| |
| |||||||
Alles rund um Windows: Windows Vista Blue ScreenWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
08.04.2011, 10:45
| #16 |
 |  Windows Vista Blue Screen [gelöst] 1 Log FileOTL Logfile: Code:
ATTFilter OTL logfile created on: 08.04.2011 11:37:25 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sarah\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 126,32 Gb Free Space | 54,24% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 221,12 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Computer Name: Sarah-PC | User Name: Sarah | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Sarah\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Essentials\MpCmdRun.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Sarah\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe () SRV - (vpnagent) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.) DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools) DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation) DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc) DRV - (RMCAST) RMCAST (Pgm) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation) DRV - (L1C) -- C:\Windows\System32\drivers\L1C60x86.sys (Atheros Communications, Inc.) DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Win 7 DDK provider) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5 FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.300 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..network.proxy.ftp: "proxy.hofmann.stw.uni-erlangen.de" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "proxy.hofmann.stw.uni-erlangen.de" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "proxy.hofmann.stw.uni-erlangen.de" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.socks: "proxy.hofmann.stw.uni-erlangen.de" FF - prefs.js..network.proxy.socks_port: 1080 FF - prefs.js..network.proxy.ssl: "proxy.hofmann.stw.uni-erlangen.de" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011.02.12 11:04:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.22 14:56:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.26 18:58:40 | 000,000,000 | ---D | M] [2010.03.21 20:10:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatih\AppData\Roaming\mozilla\Extensions [2011.04.02 18:43:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions [2011.04.02 13:02:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.04.02 18:43:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.04.02 13:02:39 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.05.27 23:55:41 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions\DTToolbar@toolbarnet.com [2011.04.02 13:02:22 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions\engine@conduit.com [2010.06.30 16:06:56 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles\n3n3q5b7.default\extensions\toolbar@ask.com [2010.03.22 22:27:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles(85)\p4jwr0q8.default\extensions [2010.03.21 20:14:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fatih\AppData\Roaming\mozilla\Firefox\Profiles(85)\p4jwr0q8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.05.27 23:55:34 | 000,002,059 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\daemon-search.xml [2010.10.29 07:12:49 | 000,000,950 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin-1.xml [2011.03.03 14:19:47 | 000,000,950 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin-2.xml [2011.03.05 09:56:18 | 000,000,950 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin-3.xml [2011.03.05 12:06:01 | 000,000,950 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin-4.xml [2011.04.02 15:16:46 | 000,000,950 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin-5.xml [2011.04.02 17:00:51 | 000,000,950 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin-6.xml [2011.02.20 12:21:20 | 000,000,168 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin.gif [2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin.src [2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\searchplugins\icqplugin.xml [2011.03.22 14:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010.12.19 19:54:53 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} File not found (No name found) -- [2011.04.02 17:00:07 | 000,000,000 | ---D | M] (OneClick YouTube Downloader) -- C:\PROGRAM FILES\ORBITDOWNLOADER\ADDONS\ONECLICKYOUTUBEDOWNLOADER [2009.11.08 14:38:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.11.09 00:01:51 | 000,350,680 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 12023 more lines... O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll () O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [PlayNC Launcher] File not found O4 - HKCU..