| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windowssystem blockiert - bezahlen und runterladen - schwarzer BildschirmWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.03.2012, 10:31
| #1 |
| |  Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Guten Morgen/Mittag an alle Ich habe mir gestern einen Virus eingefangen, der nach dem hochfahren des Pc`s folgendes anzeigt: Windowssystem blockiert - bezahlen und runterladen. Nachdem ich mich nun bereits in diesem Forum, informiert habe, konnte ich feststellen, dass es lösungen gibt. Etwas beruhigt bin ich auch, da ich sehe, dass das Thema derzeit wohl sehr aktuell ist (viele Berichte vom März 2012). Ich habe oft gelesen, dass ich mir ein OTL herunterladen muss. Dies weiss ich nun nur nicht wo dies zu laden geht und was damit zu tun ist. Ich habe jetzt auch öfter gelesen, dass dieser Virus individuell bearbeitet werden soll, deshalb lass ich vorsichtshalber mal meine Finger von allem. Über den Abgesicherten Modus habe ich mir schon alle wichtigen Daten auf meine externe Festplatte kopiert, so dass im Notfall auch einer Formation nichts im Wege stehen wird. (Dies wollte ich jedoch vorerst vermeiden) Ich hoffe, dass die Experten hier im Forum mir bei meinem Problem weiterhelfen können. Ich bin jedoch kein Profi am Pc aber denke, dass ich das schaffe. Ich bedanke mich bereits im Voraus für eure Geduld und hoffe, dass ihr mir weiter helfen könnt. Noch ein Paar Eckdaten zu meinem System: Ich arbeite mit einem Windows 7 - 64bit professional system. habe meinen avira antivirus heute nacht laufen gelassen im abgesicherten Modus. Dieser hat 93 viren entdeckt und diese habe ich gelöscht, jedoch ohne erfolg. Jetzt stellt sich die Frage: Wie fange ich an? Freue mich sehr über Antworten. (Das wird spannend)  |
|
28.03.2012, 11:00
| #2 |
  | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi,
__________________OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
Nach dem ich die Logs durchgesehen habe (ev. kommt dann noch ein Fix von mir): Malwarebytes Antimalware (MAM) Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen: http://filepony.de/download-chameleon/ Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen") Fullscan und alles bereinigen lassen! Log posten. chris
__________________ |
|
28.03.2012, 11:23
| #3 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hallo chris4You...
__________________Danke für die schnelle Antwort... Hier die Logs: OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.03.2012 12:09:33 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hansen\Desktop 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,87 Gb Available Physical Memory | 85,93% Memory free 15,99 Gb Paging File | 14,89 Gb Available in Paging File | 93,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596,07 Gb Total Space | 95,70 Gb Free Space | 16,06% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 33,34 Gb Free Space | 7,16% Space Free | Partition Type: NTFS Drive H: | 7,26 Gb Total Space | 6,66 Gb Free Space | 91,79% Space Free | Partition Type: FAT32 Computer Name: HANSEN-PC | User Name: hansen | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\hansen\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Spyware Doctor\pctsTray.exe (PC Tools) PRC - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (PC Tools) PRC - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Microsoft Help Center) -- C:\Windows\Microsoft Help\MsHelpCenter.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (sdCoreService) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.) SRV - (DvmMDES) -- C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (NVIDIA Performance Driver Service) -- C:\Programme\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe () SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (LVUVC64) Logitech HD Webcam C270(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (ArcSec) -- C:\Windows\SysNative\drivers\ArcSec.sys () DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (LTXMD_VAC) Litex Media Virtual Audio Cable (WDM) -- C:\Windows\SysNative\drivers\lmvac.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 EF 41 F6 DD 0A CB 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {35705112-6F44-403B-BA5F-6F563C3713A3} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0CC4C0E2-A050-4C02-8FD2-C3C927F1E5A2}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms} IE - HKCU\..\SearchScopes\{35705112-6F44-403B-BA5F-6F563C3713A3}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\..\SearchScopes\{6C8E05F5-B38B-4767-B3CF-E9BD146977DD}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D71B4AED-02E7-4566-85F3-6874CB39394A}: "URL" = hxxp://www.amazon.de/gp/search?search-alias=aps&field-keywords={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.* ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.bild.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9051303c-7e41-4311-a783-d6fe5ef2832d}: C:\Program Files (x86)\FVD Suite\addons\Firefox [2011.11.05 15:12:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.11 03:56:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.27 21:04:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 21:04:37 | 000,000,000 | ---D | M] [2010.11.13 19:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hansen\AppData\Roaming\mozilla\Extensions [2012.03.17 21:22:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\p0vw60cy.default\extensions [2011.11.26 14:14:42 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\p0vw60cy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.01.14 02:44:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\HANSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P0VW60CY.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI [2012.03.18 12:45:02 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.10 17:26:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.10 17:26:25 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.10 17:26:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.10 17:26:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.10 17:26:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.10 17:26:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.12.09 19:34:30 | 000,001,389 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 pagead2.googlesyndication.com O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (Open FVD Suite Toolbar) - {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\Program Files (x86)\FVD Suite\addons\IE\FVDToolbar.dll (www.flashvideodownloader.org/fvd-suite/) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (FVD Suite Toolbar) - {2B171655-A69C-5c18-B693-6CB5DC269D41} - C:\Program Files (x86)\FVD Suite\addons\IE\FVDToolbar.dll (www.flashvideodownloader.org/fvd-suite/) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" File not found O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TurboV EVO] C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 File not found O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found O4 - HKCU..\Run: [SkypePM] C:\Users\hansen\AppData\Local\Skype\SkypePM.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08C75267-E7B2-45F1-A6B1-D937918C72D1}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF3C6F83-9BFF-41CB-A509-8157D7F00E49}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.) O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\SysWow64\acaptuser32.dll (Adobe Systems Incorporated) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.03.28 12:08:34 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe [2012.03.27 21:07:40 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Apple Computer [2012.03.27 21:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.03.27 21:06:15 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012.03.27 21:06:15 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012.03.27 21:06:15 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012.03.27 21:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012.03.27 21:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.03.27 21:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012.03.27 21:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.03.27 21:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.03.27 21:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.03.27 21:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012.03.10 23:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012.03.09 01:46:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2012.03.02 21:46:49 | 000,000,000 | ---D | C] -- C:\Users\hansen\Documents\ArcSoft [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.03.28 12:09:28 | 001,507,342 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.03.28 12:09:28 | 000,657,660 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.03.28 12:09:28 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.03.28 12:09:28 | 000,131,032 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.03.28 12:09:28 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.03.28 12:08:00 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe [2012.03.28 11:40:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.28 11:40:22 | 2145,947,647 | -HS- | M] () -- C:\hiberfil.sys [2012.03.28 10:32:52 | 000,014,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.28 10:32:52 | 000,014,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.28 10:32:52 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2012.03.28 10:30:46 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.03.27 20:49:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.03.27 12:12:52 | 000,000,648 | ---- | M] () -- C:\Windows\tasks\WebContent AutoUpdate 2011.job [2012.03.15 23:50:02 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2012.03.13 09:31:40 | 000,000,502 | ---- | M] () -- C:\Windows\tasks\Allplan AutoUpdate 2011-1.job [2012.03.11 11:14:53 | 005,276,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.03.08 19:58:15 | 000,000,132 | ---- | M] () -- C:\Users\hansen\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.02.28 20:44:17 | 000,008,704 | ---- | M] () -- C:\Users\hansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.28 12:36:28 | 000,292,676 | ---- | M] () -- C:\Users\hansen\Documents\tickets.jpg [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.11 01:32:50 | 000,001,666 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS5.1.lnk [2012.03.11 01:32:31 | 000,001,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk [2012.03.11 01:32:16 | 000,001,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk [2012.03.11 01:31:14 | 000,001,379 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk [2012.03.11 01:31:10 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk [2012.02.28 12:36:28 | 000,292,676 | ---- | C] () -- C:\Users\hansen\Documents\tickets.jpg [2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.12.10 15:32:45 | 000,000,132 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Adobe Targa Format CS5 Prefs [2011.11.03 08:32:14 | 000,307,008 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.10.11 19:46:37 | 000,008,704 | ---- | C] () -- C:\Users\hansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.13 13:17:49 | 000,001,456 | ---- | C] () -- C:\Users\hansen\AppData\Local\Adobe Save for Web 12.0 Prefs [2011.04.15 18:20:30 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe [2011.02.22 14:21:00 | 000,000,125 | ---- | C] () -- C:\Windows\FlashDecompiler.INI [2011.02.10 23:06:31 | 000,000,132 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.01.05 18:13:47 | 000,000,132 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Adobe IllExport Filter CS5 Prefs [2010.11.13 19:08:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.11.06 20:03:08 | 001,534,660 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.10.27 18:43:50 | 000,226,740 | ---- | C] () -- C:\Windows\hpoins18.dat [2010.10.27 18:43:50 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat [2010.09.03 06:45:51 | 000,000,287 | ---- | C] () -- C:\Users\hansen\AppData\Local\VersionChecker_15.xml [2010.08.24 20:50:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.08.09 16:11:56 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.07.19 10:36:53 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old [2010.07.19 10:36:53 | 000,767,928 | ---- | C] () -- C:\Windows\BDTSupport.dll [2010.06.13 17:39:08 | 000,000,400 | ---- | C] () -- C:\Windows\g_iclink343.ini [2010.06.13 17:39:08 | 000,000,400 | ---- | C] () -- C:\Windows\SysWow64\drivers\bcompbg806.dat [2010.06.13 15:44:22 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\implode.dll [2010.06.13 15:03:40 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2010.06.13 12:47:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010.06.13 12:47:00 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010.06.13 12:46:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2010.06.13 12:46:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2010.06.13 12:40:33 | 000,036,649 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010.06.13 12:38:47 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.06.13 12:38:42 | 000,026,709 | ---- | C] () -- C:\Windows\Ascd_tmp.