ADD4F2-3FB1-4B4E-8026-31787C3E272C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{884F1CA2-B71E-4D8D-82B5-35032F6337EF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{88FDC3DA-C2B4-4FCC-9185-AC17F57547B3}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{8BD5A0C7-3748-4B27-9942-7747C67E43CD}" = protocol=6 | dir=out | app=system |
"{8D4F94F1-10B2-4012-84AC-DCBCA7C9061B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{8D6ACE0E-847D-4CAD-B14F-44F0A56D56A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{90F46F38-F082-4EA4-B8B9-ABB7383B5A3C}" = protocol=17 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{93D0F1DB-2198-4B0F-884F-B6AFA19A4D33}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{99C1862E-8EAF-467F-89CA-2484F59DA096}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{9B59BB5E-6CA6-4F94-B5DC-A881E3C1A663}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{9DDD2D39-6991-414F-8BD4-BAC668FEA05F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F835657-7F78-43A6-A058-123A2E6EB866}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{9F85DB73-960F-4F45-A548-089D421FC8AA}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe |
"{A13ED1ED-4AB5-4315-82ED-8E7F9AE513EE}" = protocol=6 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{A2B1D416-B5DF-4F66-9DD9-C10AE1E22460}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{A4866F75-C576-4971-9387-E34CDC3A3845}" = protocol=17 | dir=in | app=h:\program files (x86)\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe |
"{A5287859-2D85-4AD0-AA4F-91DCE822014B}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |
"{A6737C24-0995-4A84-9B8A-E3A2850721FB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{A7E4BC29-55A5-464A-94D9-6ACD40C074CB}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\nucleardawn.exe |
"{AA54E0F9-0E6D-441F-879C-1F7A68605093}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe |
"{AD78974C-2A5D-4DD4-9705-C531BD1BD1CB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{AE7ED559-5102-48F4-B8FA-1782F7B5CF7C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B0EC9CC4-804E-4B8C-9D52-9016E451E337}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{B361D81B-303D-4939-B61D-B6B32AC9E8EE}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{B38301EB-E6AB-4305-9807-4C877EB839D0}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{B523A6A4-DF20-434C-AF3D-D479360D4077}" = protocol=17 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3a5e\hpdiagnosticcoreui.exe |
"{B627D9C8-875D-4572-AC2B-211718005DCD}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{B65F233A-059C-4E42-9B3F-3BBF7474A504}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{B78973AD-53F2-49DF-ADF5-5C5F4C826941}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steam.exe |
"{B7E7972B-B507-49A9-B04D-489A9A6CFEBB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B8033E1B-C158-40B3-B395-887271B0EA36}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\ndsrv.exe |
"{B8768082-DFC9-4625-97D4-0D8F30297089}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{BA534E6F-C836-4BFC-A20F-806DEC284AF3}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\cnc4.exe |
"{BB683D34-294D-4EFA-BDB2-6F02A1A8E927}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BCBC29FD-ECBD-4CF0-8104-1A5321C84DBC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BD214E28-8425-429A-8FD8-6D911BD197FD}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{BE2C8D6A-5888-44F7-A750-5B04B082888E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{BE372EC4-A8C7-416A-A1BE-C32FF01DD2EB}" = protocol=6 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3a5e\hpdiagnosticcoreui.exe |
"{C05FE92B-C14B-4998-B6F9-02560ABE916A}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 3 descent\binaries\alienbreed3descent.exe |
"{C31AAABA-FFF0-4B41-A096-5C8122704C45}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6473E35-BA8A-48A4-A5BD-548ECEA45B26}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{C6E506CF-3548-4328-98E8-BD61E3AE0A83}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{C8A708BE-D0C3-4FDD-AEDE-835DF6E1F85C}" = dir=in | app=c:\program files\hp\hp officejet 6100\bin\hpnetworkcommunicator.exe |
"{CA182C26-5ACA-4FD1-9CDE-AEB1AF563059}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{CBC296EC-4DFA-4010-8A3E-FEF5163A603F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{CE02CB46-7D3E-46EA-9BE7-A28D3D9A8348}" = protocol=6 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3ad1\hpdiagnosticcoreui.exe |