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O13 - gopher Prefix: missing O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab () O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.) O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 131.188.24.34 131.188.0.10 131.188.0.11 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Users\Fatih\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\Shell - "" = AutoRun O33 - MountPoints2\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\Shell\AutoRun\command - "" = F:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.08 11:35:44 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Fatih\Desktop\OTL.exe [2011.04.07 20:10:04 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Fatih\Desktop\SetupImgBurn_2.5.5.0.exe [2011.04.06 14:04:04 | 000,000,000 | ---D | C] -- C:\bb587e879a5226a37f64d1ae [2011.04.06 14:02:02 | 000,837,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32hda.dll [2011.04.06 14:02:02 | 000,122,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys [2011.04.06 14:02:02 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll [2011.04.06 13:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.04.06 13:57:16 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011.04.06 13:57:16 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011.04.06 13:57:16 | 010,467,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011.04.06 13:57:16 | 010,078,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011.04.06 13:57:16 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2011.04.06 13:57:16 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011.04.06 13:57:16 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011.04.06 13:57:16 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011.04.06 13:57:16 | 001,965,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011.04.06 13:57:16 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011.04.06 13:57:16 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011.04.06 13:57:16 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011.04.06 13:57:16 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011.04.06 13:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011.04.06 13:56:23 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011.04.06 13:55:43 | 139,333,896 | ---- | C] (NVIDIA Corporation) -- C:\Users\Fatih\Desktop\266.58_notebook_winvista_win7_32bit_international_whql.exe [2011.04.06 13:53:31 | 001,039,048 | ---- | C] (PC Drivers HeadQuarters ) -- C:\Users\Fatih\Desktop\driver_detective_EPU.exe [2011.04.06 00:20:49 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.04.05 23:22:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2011.04.05 23:01:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011.04.05 17:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation [2011.04.05 17:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Corporation [2011.04.05 17:23:56 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\WinDlg_122 [2011.04.05 13:03:20 | 498,580,680 | ---- | C] (Microsoft Corporation) -- C:\Users\Fatih\Desktop\Windows6.0-KB948465-X86.exe [2011.04.03 18:12:52 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\paint [2011.04.02 17:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit [2011.03.26 19:28:25 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\textdokumente [2011.03.26 19:20:49 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\dsk_09_02_2011 [2011.03.26 18:44:50 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\dsk klausuren formel [2011.03.22 12:19:42 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\fard [2011.03.14 23:06:04 | 000,000,000 | ---D | C] -- C:\Users\Fatih\Desktop\groove2 [2008.11.03 09:03:27 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [2008.08.12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll ========== Files - Modified Within 30 Days ========== [2011.04.08 11:35:44 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Fatih\Desktop\OTL.exe [2011.04.08 10:46:49 | 000,669,960 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.08 10:46:49 | 000,631,026 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.08 10:46:49 | 000,143,498 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.08 10:46:49 | 000,117,652 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.08 10:41:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.08 