Nach Malwarebites durchlauf Malware.N.Spack gefunden Hallo
wie im Titel erwähnt habe ich nach routine Malwarebytes durchlauf zwei infizierte Datien entdeckt
hier im anhang der log
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Datenbank Version: v2012.11.20.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
S-System :: S-SYSTEM-PC [Administrator]
20.11.2012 18:39:02
mbam-log-2012-11-20 (18-42-46).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 244580
Laufzeit: 3 Minute(n), 31 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Users\S-System\AppData\Local\Temp\wtf31F5.tmp (Malware.NSPack) -> Keine Aktion durchgeführt.
C:\Users\S-System\AppData\Local\Temp\wtf9684.tmp (Malware.NSPack) -> Keine Aktion durchgeführt.
(Ende)
Für die Hilfe möchte ich im vorraus danken
habe nun auch einen OTL Scan durchgeführtOTL Logfile: Code:
OTL logfile created on: 20.11.2012 18:55:25 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\S-System\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,65% Memory free
10,00 Gb Paging File | 7,82 Gb Available in Paging File | 78,23% Paging File free
Paging file location(s): c:\pagefile.sys 6142 12284 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,52 Gb Total Space | 68,20 Gb Free Space | 45,61% Space Free | Partition Type: NTFS
Drive D: | 24,41 Gb Total Space | 0,78 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 59,94 Gb Free Space | 12,87% Space Free | Partition Type: NTFS
Drive F: | 14,65 Gb Total Space | 9,52 Gb Free Space | 65,00% Space Free | Partition Type: NTFS
Drive G: | 90,98 Gb Total Space | 82,98 Gb Free Space | 91,21% Space Free | Partition Type: NTFS
Drive H: | 414,09 Gb Total Space | 63,52 Gb Free Space | 15,34% Space Free | Partition Type: NTFS
Drive I: | 367,91 Gb Total Space | 236,40 Gb Free Space | 64,25% Space Free | Partition Type: NTFS
Computer Name: S-SYSTEM-PC | User Name: S-System | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Users\S-System\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (mi-raysat_3dsmax2012_64) -- C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe (SiSoftware)
========== Driver Services (SafeList) ==========
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (AODDriver4.1) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\sandra.sys (SiSoftware)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B B8 83 9B 6B C3 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 188.95.51.206:80
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.11.01 19:43:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.11.01 19:43:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.11.01 19:43:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.02 11:27:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.31 20:45:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.31 20:45:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 18:55:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.02 11:27:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.31 20:45:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.31 20:45:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 18:55:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2012.03.17 00:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S-System\AppData\Roaming\mozilla\Extensions
[2012.10.23 15:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S-System\AppData\Roaming\mozilla\Firefox\Profiles\2om32i1e.default\extensions
[2012.10.31 20:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.31 20:45:42 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.06.17 11:48:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 05:52:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.17 11:48:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.17 11:48:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 11:48:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 11:48:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - h:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - h:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CBA1030-D865-4F27-947F-C398CACD21D7}: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.03.23 10:30:41 | 000,000,000 | ---D | M] - F:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2011.10.26 22:38:38 | 000,000,000 | ---D | M] - H:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2012.11.20 18:53:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\S-System\Desktop\OTL.exe
[2012.11.15 22:32:09 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.15 22:32:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.15 22:27:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.15 22:27:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.15 22:27:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.15 22:27:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.15 22:27:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.15 22:27:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.15 22:27:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.15 22:27:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.15 22:27:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.15 22:27:13 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.15 22:27:13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.15 22:27:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.15 22:27:12 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.15 22:27:12 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.15 22:27:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.15 22:25:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.15 22:25:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.15 22:25:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.15 22:25:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.15 21:31:03 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.15 21:31:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.15 21:31:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.15 21:31:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.15 21:31:00 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.15 21:31:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.15 21:31:00 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.15 21:30:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.15 21:30:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.15 21:30:43 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.15 21:30:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.13 21:02:30 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Apps