"{CE698BC6-DC49-4C60-8350-34D8142C50CE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFD4755C-CDE3-4FAE-9B2C-36146F41F41F}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D17BAC18-E20C-4972-86DE-90196E33F5D6}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\cnc4.exe |
"{D456302C-6C9B-48C0-BED4-CED94668A1DF}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{D676F901-11FB-4895-8249-120182B20052}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{D719ECD5-A7E8-4680-BBB9-E6A4CA11696D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{D9FCF23C-0852-4735-93A0-49B5B94CB3D8}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{DA598122-4C12-49D4-8BCF-14AD0AF0428F}" = protocol=17 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{DC6693A7-B1E8-4646-B832-2AF0DF7287C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{DD93B9E5-7F1F-4EB2-BCE6-9107B8B7B5B1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{DD9E6374-48C1-45B1-8BD1-4EB18CB31863}" = protocol=17 | dir=in | app=h:\program files (x86)\stardock games\fallenenchantress\fallenenchantress.exe |
"{DE49438B-B853-4276-8DC1-E5E542771EEA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{DF8AC190-1B86-4580-A186-6D7D4E9CA863}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{E0092BA6-84E0-47B3-B46A-898EEFB3F49D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E0BCA89D-F821-40D0-826F-613B7D6A075E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{E4A04840-69C0-451C-8221-DF8A8EA82A00}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\nucleardawn.exe |
"{E54A6116-190F-4CFB-AA93-BEE8B36A2F84}" = protocol=17 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3956\hpdiagnosticcoreui.exe |
"{E832D4A1-833D-4B2E-97DA-D2709F6BA0EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E891EB4E-9BC4-44DB-84EE-30DA773E560D}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's pirates!\pirates!.exe |
"{EAFEE016-9767-4775-A5AC-8BCFBDA120B9}" = protocol=6 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{EE5BDF8E-AAAD-46D2-89BC-C4E6CA6AFC5A}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{EEB859C9-2EBA-45EA-AC96-95D409D593F7}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe |
"{F29A97A4-8ED7-4EBA-8F25-FD8B7252422E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F35B854A-4AEE-4BF7-A9B9-5D9C8A75A99B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F42D42DF-97EE-4483-B533-9B3E58E8FAFF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F4B4EAE1-E6F5-4E8D-BB6F-5355E244E9B5}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{FCD33357-9EB1-45C2-85FC-DC97CE69A3D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{FD463330-E450-4444-9DBB-733FA6D07434}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FF813FA1-05D4-4C96-8DC4-C3A931D8E7AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{12D93D02-3C15-DF08-581F-52E4A1EB0A3D}" = AMD Drag and Drop Transcoding
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{44B4F244-5B4D-856E-B3A6-E8DDBDC7F127}" = AMD Fuel
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{723C8298-C7B0-0407-A1B6-C3BA6F3FFAB1}" = Autodesk 3ds Max 2012 64-bit - German
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{838AF9AD-DE38-17FB-57F6-ADDF929F191E}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP5c
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E30BC112-507C-4980-A00B-13C5CC9EDB03}" = HP Officejet 6100 - Grundlegende Software für das Gerät
"{EA234BC3-39FE-4734-B72F-076086889F6D}" = Composite 2012 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Autodesk 3ds Max 2012 64-bit - German" = Autodesk 3ds Max 2012 64-bit - German
"Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit" = Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = AMD VISION Engine Control Center
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F5B0DA7-1696-472A-BC59-305A81C23AE5}" = WebTV
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73750E8F-0277-4EF7-AD90-7723B5C0A8B8}" = Elemental: Fallen Enchantress
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94240445-6D61-4985-B240-9027DCA7193E}_is1" = Men of War: Red Tide (Remove Only)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A30269D0-4F0B-44BB-A169-C665CA856EEC}}_is1" = Crusader Kings II version 1.07b
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012
"{B9135AC5-0FA4-4565-9768-61BF6C79CD29}" = WebTV
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CA328CDF-A284-445E-AAE7-B24A11E97201}" = MechWarrior Online