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:C39E55C5 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:DED17083 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A8ADE5D8 < End of report > Hier die Logs: OTL Extras OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.03.2012 12:09:33 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hansen\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,87 Gb Available Physical Memory | 85,93% Memory free
15,99 Gb Paging File | 14,89 Gb Available in Paging File | 93,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 95,70 Gb Free Space | 16,06% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 33,34 Gb Free Space | 7,16% Space Free | Partition Type: NTFS
Drive H: | 7,26 Gb Total Space | 6,66 Gb Free Space | 91,79% Space Free | Partition Type: FAT32
Computer Name: HANSEN-PC | User Name: hansen | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 276.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 276.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 276.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"MAXONB6EC381C" = CINEMA 4D 11.514
"MAXONF02E79F8" = NET Render Client 11.514
"MAXONFB05E576" = CINEMA 4D 13.016
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"SP6" = Logitech SetPoint 6.0
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{164965E8-4BB0-4EEB-AFBA-75785A2A2A7F}" = Adobe Fireworks CS5
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23767F5D-A80C-4264-B8EA-ED4085FC332A}" = Adobe Illustrator CS5.1
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3ACFF226-3D86-422D-A151-1582DA1231C5}" = Samplitude 11 Silver
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{5E5E66D9-68DF-4818-A883-8787DC52EB7A}" = General Runtime Files for Nemetschek Allplan 2009
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}" = Nemetschek SoftLock 2006
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1" = FVD Suite 2.6.8
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95E1E426-EE9E-4F68-8F02-58A5A09B38F3}" = Rhinoceros 4.0 SR8
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"{9A6518F6-D319-49C9-9AB6-7FF77F082503}" = ESS Energie Indikator
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_950" = Adobe Acrobat 9.5.0 - CPSID_83708
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BAED3957-C271-4670-A50D-8D7438701917}" = Nemetschek Allplan 2009
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71C8D1-9258-4504-89AF-BA80748CC0D2}" = Nemetschek Allplan 2011
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5321DAA-ADE6-E7C9-A139-AE2FB1563242}" = Vectorworks 2010 Hilfe
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E613E31E-9C18-4418-8112-345877E31254}" = General Runtime Files for Nemetschek Softlock 2006
"{E8815668-95B0-443D-AC92-2BFD7DD8F16A}" = Adobe Flash Catalyst CS5
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA61FF86-2479-D620-9F6B-655ADD4225B4}" = General Runtime Files for Allplan 2011-1-5
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira Free Antivirus
"Browser Defender_is1" = Browser Defender 2.0.6.15
"Cakewalk Music Creator LE 3" = Cakewalk Music Creator LE 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX-Setup
"DreamStation DXi2" = DreamStation DXi2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"eu.computerworks.vectorworks.2010.help.deu.C597E665C9D833B0F52B09434821DFAEF4904789.1" = Vectorworks 2010 Hilfe
"FileZilla Client" = FileZilla Client 3.3.5.1
"FL Studio 9" = FL Studio 9
"Flash Decompiler Trillix_is1" = Flash Decompiler Trillix
"Free FLV Converter_is1" = Free FLV Converter V 7.3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.8.5
"LameACM" = LameACM
"MAGIX_MSI_sam11silver" = Samplitude 11 Silver
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Sawer" = Sawer
"Spyware Doctor" = Spyware Doctor 7.0
"SystemRequirementsLab" = System Requirements Lab
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.08.2011 11:15:59 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\Adobe\acrobat 9.0\designer 8.2\FormDesigner.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 28.08.2011 13:00:00 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 29.08.2011 14:26:51 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.08.2011 13:37:31 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 31.08.2011 16:23:30 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 31.08.2011 16:55:42 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 31.08.2011 16:56:09 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 31.08.2011 16:58:54 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\Adobe\acrobat 9.0\designer 8.2\FormDesigner.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 01.09.2011 15:47:02 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 03.09.2011 13:54:39 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
[ Media Center Events ]
Error - 14.01.2011 13:37:33 | Computer Name = hansen-PC | Source = MCUpdate | ID = 0
Description = 18:33:08 - Directory konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
[ OSession Events ]
Error - 08.11.2011 07:17:50 | Computer Name = hansen-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 2277 seconds with 180 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 28.03.2012 06:02:19 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:04:27 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:04:27 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:04:27 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:09:27 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:09:27 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:09:27 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:11:33 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:11:33 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.03.2012 06:11:33 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
Malewarebytes installiere ich gerade und folge den Anweisungen... werde dann davon auch posten. Danke! |
|
28.03.2012, 12:33
| #4 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi, Fix für OTL:
 Code:
ATTFilter
:OTL
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [SkypePM] C:\Users\hansen\AppData\Local\Skype\SkypePM.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
@Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:C39E55C5
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:DED17083
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A8ADE5D8
:reg
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = dword:0x01
:Commands
[emptytemp]
[Reboot]
Dann bitte MAM laufen lassen, den Rechner zur probe mal ohne Internetanbindung normal booten... Dann MAM... chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
28.03.2012, 12:54
| #5 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi... Habe die Einstellungen und anweisungen befolgt. Wenn ich auf run fixes (bei mir nur fix) klicke und den code unten in das kästchen eingegeben habe, passiert nichts. OTL ergänzt nur ein zweites mal den letzten Befahrl [Reboot] mein firefox geht aus und ich kann nichts mehr steuern am OTL. Mache ich etwas falsch? ... oder muss ich länger warten... ich bekomme leider keinerlei Anzeichen, dass das Programm arbeitet! ??? sieht aus wie ein absturz aber ich kann alles andere bedienen...üeber strg+alt+entf kann ich dann das OTL programm beenden und neu Starten... sind die Einstellungen wie in der Grafik so richtig? Habe noch einen Haken im zusatzkästchen inkl. 64 bit scans. (siehe einstellungen im angehängten jpeg). (habe auch schon im systemroot ordner nach der kopie gesucht aber da bekomme ich die fehlermeldung, dass es diesen ordner nicht gibt) Geändert von jpointh (28.03.2012 um 12:56 Uhr) Grund: Ergänzung der sysroot ordnersuche da vergessen zu erwähnen |
|
28.03.2012, 13:59
| #6 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi, versuche es bitte im abgesicherten Modus (F8 beim Booten drücken), nicht vergessen als Admin ausführen und ggf. die Antivirenlösung temp. ausschalten.. Du hast in das Fenster auch [b]:OTL] reinkopiert? Dann sollte es beim Klicken auf "Fix" eigentlich laufen... Wenn das nicht geht, gleich weiter mit Teil 2 -> MAM... chris
__________________ --> Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm |
|
28.03.2012, 17:37
| #7 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hallo... Anbei die Logdatei des MAM's bevor ich die gefundenen infizierungen gelöscht habe Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.28.01 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 hansen :: HANSEN-PC [Administrator] Schutz: Aktiviert 28.03.2012 14:22:32 mbam-log-2012-03-28 (18-18-39).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 773678 Laufzeit: 3 Stunde(n), 42 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: ("regedit.exe" "%1") Gut: (regedit.exe "%1") -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Windows\Temp\TMP1F6E.tmp (Trojan.Downloader) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\03282012_133915\C_Users\hansen\AppData\Local\Skype\SkypePM.exe (Trojan.Ransom) -> Keine Aktion durchgeführt. (Ende) gruß und danke  Geändert von jpointh (28.03.2012 um 17:43 Uhr) |
|
28.03.2012, 20:08
| #8 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi, OTL hat das Teil tatsächlich entsorgt, mit MAM hast du ja alles löschen lassen... Poste ein neues OTL-Log und TDSS: TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
29.03.2012, 19:41
| #9 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hallo chris... ja hat wirklich soweit geklappt... richtig super schonmal... danke dafüer... habe das TDSS - Killer tool gerade laufen lassenhier die ergebnisse: Code:
ATTFilter 20:35:05.0734 3776 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
20:35:06.0656 3776 ============================================================
20:35:06.0656 3776 Current date / time: 2012/03/29 20:35:06.0656
20:35:06.0656 3776 SystemInfo:
20:35:06.0656 3776
20:35:06.0656 3776 OS Version: 6.1.7600 ServicePack: 0.0
20:35:06.0656 3776 Product type: Workstation
20:35:06.0656 3776 ComputerName: HANSEN-PC
20:35:06.0657 3776 UserName: hansen
20:35:06.0657 3776 Windows directory: C:\Windows
20:35:06.0657 3776 System windows directory: C:\Windows
20:35:06.0657 3776 Running under WOW64
20:35:06.0657 3776 Processor architecture: Intel x64
20:35:06.0657 3776 Number of processors: 8
20:35:06.0657 3776 Page size: 0x1000
20:35:06.0657 3776 Boot type: Normal boot
20:35:06.0657 3776 ============================================================
20:35:06.0975 3776 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