[2012.11.11 17:48:00 | 000,000,000 | ---D | C] -- C:\Users\S-System\Documents\BioWare
[2012.11.10 16:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2012.11.10 16:42:22 | 000,000,000 | ---D | C] -- C:\Samsung
[2012.11.10 13:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.11.10 13:36:27 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Autodesk
[2012.11.04 15:34:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.11.04 13:09:16 | 000,000,000 | ---D | C] -- C:\Users\S-System\Documents\SelfMV
[2012.11.04 13:01:14 | 000,000,000 | ---D | C] -- C:\Temp
[2012.11.04 12:59:23 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012.11.04 12:59:23 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2012.11.04 12:57:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2012.11.04 12:57:15 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Samsung
[2012.11.04 12:57:14 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Roaming\Samsung
[2012.11.04 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\S-System\Documents\samsung
[2012.11.04 12:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012.11.04 12:55:50 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012.11.04 12:55:34 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2012.11.04 12:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012.11.04 12:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012.11.04 12:55:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012.11.04 12:48:12 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Downloaded Installations
[2012.11.03 18:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012.11.02 23:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2012.11.02 23:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2012.11.01 20:11:05 | 000,778,088 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPM5E12.dll
[2012.11.01 20:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.11.01 20:09:27 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\HP
[2012.10.31 20:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.30 18:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.10.27 11:20:32 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Focus Home Interactive
[2012.10.27 07:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.27 07:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.10.19 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Programs
[2012.10.11 19:39:56 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Local\Razer
[2012.10.11 19:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2012.10.11 19:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2012.10.11 19:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2012.10.10 18:38:17 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 18:38:17 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 18:38:17 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 18:38:08 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 18:38:08 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 18:38:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 18:38:08 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 18:38:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 18:38:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 18:38:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 18:38:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 18:38:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 18:38:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 18:38:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 18:38:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 18:38:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 18:38:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 18:38:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 18:38:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 18:38:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 18:38:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 18:38:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 18:38:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 18:38:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 18:38:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 18:38:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 18:38:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 18:38:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 18:38:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 18:38:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 18:38:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 18:37:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 18:37:39 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 18:37:39 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.09 19:17:03 | 010,220,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.09.26 20:57:16 | 000,330,240 | ---- | C] ((주)마크애니) -- C:\Windows\MASetupCaller.dll
[2012.09.26 20:57:16 | 000,090,112 | ---- | C] ((주)마크애니) -- C:\Windows\MAMCityDownload.ocx
[2012.09.26 20:57:14 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzdecode.ax
[2012.09.26 20:57:14 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.dll