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.70
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio-Systemsteuerung
"Autodesk 3ds Max 2012 64-bit - German SP2" = Autodesk 3ds Max 2012 64-bit - German SP2
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Diablo III" = Diablo III
"Distant Worlds1.0.6.0" = Distant Worlds
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.1 Home Edition
"EasyBCD" = EasyBCD 2.1.2
"Elemental: Fallen Enchantress" = Elemental: Fallen Enchantress
"Entropia Universe" = Entropia Universe
"ESET Online Scanner" = ESET Online Scanner v3
"EVE" = EVE Online (remove only)
"EVEMon" = EVEMon
"Fraps" = Fraps
"hon" = Heroes of Newerth
"Icewind Dale Complete_is1" = Icewind Dale Complete
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Legend of Grimrock" = Legend of Grimrock
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Men of War - Red Tide_is1" = Men of War - Red Tide 1.00.1
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Starfarer" = Starfarer by Fractal Softworks LLC
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 205790" = Dota 2 Test
"Steam App 207170" = Legend of Grimrock
"Steam App 208140" = Endless Space
"Steam App 33460" = From Dust
"Steam App 34030" = Napoleon: Total War
"Steam App 3920" = Sid Meier's Pirates!
"Steam App 42990" = Sword of the Stars II
"Steam App 47400" = Stronghold 3
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"VL Sound 5.1" = VL Sound 5.1
"VLC media player" = VLC media player 2.0.0
"WaveStudio 7" = Creative WaveStudio 7
"Winamp" = Winamp
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4f004f4a-1930-4b55-83e6-61660211787f}" = MechWarrior Online
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.11.2012 14:55:58 | Computer Name = S-System-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GameOverlayUI.exe, Version: 1.32.20.50,
Zeitstempel: 0x4f46a9bf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74a3e2d4 ID des fehlerhaften
Prozesses: 0x1e08 Startzeit der fehlerhaften Anwendung: 0x01cdc03e2d3693c5 Pfad der
fehlerhaften Anwendung: H:\Program Files (x86)\Steam\GameOverlayUI.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 6da15496-2c31-11e2-b2d2-40618663e49f
Error - 13.11.2012 14:50:58 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 13.11.2012 14:52:12 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 14.11.2012 16:09:03 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.11.2012 16:11:34 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 17.11.2012 05:27:20 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 17.11.2012 05:29:38 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 18.11.2012 05:56:11 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.11.2012 05:57:41 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 18.11.2012 06:20:34 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 18.11.2012 06:31:07 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:13 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:20 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:26 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:33 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:39 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:46 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:52 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:59 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 20.11.2012 13:37:34 | Computer Name = S-System-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?11.?2012 um 23:44:50 unerwartet heruntergefahren.
< End of report >
kann dieset Thread gelöscht werden, habe gerade gesehn das ich hier im falschen subforum bin habe einen Post im "Plagegeister aller Art und deren Bekämpfung" angelegt. Bzw was ist das richtige Forum? Geändert von Veantur (20.11.2012 um 19:30 Uhr) |
|
21.11.2012, 05:04
| #2 |
| /// Helfer-Team  | Nach Malwarebites durchlauf Malware.N.Spack gefunden__________________
__________________ |
|
| Themen zu Nach Malwarebites durchlauf Malware.N.Spack gefunden |
| administrator, aktion, anhang, anti-malware, appdata, autostart, avp.exe, bösartige, dateien, entdeck, entdeckt, explorer, focus, forum?, gen, infizierte, install.exe, local, malware.nspack, malwarebytes, minute, monitor.exe, nexus, officejet, pirates, plagegeister aller art und deren bekämpfung, plug-in, registrierung, richtlinie, service, speicher, temp, titel, users, version, version., verzeichnisse |
Linear-Darstellung