20:35:06.0979 3776 \Device\Harddisk0\DR0:
20:35:06.0980 3776 MBR used
20:35:06.0980 3776 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:35:06.0980 3776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
20:35:07.0003 3776 Initialize success
20:35:07.0003 3776 ============================================================
20:35:15.0227 1608 ============================================================
20:35:15.0227 1608 Scan started
20:35:15.0227 1608 Mode: Manual; SigCheck; TDLFS;
20:35:15.0227 1608 ============================================================
20:35:15.0707 1608 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
20:35:15.0871 1608 1394ohci - ok
20:35:15.0901 1608 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
20:35:15.0914 1608 ACPI - ok
20:35:15.0946 1608 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
20:35:15.0999 1608 AcpiPmi - ok
20:35:16.0072 1608 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
20:35:16.0148 1608 adfs - ok
20:35:16.0279 1608 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
20:35:16.0312 1608 Adobe Version Cue CS4 - ok
20:35:16.0357 1608 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:35:16.0393 1608 adp94xx - ok
20:35:16.0429 1608 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:35:16.0464 1608 adpahci - ok
20:35:16.0494 1608 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:35:16.0513 1608 adpu320 - ok
20:35:16.0541 1608 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:35:16.0618 1608 AeLookupSvc - ok
20:35:16.0666 1608 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
20:35:16.0707 1608 AFD - ok
20:35:16.0740 1608 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
20:35:16.0756 1608 agp440 - ok
20:35:16.0774 1608 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:35:16.0803 1608 ALG - ok
20:35:16.0831 1608 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
20:35:16.0853 1608 aliide - ok
20:35:16.0866 1608 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
20:35:16.0879 1608 amdide - ok
20:35:16.0906 1608 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:35:16.0958 1608 AmdK8 - ok
20:35:16.0993 1608 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:35:17.0042 1608 AmdPPM - ok
20:35:17.0080 1608 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
20:35:17.0105 1608 amdsata - ok
20:35:17.0133 1608 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:35:17.0154 1608 amdsbs - ok
20:35:17.0176 1608 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
20:35:17.0192 1608 amdxata - ok
20:35:17.0270 1608 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:35:17.0288 1608 AntiVirSchedulerService - ok
20:35:17.0326 1608 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:35:17.0342 1608 AntiVirService - ok
20:35:17.0379 1608 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
20:35:17.0430 1608 AppID - ok
20:35:17.0455 1608 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:35:17.0517 1608 AppIDSvc - ok
20:35:17.0583 1608 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
20:35:17.0609 1608 Appinfo - ok
20:35:17.0763 1608 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:35:17.0776 1608 Apple Mobile Device - ok
20:35:17.0821 1608 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:35:17.0861 1608 AppMgmt - ok
20:35:17.0889 1608 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:35:17.0907 1608 arc - ok
20:35:17.0929 1608 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:35:17.0946 1608 arcsas - ok
20:35:17.0997 1608 ArcSec (a7409b5c0e35ddee64f16f3054e5530b) C:\Windows\system32\drivers\ArcSec.sys
20:35:18.0026 1608 ArcSec - ok
20:35:18.0072 1608 AsIO (68726474c69b738eac3a62e06b33addc) C:\Windows\syswow64\drivers\AsIO.sys
20:35:18.0086 1608 AsIO - ok
20:35:18.0110 1608 AsSysCtrlService (798a87b2d7ad73b16b7cd968c5d1f18f) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
20:35:18.0118 1608 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - warning
20:35:18.0118 1608 AsSysCtrlService - detected UnsignedFile.Multi.Generic (1)
20:35:18.0144 1608 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:35:18.0216 1608 AsyncMac - ok
20:35:18.0282 1608 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
20:35:18.0306 1608 atapi - ok
20:35:18.0341 1608 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
20:35:18.0394 1608 AudioEndpointBuilder - ok
20:35:18.0415 1608 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
20:35:18.0450 1608 AudioSrv - ok
20:35:18.0481 1608 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
20:35:18.0493 1608 avgntflt - ok
20:35:18.0530 1608 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
20:35:18.0554 1608 avipbb - ok
20:35:18.0584 1608 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
20:35:18.0600 1608 avkmgr - ok
20:35:18.0626 1608 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
20:35:18.0688 1608 AxInstSV - ok
20:35:18.0753 1608 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:35:18.0814 1608 b06bdrv - ok
20:35:18.0890 1608 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:35:18.0978 1608 b57nd60a - ok
20:35:19.0021 1608 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:35:19.0068 1608 BDESVC - ok
20:35:19.0097 1608 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:35:19.0180 1608 Beep - ok
20:35:19.0348 1608 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
20:35:19.0431 1608 BFE - ok
20:35:19.0517 1608 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
20:35:19.0621 1608 BITS - ok
20:35:19.0659 1608 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:35:19.0730 1608 blbdrive - ok
20:35:19.0960 1608 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:35:19.0980 1608 Bonjour Service - ok
20:35:20.0049 1608 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
20:35:20.0157 1608 bowser - ok
20:35:20.0193 1608 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:35:20.0231 1608 BrFiltLo - ok
20:35:20.0255 1608 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:35:20.0284 1608 BrFiltUp - ok
20:35:20.0374 1608 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
20:35:20.0433 1608 Browser - ok
20:35:20.0547 1608 Browser Defender Update Service (21fa3e51618ff8e2f4b29964abc5884f) C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
20:35:20.0557 1608 Browser Defender Update Service - ok
20:35:20.0624 1608 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:35:20.0679 1608 Brserid - ok
20:35:20.0713 1608 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:35:20.0787 1608 BrSerWdm - ok
20:35:20.0836 1608 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:35:20.0908 1608 BrUsbMdm - ok
20:35:20.0959 1608 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:35:20.0999 1608 BrUsbSer - ok
20:35:21.0052 1608 BTCFilterService - ok
20:35:21.0151 1608 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:35:21.0217 1608 BthEnum - ok
20:35:21.0254 1608 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:35:21.0310 1608 BTHMODEM - ok
20:35:21.0353 1608 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:35:21.0405 1608 BthPan - ok
20:35:21.0494 1608 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
20:35:21.0557 1608 BTHPORT - ok
20:35:21.0637 1608 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:35:21.0711 1608 bthserv - ok
20:35:21.0783 1608 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
20:35:21.0836 1608 BTHUSB - ok
20:35:21.0896 1608 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
20:35:21.0918 1608 btusbflt - ok
20:35:21.0961 1608 btwaudio - ok
20:35:21.0980 1608 btwavdt - ok
20:35:22.0026 1608 btwl2cap - ok
20:35:22.0042 1608 btwrchid - ok
20:35:22.0068 1608 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:35:22.0141 1608 cdfs - ok
20:35:22.0229 1608 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
20:35:22.0281 1608 cdrom - ok
20:35:22.0324 1608 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
20:35:22.0406 1608 CertPropSvc - ok
20:35:22.0460 1608 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:35:22.0505 1608 circlass - ok
20:35:22.0532 1608 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:35:22.0553 1608 CLFS - ok
20:35:22.0601 1608 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:35:22.0624 1608 clr_optimization_v2.0.50727_32 - ok
20:35:22.0669 1608 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:35:22.0694 1608 clr_optimization_v2.0.50727_64 - ok
20:35:22.0768 1608 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:35:22.0786 1608 clr_optimization_v4.0.30319_32 - ok
20:35:22.0807 1608 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:35:22.0818 1608 clr_optimization_v4.0.30319_64 - ok
20:35:22.0836 1608 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:35:22.0869 1608 CmBatt - ok
20:35:22.0890 1608 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
20:35:22.0909 1608 cmdide - ok
20:35:22.0961 1608 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
20:35:23.0038 1608 CNG - ok
20:35:23.0071 1608 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:35:23.0091 1608 Compbatt - ok
20:35:23.0114 1608 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:35:23.0161 1608 CompositeBus - ok
20:35:23.0172 1608 COMSysApp - ok
20:35:23.0203 1608 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:35:23.0227 1608 crcdisk - ok
20:35:23.0256 1608 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
20:35:23.0306 1608 CryptSvc - ok
20:35:23.0334 1608 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
20:35:23.0380 1608 CSC - ok
20:35:23.0411 1608 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
20:35:23.0446 1608 CscService - ok
20:35:23.0483 1608 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
20:35:23.0539 1608 DcomLaunch - ok
20:35:23.0562 1608 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:35:23.0615 1608 defragsvc - ok
20:35:23.0661 1608 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
20:35:23.0713 1608 DfsC - ok
20:35:23.0761 1608 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
20:35:23.0822 1608 Dhcp - ok
20:35:23.0839 1608 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:35:23.0881 1608 discache - ok
20:35:23.0920 1608 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:35:23.0939 1608 Disk - ok
20:35:23.0973 1608 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
20:35:24.0012 1608 Dnscache - ok
20:35:24.0048 1608 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
20:35:24.0116 1608 dot3svc - ok
20:35:24.0172 1608 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
20:35:24.0207 1608 Dot4 - ok
20:35:24.0255 1608 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:35:24.0302 1608 Dot4Print - ok
20:35:24.0344 1608 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
20:35:24.0378 1608 dot4usb - ok
20:35:24.0399 1608 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
20:35:24.0450 1608 DPS - ok
20:35:24.0493 1608 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:35:24.0520 1608 drmkaud - ok
20:35:24.0581 1608 DvmMDES (e5b95c75557120881076c45cd146d72c) C:\ASUS.SYS\config\DVMExportService.exe
20:35:24.0594 1608 DvmMDES ( UnsignedFile.Multi.Generic ) - warning
20:35:24.0594 1608 DvmMDES - detected UnsignedFile.Multi.Generic (1)
20:35:24.0643 1608 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
20:35:24.0677 1608 DXGKrnl - ok
20:35:24.0692 1608 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:35:24.0736 1608 EapHost - ok
20:35:24.0821 1608 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:35:24.0978 1608 ebdrv - ok
20:35:25.0046 1608 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
20:35:25.0099 1608 EFS - ok
20:35:25.0278 1608 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
20:35:25.0340 1608 ehRecvr - ok
20:35:25.0384 1608 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:35:25.0415 1608 ehSched - ok
20:35:25.0507 1608 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:35:25.0559 1608 elxstor - ok