[2012.09.26 20:57:14 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\SysWow64\MSLUR71.dll
[2012.09.26 20:57:14 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\SysWow64\muzoggsp.ax
[2012.09.26 20:57:14 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\Windows\SysWow64\MSCLib.dll
[2012.09.26 20:57:14 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\SysWow64\muzwmts.dll
[2012.09.26 20:57:14 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.exe
[2012.09.26 20:57:14 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\Windows\SysWow64\MSFLib.dll
[2012.09.26 20:57:14 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzaf1.dll
[2012.09.26 20:57:14 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzmpgsp.ax
[2012.09.26 20:57:14 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\SysWow64\muzeffect.ax
[2012.09.26 20:57:14 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\SysWow64\MaDRM.dll
[2012.09.26 20:57:14 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzmp4sp.ax
[2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek) -- C:\Windows\SysWow64\MK_Lyric.dll
[2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\Windows\SysWow64\MTXSYNCICON.dll
[2012.09.26 20:57:14 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MaJGUILib.dll
[2012.09.26 20:57:14 | 000,045,320 | ---- | C] (MARKANY) -- C:\Windows\SysWow64\MAMACExtract.dll
[2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MaXMLProto.dll
[2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MACXMLProto.dll
[2012.09.26 20:57:14 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\Windows\SysWow64\MTTELECHIP.dll
[2012.09.26 20:57:14 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\Windows\SysWow64\MASetupCleaner.exe
[2012.09.25 19:20:13 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.22 20:25:21 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VL Sound 5.1
[2012.09.22 20:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VL Sound 5.1
[2012.09.21 21:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2012.09.21 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\S-System\AppData\Roaming\ICQ
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2012.11.20 18:53:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\S-System\Desktop\OTL.exe
[2012.11.20 18:46:17 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.20 18:46:17 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.20 18:43:40 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.20 18:43:40 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.20 18:43:40 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.20 18:43:40 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.20 18:43:40 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.20 18:37:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.20 18:37:28 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.19 23:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.16 17:09:42 | 004,892,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.10 16:45:14 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.10 16:45:14 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.04 12:57:10 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012.11.04 12:53:45 | 001,589,442 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.03 18:45:57 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Icewind Dale Complete.lnk
[2012.11.02 23:13:51 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP5c.lnk
[2012.11.02 23:11:44 | 000,001,231 | ---- | M] () -- C:\Users\S-System\Desktop\AIDA64 Extreme Edition.lnk
[2012.11.01 20:11:04 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\HP Officejet 6100.lnk
[2012.11.01 20:11:04 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6100.lnk
[2012.11.01 20:10:08 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2012.11.01 19:43:41 | 000,637,272 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.27 07:53:08 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.27 07:36:12 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.11 19:39:14 | 000,002,144 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2012.10.09 19:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.10.09 19:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.10.09 19:17:03 | 010,220,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.10.09 18:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.10.08 12:31:03 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.08 12:22:55 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.10.08 12:22:17 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.08 12:18:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.10.08 12:17:35 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.10.08 12:17:26 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.08 12:15:59 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.10.08 12:13:54 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.10.08 12:09:39 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.10.08 08:47:44 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.10.08 08:46:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.10.08 08:44:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.10.08 08:43:05 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.10.08 08:41:19 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.10.08 08:37:23 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.10.03 18:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.10.03 18:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.10.03 18:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.10.03 17:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.10.03 17:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.10.03 17:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.09.29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.26 20:57:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012.09.26 20:57:16 | 000,330,240 | ---- | M] ((주)마크애니) -- C:\Windows\MASetupCaller.dll