20:35:25.0589 1608 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
20:35:25.0609 1608 ErrDev - ok
20:35:25.0668 1608 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:35:25.0757 1608 EventSystem - ok
20:35:25.0818 1608 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:35:25.0874 1608 exfat - ok
20:35:25.0935 1608 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:35:26.0035 1608 fastfat - ok
20:35:26.0137 1608 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
20:35:26.0203 1608 Fax - ok
20:35:26.0243 1608 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:35:26.0299 1608 fdc - ok
20:35:26.0333 1608 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:35:26.0373 1608 fdPHost - ok
20:35:26.0393 1608 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:35:26.0451 1608 FDResPub - ok
20:35:26.0484 1608 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:35:26.0514 1608 FileInfo - ok
20:35:26.0540 1608 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:35:26.0609 1608 Filetrace - ok
20:35:26.0702 1608 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:35:26.0724 1608 FLEXnet Licensing Service - ok
20:35:26.0842 1608 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:35:26.0908 1608 FLEXnet Licensing Service 64 - ok
20:35:26.0940 1608 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:35:26.0978 1608 flpydisk - ok
20:35:27.0014 1608 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
20:35:27.0053 1608 FltMgr - ok
20:35:27.0089 1608 FontCache (97223981a9214f1b4997e9075abb6bf5) C:\Windows\system32\FntCache.dll
20:35:27.0147 1608 FontCache - ok
20:35:27.0209 1608 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:35:27.0223 1608 FontCache3.0.0.0 - ok
20:35:27.0249 1608 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:35:27.0274 1608 FsDepends - ok
20:35:27.0325 1608 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
20:35:27.0347 1608 fssfltr - ok
20:35:27.0428 1608 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:35:27.0513 1608 fsssvc - ok
20:35:27.0539 1608 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:35:27.0554 1608 Fs_Rec - ok
20:35:27.0605 1608 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:35:27.0631 1608 fvevol - ok
20:35:27.0650 1608 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:35:27.0675 1608 gagp30kx - ok
20:35:27.0733 1608 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:35:27.0750 1608 GEARAspiWDM - ok
20:35:27.0796 1608 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
20:35:27.0845 1608 gpsvc - ok
20:35:27.0926 1608 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:35:27.0941 1608 gupdate - ok
20:35:27.0959 1608 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:35:27.0974 1608 gupdatem - ok
20:35:27.0997 1608 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:35:28.0036 1608 hcw85cir - ok
20:35:28.0081 1608 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
20:35:28.0149 1608 HdAudAddService - ok
20:35:28.0184 1608 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:35:28.0220 1608 HDAudBus - ok
20:35:28.0248 1608 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:35:28.0295 1608 HidBatt - ok
20:35:28.0326 1608 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:35:28.0366 1608 HidBth - ok
20:35:28.0403 1608 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:35:28.0450 1608 HidIr - ok
20:35:28.0473 1608 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:35:28.0520 1608 hidserv - ok
20:35:28.0573 1608 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
20:35:28.0605 1608 HidUsb - ok
20:35:28.0621 1608 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
20:35:28.0667 1608 hkmsvc - ok
20:35:28.0704 1608 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
20:35:28.0748 1608 HomeGroupListener - ok
20:35:28.0771 1608 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
20:35:28.0797 1608 HomeGroupProvider - ok
20:35:28.0955 1608 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:35:28.0982 1608 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:35:28.0983 1608 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:35:29.0007 1608 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:35:29.0033 1608 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:35:29.0033 1608 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:35:29.0058 1608 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:35:29.0086 1608 HpSAMD - ok
20:35:29.0122 1608 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:35:29.0175 1608 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:35:29.0175 1608 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:35:29.0211 1608 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
20:35:29.0274 1608 HTTP - ok
20:35:29.0293 1608 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
20:35:29.0301 1608 hwpolicy - ok
20:35:29.0320 1608 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:35:29.0336 1608 i8042prt - ok
20:35:29.0374 1608 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
20:35:29.0420 1608 iaStorV - ok
20:35:29.0535 1608 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:35:29.0622 1608 idsvc - ok
20:35:29.0672 1608 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:35:29.0702 1608 iirsp - ok
20:35:29.0752 1608 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
20:35:29.0812 1608 IKEEXT - ok
20:35:29.0873 1608 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
20:35:29.0894 1608 intelide - ok
20:35:29.0940 1608 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:35:29.0963 1608 intelppm - ok
20:35:29.0994 1608 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:35:30.0037 1608 IPBusEnum - ok
20:35:30.0078 1608 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:35:30.0175 1608 IpFilterDriver - ok
20:35:30.0257 1608 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
20:35:30.0336 1608 iphlpsvc - ok
20:35:30.0400 1608 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:35:30.0464 1608 IPMIDRV - ok
20:35:30.0522 1608 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:35:30.0619 1608 IPNAT - ok
20:35:30.0902 1608 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
20:35:30.0918 1608 iPod Service - ok
20:35:30.0957 1608 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:35:30.0975 1608 IRENUM - ok
20:35:30.0997 1608 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
20:35:31.0011 1608 isapnp - ok
20:35:31.0035 1608 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
20:35:31.0057 1608 iScsiPrt - ok
20:35:31.0080 1608 JRAID (2224abc439d115a44edb5630a92c1d7e) C:\Windows\system32\DRIVERS\jraid.sys
20:35:31.0088 1608 JRAID - ok
20:35:31.0131 1608 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:35:31.0156 1608 kbdclass - ok
20:35:31.0211 1608 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
20:35:31.0240 1608 kbdhid - ok
20:35:31.0313 1608 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
20:35:31.0337 1608 KeyIso - ok
20:35:31.0434 1608 KMWDFILTER (07071c1e3cd8f0f9114aac8b072ca1e5) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
20:35:31.0454 1608 KMWDFILTER - ok
20:35:31.0480 1608 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
20:35:31.0507 1608 KSecDD - ok
20:35:31.0527 1608 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
20:35:31.0557 1608 KSecPkg - ok
20:35:31.0577 1608 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:35:31.0647 1608 ksthunk - ok
20:35:31.0686 1608 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:35:31.0738 1608 KtmRm - ok
20:35:31.0787 1608 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
20:35:31.0831 1608 LanmanServer - ok
20:35:31.0869 1608 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
20:35:31.0927 1608 LanmanWorkstation - ok
20:35:32.0068 1608 LBTServ (6771cac91bb89e15b13c27f1e3cdd320) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:35:32.0111 1608 LBTServ - ok
20:35:32.0159 1608 LHidFilt (ceb6e18dcfad5c72b81c7da1ac3c1cc1) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:35:32.0179 1608 LHidFilt - ok
20:35:32.0216 1608 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:35:32.0274 1608 lltdio - ok
20:35:32.0303 1608 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:35:32.0344 1608 lltdsvc - ok
20:35:32.0355 1608 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:35:32.0385 1608 lmhosts - ok
20:35:32.0407 1608 LMouFilt (f9e48f18be4d2b365f138987b8e7885b) C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:35:32.0416 1608 LMouFilt - ok
20:35:32.0450 1608 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:35:32.0478 1608 LSI_FC - ok
20:35:32.0496 1608 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:35:32.0515 1608 LSI_SAS - ok
20:35:32.0535 1608 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:35:32.0554 1608 LSI_SAS2 - ok
20:35:32.0572 1608 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:35:32.0589 1608 LSI_SCSI - ok
20:35:32.0651 1608 LTXMD_VAC (3dcf0bd7e08f0c90c545178d02438b34) C:\Windows\system32\drivers\lmvac.sys
20:35:32.0670 1608 LTXMD_VAC - ok
20:35:32.0697 1608 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:35:32.0770 1608 luafv - ok
20:35:32.0827 1608 LUsbFilt (51b20b742c9e35ade40b840f6f4f5ee2) C:\Windows\system32\Drivers\LUsbFilt.Sys
20:35:32.0844 1608 LUsbFilt - ok
20:35:32.0902 1608 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
20:35:32.0939 1608 LVRS64 - ok
20:35:33.0042 1608 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
20:35:33.0193 1608 LVUVC64 - ok
20:35:33.0217 1608 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
20:35:33.0226 1608 MBAMProtector - ok
20:35:33.0259 1608 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:35:33.0284 1608 MBAMService - ok
20:35:33.0322 1608 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
20:35:33.0368 1608 Mcx2Svc - ok
20:35:33.0399 1608 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:35:33.0417 1608 megasas - ok
20:35:33.0443 1608 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:35:33.0473 1608 MegaSR - ok
20:35:33.0664 1608 Microsoft Help Center (bc963a6db973e3f15b0685b1722b9117) C:\Windows\Microsoft Help\MsHelpCenter.exe
20:35:33.0733 1608 Microsoft Help Center ( UnsignedFile.Multi.Generic ) - warning
20:35:33.0733 1608 Microsoft Help Center - detected UnsignedFile.Multi.Generic (1)
20:35:33.0758 1608 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:35:33.0802 1608 MMCSS - ok
20:35:33.0851 1608 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:35:33.0908 1608 Modem - ok
20:35:33.0943 1608 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:35:33.0984 1608 monitor - ok
20:35:34.0026 1608 motccgp - ok
20:35:34.0040 1608 motccgpfl - ok
20:35:34.0066 1608 MotDev - ok
20:35:34.0080 1608 motmodem - ok
20:35:34.0097 1608 MotoSwitchService - ok
20:35:34.0110 1608 Motousbnet - ok
20:35:34.0141 1608 motusbdevice - ok
20:35:34.0195 1608 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:35:34.0220 1608 mouclass - ok
20:35:34.0242 1608 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:35:34.0272 1608 mouhid - ok
20:35:34.0308 1608 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
20:35:34.0320 1608 mountmgr - ok
20:35:34.0341 1608 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
20:35:34.0364 1608 mpio - ok
20:35:34.0389 1608 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:35:34.0433 1608 mpsdrv - ok
20:35:34.0462 1608 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
20:35:34.0526 1608 MpsSvc - ok
20:35:34.0557 1608 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
20:35:34.0610 1608 MRxDAV - ok
20:35:34.0654 1608 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:35:34.0687 1608 mrxsmb - ok
20:35:34.0742 1608 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:35:34.0780 1608 mrxsmb10 - ok
20:35:34.0803 1608 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:35:34.0846 1608 mrxsmb20 - ok
20:35:34.0871 1608 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