[2012.09.26 20:57:16 | 000,090,112 | ---- | M] ((주)마크애니) -- C:\Windows\MAMCityDownload.ocx
[2012.09.26 20:57:16 | 000,030,568 | ---- | M] () -- C:\Windows\MusiccityDownload.exe
[2012.09.26 20:57:14 | 000,974,848 | ---- | M] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.09.26 20:57:14 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzdecode.ax
[2012.09.26 20:57:14 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.dll
[2012.09.26 20:57:14 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\SysWow64\MSLUR71.dll
[2012.09.26 20:57:14 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\Windows\SysWow64\muzoggsp.ax
[2012.09.26 20:57:14 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWow64\MSCLib.dll
[2012.09.26 20:57:14 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\SysWow64\muzwmts.dll
[2012.09.26 20:57:14 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.exe
[2012.09.26 20:57:14 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWow64\MSFLib.dll
[2012.09.26 20:57:14 | 000,143,360 | ---- | M] () -- C:\Windows\SysWow64\3DAudio.ax
[2012.09.26 20:57:14 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzaf1.dll
[2012.09.26 20:57:14 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzmpgsp.ax
[2012.09.26 20:57:14 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\Windows\SysWow64\muzeffect.ax
[2012.09.26 20:57:14 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\SysWow64\MaDRM.dll
[2012.09.26 20:57:14 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzmp4sp.ax
[2012.09.26 20:57:14 | 000,081,920 | ---- | M] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.09.26 20:57:14 | 000,065,536 | ---- | M] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\SysWow64\MK_Lyric.dll
[2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\SysWow64\MTXSYNCICON.dll
[2012.09.26 20:57:14 | 000,057,344 | ---- | M] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.09.26 20:57:14 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MaJGUILib.dll
[2012.09.26 20:57:14 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\SysWow64\MAMACExtract.dll
[2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MaXMLProto.dll
[2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MACXMLProto.dll
[2012.09.26 20:57:14 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\SysWow64\MTTELECHIP.dll
[2012.09.26 20:57:14 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\Windows\SysWow64\MASetupCleaner.exe
[2012.09.26 20:57:12 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2012.09.25 23:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.09.25 23:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.15 22:32:11 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.15 22:25:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.04 12:57:10 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012.11.03 18:45:57 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Icewind Dale Complete.lnk
[2012.11.02 23:14:11 | 011,624,448 | ---- | C] () -- C:\Users\S-System\AppData\Roaming\Sandra.mdb
[2012.11.02 23:13:51 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP5c.lnk
[2012.11.01 20:11:04 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet 6100.lnk
[2012.11.01 20:11:04 | 000,001,832 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6100.lnk
[2012.11.01 20:10:08 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.10.27 07:36:12 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.11 19:39:14 | 000,002,144 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2012.09.26 20:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.09.26 20:57:14 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\3DAudio.ax
[2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.06.13 09:00:01 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012.06.13 09:00:01 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012.06.13 09:00:00 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012.06.13 09:00:00 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012.06.13 09:00:00 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012.06.06 20:02:47 | 000,000,782 | ---- | C] () -- C:\Windows\wiso.ini
[2012.06.02 11:23:22 | 000,245,227 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.06.02 11:23:22 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.05.10 15:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.17 18:47:24 | 000,007,597 | ---- | C] () -- C:\Users\S-System\AppData\Local\Resmon.ResmonCfg
[2012.03.23 10:41:03 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.19 10:11:06 | 000,280,856 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.03.19 10:11:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.03.17 01:26:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.17 00:59:17 | 000,017,408 | ---- | C] () -- C:\Users\S-System\AppData\Local\WebpageIcons.db
[2012.03.16 23:34:39 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.03.16 23:34:39 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.02.15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 20.11.2012 18:55:25 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\S-System\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,65% Memory free
10,00 Gb Paging File | 7,82 Gb Available in Paging File | 78,23% Paging File free
Paging file location(s): c:\pagefile.sys 6142 12284 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,52 Gb Total Space | 68,20 Gb Free Space | 45,61% Space Free | Partition Type: NTFS
Drive D: | 24,41 Gb Total Space | 0,78 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 59,94 Gb Free Space | 12,87% Space Free | Partition Type: NTFS
Drive F: | 14,65 Gb Total Space | 9,52 Gb Free Space | 65,00% Space Free | Partition Type: NTFS