20:35:34.0893 1608 msahci - ok
20:35:34.0917 1608 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
20:35:34.0944 1608 msdsm - ok
20:35:34.0974 1608 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:35:35.0006 1608 MSDTC - ok
20:35:35.0035 1608 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:35:35.0081 1608 Msfs - ok
20:35:35.0104 1608 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:35:35.0134 1608 mshidkmdf - ok
20:35:35.0157 1608 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
20:35:35.0169 1608 msisadrv - ok
20:35:35.0203 1608 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:35:35.0256 1608 MSiSCSI - ok
20:35:35.0265 1608 msiserver - ok
20:35:35.0298 1608 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:35:35.0365 1608 MSKSSRV - ok
20:35:35.0397 1608 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:35:35.0429 1608 MSPCLOCK - ok
20:35:35.0442 1608 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:35:35.0484 1608 MSPQM - ok
20:35:35.0516 1608 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
20:35:35.0546 1608 MsRPC - ok
20:35:35.0562 1608 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:35:35.0570 1608 mssmbios - ok
20:35:35.0587 1608 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:35:35.0630 1608 MSTEE - ok
20:35:35.0658 1608 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:35:35.0697 1608 MTConfig - ok
20:35:35.0738 1608 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
20:35:35.0753 1608 MTsensor - ok
20:35:35.0776 1608 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:35:35.0803 1608 Mup - ok
20:35:35.0829 1608 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
20:35:35.0889 1608 napagent - ok
20:35:35.0934 1608 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:35:35.0970 1608 NativeWifiP - ok
20:35:36.0037 1608 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
20:35:36.0080 1608 NDIS - ok
20:35:36.0130 1608 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:35:36.0183 1608 NdisCap - ok
20:35:36.0206 1608 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:35:36.0238 1608 NdisTapi - ok
20:35:36.0260 1608 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
20:35:36.0291 1608 Ndisuio - ok
20:35:36.0316 1608 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:35:36.0367 1608 NdisWan - ok
20:35:36.0385 1608 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
20:35:36.0415 1608 NDProxy - ok
20:35:36.0456 1608 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
20:35:36.0474 1608 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:35:36.0474 1608 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:35:36.0494 1608 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:35:36.0537 1608 NetBIOS - ok
20:35:36.0555 1608 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
20:35:36.0582 1608 NetBT - ok
20:35:36.0605 1608 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
20:35:36.0615 1608 Netlogon - ok
20:35:36.0642 1608 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:35:36.0687 1608 Netman - ok
20:35:36.0731 1608 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:35:36.0765 1608 netprofm - ok
20:35:36.0851 1608 netr7364 (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
20:35:36.0957 1608 netr7364 - ok
20:35:37.0066 1608 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:35:37.0125 1608 NetTcpPortSharing - ok
20:35:37.0183 1608 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:35:37.0214 1608 nfrd960 - ok
20:35:37.0324 1608 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
20:35:37.0364 1608 NlaSvc - ok
20:35:37.0446 1608 NMIndexingService - ok
20:35:37.0500 1608 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:35:37.0596 1608 Npfs - ok
20:35:37.0662 1608 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:35:37.0744 1608 nsi - ok
20:35:37.0765 1608 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:35:37.0807 1608 nsiproxy - ok
20:35:37.0878 1608 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
20:35:37.0965 1608 Ntfs - ok
20:35:37.0985 1608 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:35:38.0016 1608 Null - ok
20:35:38.0135 1608 NVIDIA Performance Driver Service (2ed24ce707c1cdedd6ad7a4a3dc54674) C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
20:35:38.0201 1608 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - warning
20:35:38.0201 1608 NVIDIA Performance Driver Service - detected UnsignedFile.Multi.Generic (1)
20:35:38.0397 1608 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:35:38.0511 1608 nvlddmkm - ok
20:35:38.0545 1608 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
20:35:38.0560 1608 nvraid - ok
20:35:38.0577 1608 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
20:35:38.0593 1608 nvstor - ok
20:35:38.0614 1608 nvsvc (57d0d222a9f22113fe3b55488dbfd761) C:\Windows\system32\nvvsvc.exe
20:35:38.0624 1608 nvsvc - ok
20:35:38.0649 1608 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
20:35:38.0664 1608 nv_agp - ok
20:35:38.0701 1608 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:35:38.0726 1608 odserv - ok
20:35:38.0741 1608 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
20:35:38.0768 1608 ohci1394 - ok
20:35:38.0784 1608 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:35:38.0799 1608 ose - ok
20:35:38.0824 1608 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:35:38.0857 1608 p2pimsvc - ok
20:35:38.0884 1608 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:35:38.0927 1608 p2psvc - ok
20:35:38.0947 1608 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:35:38.0966 1608 Parport - ok
20:35:38.0988 1608 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
20:35:39.0003 1608 partmgr - ok
20:35:39.0021 1608 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:35:39.0055 1608 PcaSvc - ok
20:35:39.0086 1608 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
20:35:39.0119 1608 pci - ok
20:35:39.0138 1608 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
20:35:39.0158 1608 pciide - ok
20:35:39.0186 1608 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:35:39.0210 1608 pcmcia - ok
20:35:39.0278 1608 PCTCore (60f19af0a9a26851ad9bc2d981afbac6) C:\Windows\system32\drivers\PCTCore64.sys
20:35:39.0304 1608 PCTCore - ok
20:35:39.0321 1608 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:35:39.0340 1608 pcw - ok
20:35:39.0375 1608 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:35:39.0450 1608 PEAUTH - ok
20:35:39.0496 1608 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:35:39.0544 1608 PeerDistSvc - ok
20:35:39.0598 1608 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:35:39.0645 1608 PerfHost - ok
20:35:39.0706 1608 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
20:35:39.0836 1608 pla - ok
20:35:39.0905 1608 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
20:35:39.0939 1608 PlugPlay - ok
20:35:39.0979 1608 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
20:35:39.0997 1608 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:35:39.0997 1608 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:35:40.0021 1608 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:35:40.0058 1608 PNRPAutoReg - ok
20:35:40.0086 1608 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:35:40.0113 1608 PNRPsvc - ok
20:35:40.0150 1608 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
20:35:40.0228 1608 PolicyAgent - ok
20:35:40.0265 1608 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:35:40.0309 1608 Power - ok
20:35:40.0351 1608 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
20:35:40.0409 1608 PptpMiniport - ok
20:35:40.0432 1608 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:35:40.0474 1608 Processor - ok
20:35:40.0505 1608 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
20:35:40.0571 1608 ProfSvc - ok
20:35:40.0638 1608 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
20:35:40.0649 1608 ProtectedStorage - ok
20:35:40.0681 1608 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
20:35:40.0706 1608 Psched - ok
20:35:40.0786 1608 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
20:35:40.0821 1608 PxHlpa64 - ok
20:35:41.0002 1608 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:35:41.0072 1608 ql2300 - ok
20:35:41.0118 1608 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:35:41.0146 1608 ql40xx - ok
20:35:41.0200 1608 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:35:41.0284 1608 QWAVE - ok
20:35:41.0330 1608 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:35:41.0391 1608 QWAVEdrv - ok
20:35:41.0432 1608 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:35:41.0486 1608 RasAcd - ok
20:35:41.0556 1608 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:35:41.0631 1608 RasAgileVpn - ok
20:35:41.0677 1608 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:35:41.0733 1608 RasAuto - ok
20:35:41.0777 1608 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:35:41.0814 1608 Rasl2tp - ok
20:35:41.0911 1608 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
20:35:42.0043 1608 RasMan - ok
20:35:42.0091 1608 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:35:42.0161 1608 RasPppoe - ok
20:35:42.0223 1608 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:35:42.0320 1608 RasSstp - ok
20:35:42.0403 1608 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
20:35:42.0518 1608 rdbss - ok
20:35:42.0566 1608 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:35:42.0631 1608 rdpbus - ok
20:35:42.0690 1608 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:35:42.0716 1608 RDPCDD - ok
20:35:42.0786 1608 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
20:35:42.0844 1608 RDPDR - ok
20:35:42.0881 1608 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:35:42.0925 1608 RDPENCDD - ok
20:35:42.0955 1608 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:35:42.0996 1608 RDPREFMP - ok
20:35:43.0024 1608 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
20:35:43.0087 1608 RDPWD - ok
20:35:43.0118 1608 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
20:35:43.0140 1608 rdyboost - ok
20:35:43.0174 1608 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:35:43.0240 1608 RemoteAccess - ok
20:35:43.0278 1608 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:35:43.0353 1608 RemoteRegistry - ok
20:35:43.0392 1608 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:35:43.0427 1608 RFCOMM - ok
20:35:43.0518 1608 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:35:43.0534 1608 RichVideo - ok
20:35:43.0558 1608 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:35:43.0613 1608 RpcEptMapper - ok
20:35:43.0640 1608 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:35:43.0659 1608 RpcLocator - ok
20:35:43.0682 1608 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
20:35:43.0713 1608 RpcSs - ok
20:35:43.0731 1608 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:35:43.0762 1608 rspndr - ok
20:35:43.0799 1608 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:35:43.0825 1608 RTL8167 - ok
20:35:43.0846 1608 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
20:35:43.0880 1608 s3cap - ok
20:35:43.0913 1608 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
20:35:43.0938 1608 SamSs - ok
20:35:43.0958 1608 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
20:35:43.0982 1608 sbp2port - ok
20:35:44.0010 1608 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:35:44.0074 1608 SCardSvr - ok
20:35:44.0092 1608 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
20:35:44.0127 1608 scfilter - ok
20:35:44.0193 1608 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
20:35:44.0233 1608 Schedule - ok
20:35:44.0257 1608 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
20:35:44.0289 1608 SCPolicySvc - ok
20:35:44.0338 1608 sdAuxService (a1089ac7683826e6c7c9fab9723dd80f) C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
20:35:44.0386 1608 sdAuxService - ok
20:35:44.0459 1608 sdCoreService (06f95756353653c7d505361117186713) C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
20:35:44.0505 1608 sdCoreService - ok
20:35:44.0530 1608 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
20:35:44.0559 1608 SDRSVC - ok
20:35:44.0588 1608 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:35:44.0635 1608 secdrv - ok
20:35:44.0661 1608 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
20:35:44.0700 1608 seclogon - ok
20:35:44.0734 1608 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:35:44.0760 1608 SENS - ok
20:35:44.0780 1608 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:35:44.0813 1608 SensrSvc - ok
20:35:44.0844 1608 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:35:44.0876 1608 Serenum - ok
20:35:44.0899 1608 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:35:44.0920 1608 Serial - ok
20:35:44.0942 1608 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:35:44.0983 1608 sermouse - ok
20:35:45.0022 1608 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
20:35:45.0078 1608 SessionEnv - ok
20:35:45.0120 1608 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:35:45.0160 1608 sffdisk - ok
20:35:45.0188 1608 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:35:45.0232 1608 sffp_mmc - ok
20:35:45.0262 1608 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
20:35:45.0286 1608 sffp_sd - ok
20:35:45.0309 1608 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:35:45.0328 1608 sfloppy - ok
20:35:45.0372 1608 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:35:45.0437 1608 SharedAccess - ok
20:35:45.0460 1608 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
20:35:45.0481 1608 ShellHWDetection - ok
20:35:45.0493 1608 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:35:45.0507 1608 SiSRaid2 - ok
20:35:45.0530 1608 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:35:45.0543 1608 SiSRaid4 - ok
20:35:45.0570 1608 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:35:45.0614 1608 Smb - ok
20:35:45.0639 1608 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:35:45.0660 1608 SNMPTRAP - ok
20:35:45.0747 1608 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:35:45.0784 1608 spldr - ok
20:35:45.0844 1608 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
20:35:45.0871 1608 Spooler - ok
20:35:45.0962 1608 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
20:35:46.0071 1608 sppsvc - ok
20:35:46.0109 1608 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:35:46.0146 1608 sppuinotify - ok
20:35:46.0201 1608 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
20:35:46.0202 1608 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
20:35:46.0203 1608 sptd ( LockedFile.Multi.Generic ) - warning
20:35:46.0203 1608 sptd - detected LockedFile.Multi.Generic (1)
20:35:46.0255 1608 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
20:35:46.0322 1608 srv - ok
20:35:46.0355 1608 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
20:35:46.0399 1608 srv2 - ok
20:35:46.0445 1608 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
20:35:46.0483 1608 srvnet - ok
20:35:46.0539 1608 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:35:46.0614 1608 SSDPSRV - ok
20:35:46.0643 1608 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:35:46.0710 1608 SstpSvc - ok
20:35:46.0744 1608 StarOpen - ok
20:35:46.0793 1608 Stereo Service (11141b9ac8250f9821bac341bcc7f8e2) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:35:46.0816 1608 Stereo Service - ok
20:35:46.0842 1608 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:35:46.0856 1608 stexstor - ok
20:35:46.0889 1608 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
20:35:46.0915 1608 stisvc - ok
20:35:46.0947 1608 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
20:35:46.0973 1608 storflt - ok
20:35:47.0010 1608 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
20:35:47.0035 1608 StorSvc - ok
20:35:47.0065 1608 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
20:35:47.0086 1608 storvsc - ok
20:35:47.0114 1608 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:35:47.0134 1608 swenum - ok
20:35:47.0233 1608 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:35:47.0267 1608 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:35:47.0267 1608 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
20:35:47.0296 1608 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:35:47.0342 1608 swprv - ok
20:35:47.0383 1608 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
20:35:47.0442 1608 SysMain - ok
20:35:47.0469 1608 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
20:35:47.0512 1608 TabletInputService - ok
20:35:47.0544 1608 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
20:35:47.0608 1608 TapiSrv - ok
20:35:47.0655 1608 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
20:35:47.0674 1608 tbhsd - ok
20:35:47.0693 1608 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:35:47.0735 1608 TBS - ok
20:35:47.0809 1608 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
20:35:47.0903 1608 Tcpip - ok
20:35:47.0952 1608 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
20:35:47.0976 1608 TCPIP6 - ok
20:35:47.0999 1608 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
20:35:48.0028 1608 tcpipreg - ok
20:35:48.0050 1608 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:35:48.0077 1608 TDPIPE - ok
20:35:48.0118 1608 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:35:48.0170 1608 TDTCP - ok
20:35:48.0197 1608 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
20:35:48.0288 1608 tdx - ok
20:35:48.0321 1608 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
20:35:48.0345 1608 TermDD - ok
20:35:48.0379 1608 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
20:35:48.0425 1608 TermService - ok
20:35:48.0440 1608 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:35:48.0469 1608 Themes - ok
20:35:48.0499 1608 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:35:48.0533 1608 THREADORDER - ok
20:35:48.0552 1608 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:35:48.0592 1608 TrkWks - ok
20:35:48.0663 1608 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
20:35:48.0686 1608 TrustedInstaller - ok
20:35:48.0727 1608 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:35:48.0814 1608 tssecsrv - ok
20:35:48.0936 1608 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
20:35:49.0024 1608 tunnel - ok
20:35:49.0079 1608 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:35:49.0121 1608 uagp35 - ok
20:35:49.0222 1608 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
20:35:49.0328 1608 udfs - ok
20:35:49.0380 1608 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:35:49.0449 1608 UI0Detect - ok
20:35:49.0529 1608 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:35:49.0589 1608 uliagpkx - ok
20:35:49.0636 1608 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
20:35:49.0705 1608 umbus - ok
20:35:49.0758 1608 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:35:49.0784 1608 UmPass - ok
20:35:49.0845 1608 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
20:35:49.0884 1608 UmRdpService - ok
20:35:50.0076 1608 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
20:35:50.0096 1608 UMVPFSrv - ok
20:35:50.0171 1608 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:35:50.0250 1608 upnphost - ok
20:35:50.0347 1608 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
20:35:50.0389 1608 usbaudio - ok
20:35:50.0461 1608 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
20:35:50.0504 1608 usbccgp - ok
20:35:50.0550 1608 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
20:35:50.0635 1608 usbcir - ok
20:35:50.0693 1608 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
20:35:50.0756 1608 usbehci - ok
20:35:50.0857 1608 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
20:35:50.0934 1608 usbhub - ok
20:35:50.0982 1608 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
20:35:51.0032 1608 usbohci - ok
20:35:51.0067 1608 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:35:51.0114 1608 usbprint - ok
20:35:51.0173 1608 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:35:51.0206 1608 usbscan - ok
20:35:51.0239 1608 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:35:51.0261 1608 USBSTOR - ok
20:35:51.0289 1608 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
20:35:51.0330 1608 usbuhci - ok
20:35:51.0375 1608 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:35:51.0443 1608 UxSms - ok
20:35:51.0464 1608 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
20:35:51.0475 1608 VaultSvc - ok
20:35:51.0493 1608 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:35:51.0506 1608 vdrvroot - ok
20:35:51.0530 1608 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
20:35:51.0577 1608 vds - ok
20:35:51.0604 1608 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:35:51.0649 1608 vga - ok
20:35:51.0663 1608 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:35:51.0712 1608 VgaSave - ok
20:35:51.0738 1608 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
20:35:51.0772 1608 vhdmp - ok
20:35:51.0835 1608 VIAHdAudAddService (627270f2103d41086bab9675a3315dab) C:\Windows\system32\drivers\viahduaa.sys
20:35:51.0904 1608 VIAHdAudAddService - ok
20:35:51.0924 1608 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
20:35:51.0940 1608 viaide - ok
20:35:51.0977 1608 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
20:35:52.0012 1608 vmbus - ok
20:35:52.0038 1608 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
20:35:52.0078 1608 VMBusHID - ok
20:35:52.0110 1608 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
20:35:52.0133 1608 volmgr - ok
20:35:52.0157 1608 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
20:35:52.0178 1608 volmgrx - ok
20:35:52.0230 1608 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
20:35:52.0265 1608 volsnap - ok
20:35:52.0293 1608 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:35:52.0313 1608 vsmraid - ok
20:35:52.0357 1608 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
20:35:52.0426 1608 VSS - ok
20:35:52.0462 1608 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:35:52.0495 1608 vwifibus - ok
20:35:52.0536 1608 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:35:52.0574 1608 vwififlt - ok
20:35:52.0616 1608 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:35:52.0681 1608 W32Time - ok
20:35:52.0702 1608 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:35:52.0745 1608 WacomPen - ok
20:35:52.0781 1608 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
20:35:52.0838 1608 WANARP - ok
20:35:52.0847 1608 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
20:35:52.0882 1608 Wanarpv6 - ok
20:35:52.0922 1608 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
20:35:52.0983 1608 wbengine - ok
20:35:53.0015 1608 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:35:53.0051 1608 WbioSrvc - ok
20:35:53.0088 1608 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
20:35:53.0134 1608 wcncsvc - ok
20:35:53.0155 1608 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:35:53.0181 1608 WcsPlugInService - ok
20:35:53.0205 1608 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:35:53.0224 1608 Wd - ok
20:35:53.0261 1608 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:35:53.0300 1608 Wdf01000 - ok
20:35:53.0322 1608 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:35:53.0355 1608 WdiServiceHost - ok
20:35:53.0358 1608 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:35:53.0378 1608 WdiSystemHost - ok
20:35:53.0414 1608 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
20:35:53.0469 1608 WebClient - ok
20:35:53.0498 1608 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:35:53.0547 1608 Wecsvc - ok
20:35:53.0563 1608 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:35:53.0603 1608 wercplsupport - ok