Drive G: | 90,98 Gb Total Space | 82,98 Gb Free Space | 91,21% Space Free | Partition Type: NTFS
Drive H: | 414,09 Gb Total Space | 63,52 Gb Free Space | 15,34% Space Free | Partition Type: NTFS
Drive I: | 367,91 Gb Total Space | 236,40 Gb Free Space | 64,25% Space Free | Partition Type: NTFS
Computer Name: S-SYSTEM-PC | User Name: S-System | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034C2F04-86F2-4FCF-8292-E6FC6614B993}" = lport=137 | protocol=17 | dir=in | app=system |
"{11D859D1-5586-49AF-835D-8D8D3129BF40}" = lport=10243 | protocol=6 | dir=in | app=system |
"{155CB6D4-D973-49DA-ABB9-92F82D0138B9}" = rport=138 | protocol=17 | dir=out | app=system |
"{1636722E-508B-485B-80CD-68F3A337A37E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17FF79BC-1FD8-4491-A43F-8322E37707A6}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\rpcagentsrv.exe |
"{24FFF4AE-D2BC-4522-9CB2-25DF360C6BDA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{302D78DA-35D1-4433-A88A-CE181FC0D462}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E0E34D8-BCC6-45C1-A1E0-B3A16959CCDB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F70A495-25EE-454C-82B2-F16875560A19}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{493662E2-812B-4421-9B3E-81A3614372B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54B05118-49FE-4B17-8C44-4178856E1EC3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5ED48A2D-6BC8-429A-9710-7524E47F559B}" = rport=137 | protocol=17 | dir=out | app=system |
"{621B09F9-051E-41E2-81D5-4784F42005E2}" = lport=138 | protocol=17 | dir=in | app=system |
"{6ACBF02E-F4DD-4EC1-B05C-7CEBC1A315E6}" = lport=139 | protocol=6 | dir=in | app=system |
"{6F89E7E1-D3B4-42BA-B780-1BFB0C4615AE}" = lport=445 | protocol=6 | dir=in | app=system |
"{8BFA0138-69CF-44E2-83FF-66B8D1A249AE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6D8D3B0-1326-4AB9-8910-6FAEFF26F7DB}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\wnt500x64\rpcsandrasrv.exe |
"{BDDDF2CF-4848-489A-900A-85F68702FDAB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C10D7C4D-CB7B-4D2D-8287-852DC20A205B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5AC6D91-C542-4655-AAC3-937856D32611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D19633C7-4482-41D6-A468-05F57DCD630F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D363F5F7-B6F7-441B-AF7C-A4849C28B0E4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D5C2C494-C8DD-432E-A811-96BD61BD1850}" = rport=445 | protocol=6 | dir=out | app=system |
"{FD3534C5-1461-47DE-898C-221FD6E1E291}" = rport=139 | protocol=6 | dir=out | app=system |
"{FE4C6F93-6767-4041-B9F4-9993270A7D9C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0239C405-83D1-470F-9F55-2B12A410548C}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{0772C4EF-08FE-40E8-BE4E-65354565C0DB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\support\ea help\electronic_arts_technical_support.htm |
"{0AA89188-5D55-42C9-B5F9-09B9B06E9269}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{0CCDF762-582D-475C-AEAC-2DE7C613BF18}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{0CD6AD9D-258E-4348-A061-72BDEC58BB1F}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe |
"{0DBC5C16-4F95-49EE-8244-4CF715625FA3}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{128B5A73-7D16-4F52-AD15-F1EC8CD169B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15AD9656-EDEA-4DBB-B67B-20DA73543AC1}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{168F1C2F-36EE-4C1E-95DB-D3B2FE4A6020}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{189ECC3E-6B3F-4738-A9D3-18907908EC87}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{18A499C7-6D72-43AA-973A-43E8D52BDF8A}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{190AA9A7-95B0-4897-9AF2-615C0B2091CE}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{1B9D6AC9-FC69-4490-B378-AF62F9571A13}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1D85C25C-087E-4D47-A308-7411B63622C1}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{1E1A2D8A-AC5D-4BB5-B4FB-F63C84F35B15}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{1F762FA5-DBA9-4EE2-9522-23FE86150026}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{20BBB6F4-988C-4D6B-B072-BA23D699DD80}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{228A9560-934A-4853-9205-3F72CF3AE06E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\il-2 sturmovik cliffs of dover\launcher.exe |
"{22A20DD2-5E72-4535-87A5-D63C7046E196}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\il-2 sturmovik cliffs of dover\launcher.exe |
"{22C82CD0-621B-4A45-86BC-9E3840A9FF82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{22CC0A9C-B8C1-4F0A-9028-AE7481C7E1A2}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{255B16B7-9E4B-4E67-B78D-6A91BC7B09BD}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{26AEAA5C-3B88-40C9-9B68-D12E5D4D8F78}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{29B5D7D0-3283-47EB-9492-5B12ECE7E355}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{29DCF9FD-BCC0-4EAA-A8CA-098A577D04B2}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steam.exe |
"{2BCD7443-AAD3-41A7-A92D-8A60B2B9D8B2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2BD69A9A-003E-4033-85CF-BD3C73E5E512}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{2CF354BD-7526-4337-86DE-27F4FDF33E22}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 3 descent\binaries\alienbreed3descent.exe |
"{2E438164-0B21-49EA-A9A5-CDC493C097C2}" = dir=in | app=c:\program files\hp\hp officejet 6100\bin\devicesetup.exe |
"{2EB25A22-27DB-4CA5-A56C-7384ED7FF46C}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{3249885F-C38D-4032-9AB3-00EFC32053C7}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{3338F499-823D-4394-A6AD-01505BDED11F}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{35DF79A1-B2CD-4C0D-AF03-703526F78A0D}" = protocol=17 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{360887F1-BBEA-4E23-A27E-490D2A47D09F}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{3B1C2D1F-DCB3-4C94-873F-3F6EDA636BA5}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |
"{3D01C839-C469-4B4F-9B3F-5A649E8CFCB5}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3F5B9BEA-7366-4535-9EE1-A800E054295E}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{3FADC0E7-F1A8-4A57-9D25-B69E62E2BC4E}" = protocol=6 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3956\hpdiagnosticcoreui.exe |
"{4078289B-A90E-48E8-BF21-5D64580BA178}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\support\ea help\electronic_arts_technical_support.htm |
"{4342DD29-B7F5-4141-9FD1-A9B0D00F6530}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{46B84E4B-16E8-4FD6-A865-C24BBD551CD3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47EDFD72-EF6F-4AC4-9D54-9DB72C3C5801}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49B10D0B-345B-4BDF-9DC6-FA473F46FB6A}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{4A30763F-3A29-4FDC-A2BF-BA23F33C4E54}" = protocol=17 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{4AC7C645-02A7-481E-8C98-F5100D8442AA}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe |
"{4B8BF1F4-EF56-4BB7-B3FC-8DBB91ABF8D6}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4BC6782E-D438-40EB-B435-26ED2356DB1A}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{4C65D34B-2599-461F-B386-FA40D0012CC6}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{4D0D9076-0B78-417D-B632-A288B4B206FC}" = protocol=6 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{4D782717-7EF2-4E46-846F-ACA739FFCD6F}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{5035BAC8-2BFD-4A75-B2C2-9CFC1EF073D4}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{54466E6E-A0EE-403C-9C19-15B696C67805}" = protocol=6 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{5519F756-14C2-4BA0-988A-1BFCDFB7DB11}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{561356BB-8D8D-44AB-AA0C-31FFCD3F5123}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56137BAB-CBA0-4CF9-B373-CC3C88D84969}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{58AC2894-DAE7-489E-A05D-3F951997343D}" = protocol=17 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3ad1\hpdiagnosticcoreui.exe |
"{5BA9219B-A3E2-40E4-9998-887E61330311}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's pirates!\pirates!.exe |
"{5C004F81-7761-4059-9741-84EE8897A975}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5DC8DAF7-715F-4584-847A-D290689F2302}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{5FD2968D-12DC-4613-A2E1-6CA2A4734077}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{620F8496-27BD-4783-985A-847651319B03}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{62CAA28E-4FFA-47B8-9FCC-0C04E6738CD6}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{65585809-0630-4EA3-843B-D7BB2CBDAEBB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\ndsrv.exe |
"{672825F8-1FC1-4C5F-8FB4-3354DAB9F145}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{683AF175-5764-472D-BF85-D9E4E8EA6C58}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6B1E661D-3402-42D6-B657-3C9CE6F20FC8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6B9B2F0C-E01B-446E-9505-D15E9624696F}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sword of the stars ii\bin\x86\sots2.exe |
"{6D7FEAEC-EAF9-4806-B67D-37AC2896BE8A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe |
"{6FD835C0-5DFA-4144-8399-EA804823E5C3}" = protocol=6 | dir=in | app=h:\program files (x86)\stardock games\fallenenchantress\fallenenchantress.exe |
"{72558B36-7463-4578-AEB3-1B41D008BF34}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{75D46335-DFCF-472B-85A8-4AD24CAFB4FF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{77234755-172C-42CF-A12F-02166B7DAA86}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{77BAD646-14CB-4EE6-B9EE-7EB4FD1E7490}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sword of the stars ii\bin\x86\sots2.exe |
"{7936043B-A226-4740-9319-1A860E98F798}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7F7D67A4-220F-4C84-8EAC-D98106A1D206}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{80B5E7CD-8A1C-411F-B12C-5030AADBD61A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{824FAC24-F1C1-4EED-9B05-05EED22D2677}" = protocol=6 | dir=in | app=h:\program files (x86)\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe |
"{828F2E82-4AA9-4E1E-9B57-DE2078D0A5EB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{8548C8FC-DEED-4959-8ECE-E646B37BED8D}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{86022E2F-D105-43D0-97C5-011F28AA1B93}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{86ADD4F2-3FB1-4B4E-8026-31787C3E272C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{884F1CA2-B71E-4D8D-82B5-35032F6337EF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{88FDC3DA-C2B4-4FCC-9185-AC17F57547B3}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{8BD5A0C7-3748-4B27-9942-7747C67E43CD}" = protocol=6 | dir=out | app=system |
"{8D4F94F1-10B2-4012-84AC-DCBCA7C9061B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{8D6ACE0E-847D-4CAD-B14F-44F0A56D56A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{90F46F38-F082-4EA4-B8B9-ABB7383B5A3C}" = protocol=17 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{93D0F1DB-2198-4B0F-884F-B6AFA19A4D33}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{99C1862E-8EAF-467F-89CA-2484F59DA096}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{9B59BB5E-6CA6-4F94-B5DC-A881E3C1A663}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{9DDD2D39-6991-414F-8BD4-BAC668FEA05F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F835657-7F78-43A6-A058-123A2E6EB866}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{9F85DB73-960F-4F45-A548-089D421FC8AA}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe |
"{A13ED1ED-4AB5-4315-82ED-8E7F9AE513EE}" = protocol=6 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{A2B1D416-B5DF-4F66-9DD9-C10AE1E22460}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{A4866F75-C576-4971-9387-E34CDC3A3845}" = protocol=17 | dir=in | app=h:\program files (x86)\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe |
"{A5287859-2D85-4AD0-AA4F-91DCE822014B}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |
"{A6737C24-0995-4A84-9B8A-E3A2850721FB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{A7E4BC29-55A5-464A-94D9-6ACD40C074CB}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\nucleardawn.exe |
"{AA54E0F9-0E6D-441F-879C-1F7A68605093}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe |
"{AD78974C-2A5D-4DD4-9705-C531BD1BD1CB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{AE7ED559-5102-48F4-B8FA-1782F7B5CF7C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B0EC9CC4-804E-4B8C-9D52-9016E451E337}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{B361D81B-303D-4939-B61D-B6B32AC9E8EE}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{B38301EB-E6AB-4305-9807-4C877EB839D0}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{B523A6A4-DF20-434C-AF3D-D479360D4077}" = protocol=17 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3a5e\hpdiagnosticcoreui.exe |
"{B627D9C8-875D-4572-AC2B-211718005DCD}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{B65F233A-059C-4E42-9B3F-3BBF7474A504}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{B78973AD-53F2-49DF-ADF5-5C5F4C826941}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steam.exe |
"{B7E7972B-B507-49A9-B04D-489A9A6CFEBB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B8033E1B-C158-40B3-B395-887271B0EA36}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\ndsrv.exe |
"{B8768082-DFC9-4625-97D4-0D8F30297089}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{BA534E6F-C836-4BFC-A20F-806DEC284AF3}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\cnc4.exe |
"{BB683D34-294D-4EFA-BDB2-6F02A1A8E927}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BCBC29FD-ECBD-4CF0-8104-1A5321C84DBC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BD214E28-8425-429A-8FD8-6D911BD197FD}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{BE2C8D6A-5888-44F7-A750-5B04B082888E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{BE372EC4-A8C7-416A-A1BE-C32FF01DD2EB}" = protocol=6 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3a5e\hpdiagnosticcoreui.exe |
"{C05FE92B-C14B-4998-B6F9-02560ABE916A}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\alien breed 3 descent\binaries\alienbreed3descent.exe |
"{C31AAABA-FFF0-4B41-A096-5C8122704C45}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6473E35-BA8A-48A4-A5BD-548ECEA45B26}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{C6E506CF-3548-4328-98E8-BD61E3AE0A83}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{C8A708BE-D0C3-4FDD-AEDE-835DF6E1F85C}" = dir=in | app=c:\program files\hp\hp officejet 6100\bin\hpnetworkcommunicator.exe |
"{CA182C26-5ACA-4FD1-9CDE-AEB1AF563059}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{CBC296EC-4DFA-4010-8A3E-FEF5163A603F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{CE02CB46-7D3E-46EA-9BE7-A28D3D9A8348}" = protocol=6 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3ad1\hpdiagnosticcoreui.exe |
"{CE698BC6-DC49-4C60-8350-34D8142C50CE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFD4755C-CDE3-4FAE-9B2C-36146F41F41F}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D17BAC18-E20C-4972-86DE-90196E33F5D6}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\command and conquer 4 tiberian twilight\cnc4.exe |
"{D456302C-6C9B-48C0-BED4-CED94668A1DF}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{D676F901-11FB-4895-8249-120182B20052}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{D719ECD5-A7E8-4680-BBB9-E6A4CA11696D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{D9FCF23C-0852-4735-93A0-49B5B94CB3D8}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{DA598122-4C12-49D4-8BCF-14AD0AF0428F}" = protocol=17 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{DC6693A7-B1E8-4646-B832-2AF0DF7287C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{DD93B9E5-7F1F-4EB2-BCE6-9107B8B7B5B1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{DD9E6374-48C1-45B1-8BD1-4EB18CB31863}" = protocol=17 | dir=in | app=h:\program files (x86)\stardock games\fallenenchantress\fallenenchantress.exe |
"{DE49438B-B853-4276-8DC1-E5E542771EEA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{DF8AC190-1B86-4580-A186-6D7D4E9CA863}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{E0092BA6-84E0-47B3-B46A-898EEFB3F49D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E0BCA89D-F821-40D0-826F-613B7D6A075E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{E4A04840-69C0-451C-8221-DF8A8EA82A00}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\nuclear dawn\nucleardawn.exe |
"{E54A6116-190F-4CFB-AA93-BEE8B36A2F84}" = protocol=17 | dir=in | app=c:\users\s-system\appdata\local\temp\7zs3956\hpdiagnosticcoreui.exe |
"{E832D4A1-833D-4B2E-97DA-D2709F6BA0EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E891EB4E-9BC4-44DB-84EE-30DA773E560D}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's pirates!\pirates!.exe |
"{EAFEE016-9767-4775-A5AC-8BCFBDA120B9}" = protocol=6 | dir=in | app=h:\program files (x86)\icq7m\icq.exe |
"{EE5BDF8E-AAAD-46D2-89BC-C4E6CA6AFC5A}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{EEB859C9-2EBA-45EA-AC96-95D409D593F7}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe |
"{F29A97A4-8ED7-4EBA-8F25-FD8B7252422E}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F35B854A-4AEE-4BF7-A9B9-5D9C8A75A99B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F42D42DF-97EE-4483-B533-9B3E58E8FAFF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F4B4EAE1-E6F5-4E8D-BB6F-5355E244E9B5}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{FCD33357-9EB1-45C2-85FC-DC97CE69A3D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{FD463330-E450-4444-9DBB-733FA6D07434}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FF813FA1-05D4-4C96-8DC4-C3A931D8E7AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{12D93D02-3C15-DF08-581F-52E4A1EB0A3D}" = AMD Drag and Drop Transcoding
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{44B4F244-5B4D-856E-B3A6-E8DDBDC7F127}" = AMD Fuel
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{723C8298-C7B0-0407-A1B6-C3BA6F3FFAB1}" = Autodesk 3ds Max 2012 64-bit - German
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{838AF9AD-DE38-17FB-57F6-ADDF929F191E}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP5c
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E30BC112-507C-4980-A00B-13C5CC9EDB03}" = HP Officejet 6100 - Grundlegende Software für das Gerät
"{EA234BC3-39FE-4734-B72F-076086889F6D}" = Composite 2012 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Autodesk 3ds Max 2012 64-bit - German" = Autodesk 3ds Max 2012 64-bit - German
"Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit" = Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = AMD VISION Engine Control Center
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F5B0DA7-1696-472A-BC59-305A81C23AE5}" = WebTV
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73750E8F-0277-4EF7-AD90-7723B5C0A8B8}" = Elemental: Fallen Enchantress
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94240445-6D61-4985-B240-9027DCA7193E}_is1" = Men of War: Red Tide (Remove Only)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A30269D0-4F0B-44BB-A169-C665CA856EEC}}_is1" = Crusader Kings II version 1.07b
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012
"{B9135AC5-0FA4-4565-9768-61BF6C79CD29}" = WebTV
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CA328CDF-A284-445E-AAE7-B24A11E97201}" = MechWarrior Online
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.70
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio-Systemsteuerung
"Autodesk 3ds Max 2012 64-bit - German SP2" = Autodesk 3ds Max 2012 64-bit - German SP2
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Diablo III" = Diablo III
"Distant Worlds1.0.6.0" = Distant Worlds
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.1 Home Edition
"EasyBCD" = EasyBCD 2.1.2
"Elemental: Fallen Enchantress" = Elemental: Fallen Enchantress
"Entropia Universe" = Entropia Universe
"ESET Online Scanner" = ESET Online Scanner v3
"EVE" = EVE Online (remove only)
"EVEMon" = EVEMon
"Fraps" = Fraps
"hon" = Heroes of Newerth
"Icewind Dale Complete_is1" = Icewind Dale Complete
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Legend of Grimrock" = Legend of Grimrock
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Men of War - Red Tide_is1" = Men of War - Red Tide 1.00.1
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Starfarer" = Starfarer by Fractal Softworks LLC
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 205790" = Dota 2 Test
"Steam App 207170" = Legend of Grimrock
"Steam App 208140" = Endless Space
"Steam App 33460" = From Dust
"Steam App 34030" = Napoleon: Total War
"Steam App 3920" = Sid Meier's Pirates!
"Steam App 42990" = Sword of the Stars II
"Steam App 47400" = Stronghold 3
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"VL Sound 5.1" = VL Sound 5.1
"VLC media player" = VLC media player 2.0.0
"WaveStudio 7" = Creative WaveStudio 7
"Winamp" = Winamp
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4f004f4a-1930-4b55-83e6-61660211787f}" = MechWarrior Online
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.11.2012 14:55:58 | Computer Name = S-System-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GameOverlayUI.exe, Version: 1.32.20.50,
Zeitstempel: 0x4f46a9bf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74a3e2d4 ID des fehlerhaften
Prozesses: 0x1e08 Startzeit der fehlerhaften Anwendung: 0x01cdc03e2d3693c5 Pfad der
fehlerhaften Anwendung: H:\Program Files (x86)\Steam\GameOverlayUI.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 6da15496-2c31-11e2-b2d2-40618663e49f
Error - 13.11.2012 14:50:58 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 13.11.2012 14:52:12 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 14.11.2012 16:09:03 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.11.2012 16:11:34 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 17.11.2012 05:27:20 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 17.11.2012 05:29:38 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 18.11.2012 05:56:11 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.11.2012 05:57:41 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 18.11.2012 06:20:34 | Computer Name = S-System-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 18.11.2012 06:31:07 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:13 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:20 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:26 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:33 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:39 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:46 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:52 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 18.11.2012 06:31:59 | Computer Name = S-System-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 20.11.2012 13:37:34 | Computer Name = S-System-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?11.?2012 um 23:44:50 unerwartet heruntergefahren.
< End of report > --- --- ---
ich habe dass selbe theme im Log analyse Forum reingestellt, da ich denke dies ist das richtigere, würde ich einen admin bitten das andere thema zu löschen / sperren
Bzw welches ist das richtige Forum? |