20:35:53.0631 1608 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:35:53.0696 1608 WerSvc - ok
20:35:53.0723 1608 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:35:53.0770 1608 WfpLwf - ok
20:35:53.0792 1608 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:35:53.0804 1608 WIMMount - ok
20:35:53.0827 1608 WinDefend - ok
20:35:53.0830 1608 WinHttpAutoProxySvc - ok
20:35:53.0881 1608 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:35:53.0933 1608 Winmgmt - ok
20:35:53.0981 1608 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
20:35:54.0066 1608 WinRM - ok
20:35:54.0114 1608 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
20:35:54.0152 1608 WinUsb - ok
20:35:54.0189 1608 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:35:54.0229 1608 Wlansvc - ok
20:35:54.0288 1608 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:35:54.0310 1608 wlcrasvc - ok
20:35:54.0410 1608 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:35:54.0481 1608 wlidsvc - ok
20:35:54.0501 1608 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:35:54.0532 1608 WmiAcpi - ok
20:35:54.0562 1608 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:35:54.0597 1608 wmiApSrv - ok
20:35:54.0612 1608 WMPNetworkSvc - ok
20:35:54.0639 1608 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:35:54.0659 1608 WPCSvc - ok
20:35:54.0683 1608 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
20:35:54.0707 1608 WPDBusEnum - ok
20:35:54.0730 1608 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:35:54.0774 1608 ws2ifsl - ok
20:35:54.0803 1608 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
20:35:54.0830 1608 wscsvc - ok
20:35:54.0840 1608 WSearch - ok
20:35:54.0899 1608 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
20:35:54.0963 1608 wuauserv - ok
20:35:54.0985 1608 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
20:35:55.0016 1608 WudfPf - ok
20:35:55.0046 1608 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:35:55.0078 1608 WUDFRd - ok
20:35:55.0102 1608 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
20:35:55.0146 1608 wudfsvc - ok
20:35:55.0172 1608 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:35:55.0212 1608 WwanSvc - ok
20:35:55.0236 1608 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:35:55.0349 1608 \Device\Harddisk0\DR0 - ok
20:35:55.0353 1608 Boot (0x1200) (0bd64180aa20eb0a4dea1b5b4ef77094) \Device\Harddisk0\DR0\Partition0
20:35:55.0380 1608 \Device\Harddisk0\DR0\Partition0 - ok
20:35:55.0386 1608 Boot (0x1200) (1295c3005c3104d273a20a7d6c2d3888) \Device\Harddisk0\DR0\Partition1
20:35:55.0390 1608 \Device\Harddisk0\DR0\Partition1 - ok
20:35:55.0390 1608 ============================================================
20:35:55.0390 1608 Scan finished
20:35:55.0390 1608 ============================================================
20:35:55.0404 2972 Detected object count: 11
20:35:55.0404 2972 Actual detected object count: 11
20:36:11.0356 2972 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0357 2972 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0358 2972 DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0358 2972 DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0360 2972 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0360 2972 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0362 2972 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0362 2972 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0364 2972 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0364 2972 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0366 2972 Microsoft Help Center ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0366 2972 Microsoft Help Center ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0368 2972 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0368 2972 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0369 2972 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0369 2972 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0371 2972 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0371 2972 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:11.0373 2972 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:36:11.0373 2972 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:36:11.0375 2972 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:11.0375 2972 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
sollte ich noch etwas tun müssen oder gibt es einen Tip für Antivirensoftware, so habe ich ein offenes Ohr... ich habe noch eine Lizens für Spyware Doctor... weiss jedoch nicht, ob die bei so etwas geholfen hätte...die macht mir irgendwie nur den Pc langsam... und natürlich die freeware von avira... Nun ja... danke soweit |
|
29.03.2012, 19:57
| #10 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi, wenn sich der Rechner normal verhält wären wir soweit mal durch... Poste zur Sicherheit nochmal ein neues OTL-Log... Zu Avira passte (in der Vergangenheit) Threadfire free ganz gut... Herunterladen Kostenlos). chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
29.03.2012, 22:00
| #11 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Lasse gerade nochmal alles scannen auch von threadfire hier die codes der aktuellen otl auslesens: OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.03.2012 22:23:10 - Run 2 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hansen\Desktop 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,50 Gb Available Physical Memory | 81,21% Memory free 15,99 Gb Paging File | 14,44 Gb Available in Paging File | 90,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596,07 Gb Total Space | 95,98 Gb Free Space | 16,10% Space Free | Partition Type: NTFS Computer Name: HANSEN-PC | User Name: hansen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\hansen\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Windows\Microsoft Help\MsHelpCenter.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.) PRC - C:\Programme\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.) PRC - C:\Programme\ASUS\Six Engine\SixEngine.exe (ASUSTeK Computer Inc.) PRC - C:\Programme\ASUS\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.) PRC - C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\ASUS\Six Engine\pngio.dll () MOD - C:\Programme\ASUS\Six Engine\AsSpindownTimeout.dll () MOD - C:\Programme\ASUS\TurboV EVO\HookKey32.dll () MOD - C:\Programme\ASUS\Six Engine\AsusService.dll () MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu () MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA () MOD - C:\Programme\ASUS\TurboV EVO\pngio.dll () MOD - C:\Windows\SysWOW64\AsIO.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Microsoft Help Center) -- C:\Windows\Microsoft Help\MsHelpCenter.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (sdCoreService) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.) SRV - (DvmMDES) -- C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (NVIDIA Performance Driver Service) -- C:\Programme\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe () SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (LVUVC64) Logitech HD Webcam C270(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (ArcSec) -- C:\Windows\SysNative\drivers\ArcSec.sys () DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (LTXMD_VAC) Litex Media Virtual Audio Cable (WDM) -- C:\Windows\SysNative\drivers\lmvac.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 EF 41 F6 DD 0A CB 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {35705112-6F44-403B-BA5F-6F563C3713A3} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0CC4C0E2-A050-4C02-8FD2-C3C927F1E5A2}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms} IE - HKCU\..\SearchScopes\{35705112-6F44-403B-BA5F-6F563C3713A3}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\..\SearchScopes\{6C8E05F5-B38B-4767-B3CF-E9BD146977DD}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D71B4AED-02E7-4566-85F3-6874CB39394A}: "URL" = hxxp://www.amazon.de/gp/search?search-alias=aps&field-keywords={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.* ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.bild.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9051303c-7e41-4311-a783-d6fe5ef2832d}: C:\Program Files (x86)\FVD Suite\addons\Firefox [2011.11.05 15:12:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.11 03:56:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.27 21:04:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 21:04:37 | 000,000,000 | ---D | M] [2010.11.13 19:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hansen\AppData\Roaming\mozilla\Extensions [2012.03.17 21:22:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\p0vw60cy.default\extensions [2011.11.26 14:14:42 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\p0vw60cy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.01.14 02:44:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\HANSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P0VW60CY.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI [2012.03.18 12:45:02 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.10 17:26:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.10 17:26:25 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.10 17:26:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.10 17:26:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.10 17:26:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.10 17:26:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.12.09 19:34:30 | 000,001,389 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 pagead2.googlesyndication.com O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (Open FVD Suite Toolbar) - {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\Program Files (x86)\FVD Suite\addons\IE\FVDToolbar.dll (www.flashvideodownloader.org/fvd-suite/) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (FVD Suite Toolbar) - {2B171655-A69C-5c18-B693-6CB5DC269D41} - C:\Program Files (x86)\FVD Suite\addons\IE\FVDToolbar.dll (www.flashvideodownloader.org/fvd-suite/) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" File not found O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TurboV EVO] C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 File not found O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08C75267-E7B2-45F1-A6B1-D937918C72D1}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF3C6F83-9BFF-41CB-A509-8157D7F00E49}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.) O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\SysWow64\acaptuser32.dll (Adobe Systems Incorporated) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.03.29 22:26:21 | 000,074,824 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys [2012.03.29 22:26:21 | 000,065,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys [2012.03.29 22:26:21 | 000,041,888 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys [2012.03.29 22:24:48 | 009,876,312 | ---- | C] (PC Tools ) -- C:\Users\hansen\Desktop\tfinstall.exe [2012.03.29 20:34:31 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Neuer Ordner [2012.03.28 13:39:15 | 000,000,000 | ---D | C] -- C:\_OTL [2012.03.28 12:25:11 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Malwarebytes [2012.03.28 12:25:06 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.03.28 12:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.03.28 12:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.03.28 12:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.03.28 12:08:34 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe [2012.03.27 21:07:40 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Apple Computer [2012.03.27 21:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.03.27 21:06:15 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012.03.27 21:06:15 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012.03.27 21:06:15 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.03.27 21:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012.03.27 21:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012.03.27 21:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.03.27 21:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012.03.27 21:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.03.27 21:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.03.27 21:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.03.27 21:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012.03.10 23:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012.03.09 01:46:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2012.03.02 21:46:49 | 000,000,000 | ---D | C] -- C:\Users\hansen\Documents\ArcSoft [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.03.29 22:29:01 | 000,014,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.29 22:29:01 | 000,014,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.29 22:27:17 | 001,507,342 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.03.29 22:27:17 | 000,657,660 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.03.29 22:27:17 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.03.29 22:27:17 | 000,131,032 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.03.29 22:27:17 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.03.29 22:26:23 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\ThreatFire.lnk [2012.03.29 22:25:24 | 009,876,312 | ---- | M] (PC Tools ) -- C:\Users\hansen\Desktop\tfinstall.exe [2012.03.29 22:21:59 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.03.29 22:21:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.29 22:20:58 | 2145,947,647 | -HS- | M] () -- C:\hiberfil.sys [2012.03.29 20:48:19 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2012.03.28 17:59:00 | 000,000,648 | ---- | M] () -- C:\Windows\tasks\WebContent AutoUpdate 2011.job [2012.03.28 17:49:16 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.03.28 12:25:06 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.28 12:08:00 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe [2012.03.15 23:50:02 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2012.03.13 09:31:40 | 000,000,502 | ---- | M] () -- C:\Windows\tasks\Allplan AutoUpdate 2011-1.job [2012.03.11 11:14:53 | 005,276,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.03.08 19:58:15 | 000,000,132 | ---- | M] () -- C:\Users\hansen\AppData\Roaming\Adobe PNG Format CS5 Prefs [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.28 12:25:06 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.11 01:32:50 | 000,001,666 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS5.1.lnk [2012.03.11 01:32:31 | 000,001,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk [2012.03.11 01:32:16 | 000,001,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk [2012.03.11 01:31:14 | 000,001,379 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk [2012.03.11 01:31:10 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk [2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.12.10 15:32:45 | 000,000,132 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Adobe Targa Format CS5 Prefs [2011.11.03 08:32:14 | 000,307,008 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.10.11 19:46:37 | 000,008,704 | ---- | C] () -- C:\Users\hansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.13 13:17:49 | 000,001,456 | ---- | C] () -- C:\Users\hansen\AppData\Local\Adobe Save for Web 12.0 Prefs [2011.04.15 18:20:30 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe [2011.02.22 14:21:00 | 000,000,125 | ---- | C] () -- C:\Windows\FlashDecompiler.INI [2011.02.10 23:06:31 | 000,000,132 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.01.05 18:13:47 | 000,000,132 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Adobe IllExport Filter CS5 Prefs [2010.11.13 19:08:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.11.06 20:03:08 | 001,534,660 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.10.27 18:43:50 | 000,226,740 | ---- | C] () -- C:\Windows\hpoins18.dat [2010.10.27 18:43:50 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat [2010.09.03 06:45:51 | 000,000,287 | ---- | C] () -- C:\Users\hansen\AppData\Local\VersionChecker_15.xml [2010.08.24 20:50:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.08.09 16:11:56 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.07.19 10:36:53 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old [2010.07.19 10:36:53 | 000,767,928 | ---- | C] () -- C:\Windows\BDTSupport.dll [2010.06.13 17:39:08 | 000,000,400 | ---- | C] () -- C:\Windows\g_iclink343.ini [2010.06.13 17:39:08 | 000,000,400 | ---- | C] () -- C:\Windows\SysWow64\drivers\bcompbg806.dat [2010.06.13 15:44:22 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\implode.dll [2010.06.13 15:03:40 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2010.06.13 12:47:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010.06.13 12:47:00 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010.06.13 12:46:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2010.06.13 12:46:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2010.06.13 12:40:33 | 000,036,649 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010.06.13 12:38:47 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.06.13 12:38:42 | 000,026,709 | ---- | C] () -- C:\Windows\Ascd_tmp.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:DFC5A2B2 < End of report > hier die codes der aktuellen otl extras auslesens: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.03.2012 22:23:11 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hansen\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,50 Gb Available Physical Memory | 81,21% Memory free
15,99 Gb Paging File | 14,44 Gb Available in Paging File | 90,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 95,98 Gb Free Space | 16,10% Space Free | Partition Type: NTFS
Computer Name: HANSEN-PC | User Name: hansen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 276.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 276.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 276.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"MAXONB6EC381C" = CINEMA 4D 11.514
"MAXONF02E79F8" = NET Render Client 11.514
"MAXONFB05E576" = CINEMA 4D 13.016
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"SP6" = Logitech SetPoint 6.0
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{164965E8-4BB0-4EEB-AFBA-75785A2A2A7F}" = Adobe Fireworks CS5
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23767F5D-A80C-4264-B8EA-ED4085FC332A}" = Adobe Illustrator CS5.1
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3ACFF226-3D86-422D-A151-1582DA1231C5}" = Samplitude 11 Silver
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{5E5E66D9-68DF-4818-A883-8787DC52EB7A}" = General Runtime Files for Nemetschek Allplan 2009
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}" = Nemetschek SoftLock 2006
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1" = FVD Suite 2.6.8
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95E1E426-EE9E-4F68-8F02-58A5A09B38F3}" = Rhinoceros 4.0 SR8
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"{9A6518F6-D319-49C9-9AB6-7FF77F082503}" = ESS Energie Indikator
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_950" = Adobe Acrobat 9.5.0 - CPSID_83708
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BAED3957-C271-4670-A50D-8D7438701917}" = Nemetschek Allplan 2009
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71C8D1-9258-4504-89AF-BA80748CC0D2}" = Nemetschek Allplan 2011
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5321DAA-ADE6-E7C9-A139-AE2FB1563242}" = Vectorworks 2010 Hilfe
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E613E31E-9C18-4418-8112-345877E31254}" = General Runtime Files for Nemetschek Softlock 2006
"{E8815668-95B0-443D-AC92-2BFD7DD8F16A}" = Adobe Flash Catalyst CS5
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA61FF86-2479-D620-9F6B-655ADD4225B4}" = General Runtime Files for Allplan 2011-1-5
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira Free Antivirus
"Browser Defender_is1" = Browser Defender 2.0.6.15
"Cakewalk Music Creator LE 3" = Cakewalk Music Creator LE 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX-Setup
"DreamStation DXi2" = DreamStation DXi2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"eu.computerworks.vectorworks.2010.help.deu.C597E665C9D833B0F52B09434821DFAEF4904789.1" = Vectorworks 2010 Hilfe
"FileZilla Client" = FileZilla Client 3.3.5.1
"FL Studio 9" = FL Studio 9
"Flash Decompiler Trillix_is1" = Flash Decompiler Trillix
"Free FLV Converter_is1" = Free FLV Converter V 7.3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.8.5
"LameACM" = LameACM
"MAGIX_MSI_sam11silver" = Samplitude 11 Silver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Sawer" = Sawer
"Spyware Doctor" = Spyware Doctor 7.0
"SystemRequirementsLab" = System Requirements Lab
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.08.2011 11:15:59 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\Adobe\acrobat 9.0\designer 8.2\FormDesigner.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 28.08.2011 13:00:00 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 29.08.2011 14:26:51 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.08.2011 13:37:31 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 31.08.2011 16:23:30 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 31.08.2011 16:55:42 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 31.08.2011 16:56:09 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 31.08.2011 16:58:54 | Computer Name = hansen-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\Adobe\acrobat 9.0\designer 8.2\FormDesigner.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 01.09.2011 15:47:02 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
Error - 03.09.2011 13:54:39 | Computer Name = hansen-PC | Source = Windows Backup | ID = 4103
Description =
[ Media Center Events ]
Error - 14.01.2011 13:37:33 | Computer Name = hansen-PC | Source = MCUpdate | ID = 0
Description = 18:33:08 - Directory konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
[ OSession Events ]
Error - 08.11.2011 07:17:50 | Computer Name = hansen-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 2277 seconds with 180 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 29.03.2012 12:51:57 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 29.03.2012 12:51:57 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 29.03.2012 12:51:57 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 29.03.2012 12:56:57 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 29.03.2012 12:56:57 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 29.03.2012 12:56:57 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 29.03.2012 14:23:00 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 29.03.2012 14:24:30 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "UMVPFSrv" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 29.03.2012 14:48:19 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 29.03.2012 16:26:23 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "ThreatFire" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
< End of report >
danke nochmals für die super Hilfe!!! |
|
30.03.2012, 13:18
| #12 |
| | Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm Hi, sieht ok aus... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
| Themen zu Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm |
| abgesicherten, antivirus, avira, bezahlen, bildschirm, blockiert, entdeck, externe festplatte, festplatte, folge, forum, frage, gelöscht, guten, hochfahren, modus, nichts, platte, problem, professional, profi, runterladen, schwarzer bildschirm, thema, viren, virus, windows, windows 7 |
Linear-Darstellung