10:41:47 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys [2011.04.07 22:46:02 | 000,008,484 | ---- | M] () -- C:\Users\Fatih\AppData\Local\d3d9caps.dat [2011.04.07 20:11:56 | 005,514,668 | ---- | M] (LIGHTNING UK!) -- C:\Users\Fatih\Desktop\SetupImgBurn_2.5.5.0.exe [2011.04.07 19:54:27 | 000,653,750 | ---- | M] () -- C:\Users\Fatih\Desktop\TM_3.pdf [2011.04.07 10:21:15 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2011.04.07 09:40:55 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-185602744-2463074575-3719456933-1000UA.job [2011.04.06 17:03:44 | 000,078,652 | ---- | M] () -- C:\Users\Fatih\Desktop\seite2antrag.jpg [2011.04.06 17:03:22 | 000,001,215 | ---- | M] () -- C:\Users\Fatih\Desktop\antrag.pl.htm [2011.04.06 14:17:27 | 000,000,774 | ---- | M] () -- C:\Users\Fatih\Desktop\RegCleaner.lnk [2011.04.06 14:06:54 | 002,059,694 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB [2011.04.06 13:56:10 | 139,333,896 | ---- | M] (NVIDIA Corporation) -- C:\Users\Fatih\Desktop\266.58_notebook_winvista_win7_32bit_international_whql.exe [2011.04.06 13:53:30 | 001,039,048 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Users\Fatih\Desktop\driver_detective_EPU.exe [2011.04.06 12:09:41 | 000,048,639 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.04.06 12:09:41 | 000,048,639 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.04.06 12:06:32 | 017,815,040 | ---- | M] () -- C:\Users\Fatih\Desktop\dbg_x86_6.11.1.404.msi [2011.04.06 11:54:39 | 000,107,631 | ---- | M] () -- C:\Users\Fatih\Desktop\Zusammenfassung Kreuzprodukt.pdf [2011.04.06 11:54:26 | 000,069,293 | ---- | M] () -- C:\Users\Fatih\Desktop\Unterlagen zum Stos starrer Korper.pdf [2011.04.05 17:24:22 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk [2011.04.05 17:10:55 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\gwyiypt.sys [2011.04.05 13:06:48 | 498,580,680 | ---- | M] (Microsoft Corporation) -- C:\Users\Fatih\Desktop\Windows6.0-KB948465-X86.exe [2011.04.05 02:09:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.05 02:09:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.05 00:11:55 | 000,051,783 | ---- | M] () -- C:\Users\Fatih\Desktop\traffic.jpg [2011.04.04 19:39:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-185602744-2463074575-3719456933-1000Core.job [2011.04.03 23:08:09 | 003,341,314 | ---- | M] () -- C:\Users\Fatih\Desktop\stream(24).mp3 [2011.04.03 23:06:20 | 006,027,685 | ---- | M] () -- C:\Users\Fatih\Desktop\stream(23).mp3 [2011.04.03 23:05:37 | 005,801,411 | ---- | M] () -- C:\Users\Fatih\Desktop\stream(22).mp3 [2011.04.03 23:02:54 | 004,193,665 | ---- | M] () -- C:\Users\Fatih\Desktop\kursuna gerek yok.mp3 [2011.04.03 23:02:06 | 004,589,568 | ---- | M] () -- C:\Users\Fatih\Desktop\stream(20).mp3 [2011.04.03 23:01:00 | 006,844,065 | ---- | M] () -- C:\Users\Fatih\Desktop\dogus.mp3 [2011.04.03 14:30:28 | 012,568,889 | ---- | M] () -- C:\Users\Fatih\Desktop\kapitel 3 nur.pdf [2011.04.03 14:29:50 | 006,601,562 | ---- | M] () -- C:\Users\Fatih\Desktop\kinematik.pdf [2011.04.03 14:20:38 | 000,942,985 | ---- | M] () -- C:\Users\Fatih\Desktop\dynamik.pdf [2011.03.26 18:49:52 | 014,403,771 | ---- | M] () -- C:\Users\Fatih\Desktop\DSK_Uebungen_WS10-11.pdf [2011.03.26 18:49:36 | 018,167,138 | ---- | M] () -- C:\Users\Fatih\Desktop\TM3-Uebungen-Loesungen.pdf [2011.03.26 18:44:28 | 000,227,109 | ---- | M] () -- C:\Users\Fatih\Desktop\tm3_ws0405.pdf [2011.03.26 18:44:22 | 000,356,305 | ---- | M] () -- C:\Users\Fatih\Desktop\tm3_ss04.pdf [2011.03.26 18:44:17 | 000,289,997 | ---- | M] () -- C:\Users\Fatih\Desktop\tm3_ws0304.pdf [2011.03.26 18:44:05 | 000,411,509 | ---- | M] () -- C:\Users\Fatih\Desktop\tm3_ss03.pdf [2011.03.26 18:43:54 | 003,067,176 | ---- | M] () -- C:\Users\Fatih\Desktop\tm3_94-03.pdf [2011.03.26 18:35:36 | 000,097,383 | ---- | M] () -- C:\Users\Fatih\Desktop\Ubung 13 - Beispielklausur.pdf [2011.03.26 18:33:18 | 000,067,230 | ---- | M] () -- C:\Users\Fatih\Desktop\Musterlosung Tutoriumsaufgaben 01a02.pdf [2011.03.19 11:14:47 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.03.15 01:18:34 | 000,004,522 | ---- | M] () -- C:\Users\Fatih\.recently-used.xbel [2011.03.13 04:00:09 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\RegInOut Scheduled Scan - Fatih.job ========== Files Created - No Company Name ========== [2011.04.07 19:54:27 | 000,653,750 | ---- | C] () -- C:\Users\Fatih\Desktop\TM_3.pdf [2011.04.06 17:03:44 | 000,078,652 | ---- | C] () -- C:\Users\Fatih\Desktop\seite2antrag.jpg [2011.04.06 17:03:21 | 000,001,215 | ---- | C] () -- C:\Users\Fatih\Desktop\antrag.pl.htm [2011.04.06 14:17:27 | 000,000,774 | ---- | C] () -- C:\Users\Fatih\Desktop\RegCleaner.lnk [2011.04.06 13:57:16 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2011.04.06 12:05:38 | 017,815,040 | ---- | C] () -- C:\Users\Fatih\Desktop\dbg_x86_6.11.1.404.msi [2011.04.06 11:54:41 | 000,107,631 | ---- | C] () -- C:\Users\Fatih\Desktop\Zusammenfassung Kreuzprodukt.pdf [2011.04.06 11:54:29 | 000,069,293 | ---- | C] () -- C:\Users\Fatih\Desktop\Unterlagen zum Stos starrer Korper.pdf [2011.04.05 17:24:22 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk [2011.04.05 17:10:55 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\gwyiypt.sys [2011.04.05 11:12:01 | 268,435,456 | -HS- | C] () -- C:\Windows\System32\temppf.sys [2011.04.05 00:11:55 | 000,051,783 | ---- | C] () -- C:\Users\Fatih\Desktop\traffic.jpg [2011.04.03 23:08:06 | 003,341,314 | ---- | C] () -- C:\Users\Fatih\Desktop\stream(24).mp3 [2011.04.03 23:06:06 | 006,027,685 | ---- | C] () -- C:\Users\Fatih\Desktop\stream(23).mp3 [2011.04.03 23:05:00 | 005,801,411 | ---- | C] () -- C:\Users\Fatih\Desktop\stream(22).mp3 [2011.04.03 23:02:40 | 004,193,665 | ---- | C] () -- C:\Users\Fatih\Desktop\kursuna gerek yok.mp3 [2011.04.03 23:02:11 | 004,589,568 | ---- | C] () -- C:\Users\Fatih\Desktop\stream(20).mp3 [2011.04.03 23:00:49 | 006,844,065 | ---- | C] () -- C:\Users\Fatih\Desktop\dogus.mp3 [2011.04.03 14:30:15 | 012,568,889 | ---- | C] () -- C:\Users\Fatih\Desktop\kapitel 3 nur.pdf [2011.04.03 14:29:46 | 006,601,562 | ---- | C] () -- C:\Users\Fatih\Desktop\kinematik.pdf [2011.04.03 14:20:38 | 000,942,985 | ---- | C] () -- C:\Users\Fatih\Desktop\dynamik.pdf [2011.03.26 19:20:49 | 000,187,727 | ---- | C] () -- C:\Users\Fatih\Desktop\2006-10.pdf [2011.03.26 19:20:49 | 000,135,973 | ---- | C] () -- C:\Users\Fatih\Desktop\2007-10.pdf [2011.03.26 18:49:41 | 014,403,771 | ---- | C] () -- C:\Users\Fatih\Desktop\DSK_Uebungen_WS10-11.pdf [2011.03.26 18:49:22 | 018,167,138 | ---- | C] () -- C:\Users\Fatih\Desktop\TM3-Uebungen-Loesungen.pdf [2011.03.26 18:44:28 | 000,227,109 | ---- | C] () -- C:\Users\Fatih\Desktop\tm3_ws0405.pdf [2011.03.26 18:44:22 | 000,356,305 | ---- | C] () -- C:\Users\Fatih\Desktop\tm3_ss04.pdf [2011.03.26 18:44:17 | 000,289,997 | ---- | C] () -- C:\Users\Fatih\Desktop\tm3_ws0304.pdf [2011.03.26 18:44:05 | 000,411,509 | ---- | C] () -- C:\Users\Fatih\Desktop\tm3_ss03.pdf [2011.03.26 18:43:54 | 003,067,176 | ---- | C] () -- C:\Users\Fatih\Desktop\tm3_94-03.pdf [2011.03.26 18:35:38 | 000,097,383 | ---- | C] () -- C:\Users\Fatih\Desktop\Ubung 13 - Beispielklausur.pdf [2011.03.26 18:33:17 | 000,067,230 | ---- | C] () -- C:\Users\Fatih\Desktop\Musterlosung Tutoriumsaufgaben 01a02.pdf [2011.03.22 14:56:43 | 000,000,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.03.15 01:18:34 | 000,004,522 | ---- | C] () -- C:\Users\Fatih\.recently-used.xbel [2011.02.12 11:04:23 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll [2010.12.22 15:27:17 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.12.04 20:27:44 | 000,179,098 | ---- | C] () -- C:\Windows\hpoins27.dat.temp [2010.12.04 20:27:44 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat.temp [2010.08.09 22:02:41 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat [2010.06.28 21:20:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.28 20:22:08 | 000,027,043 | ---- | C] () -- C:\Users\Fatih\AppData\Roaming\UserTile.png [2010.01.10 19:13:37 | 000,008,484 | ---- | C] () -- C:\Users\Fatih\AppData\Local\d3d9caps.dat [2009.12.20 15:37:32 | 000,055,308 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.11.17 20:40:21 | 000,179,098 | ---- | C] () -- C:\Windows\hpoins27.dat [2009.11.10 13:43:36 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.10.04 19:53:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2009.10.04 17:10:51 | 000,006,144 | ---- | C] () -- C:\Users\Fatih\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.14 02:51:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\LogonStart.dll [2009.09.14 02:43:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat [2009.09.14 02:41:56 | 000,048,639 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.09.14 02:41:48 | 000,048,639 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.09.14 02:05:50 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.09.14 02:05:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.04.08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.12.02 03:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll [2008.08.11 04:14:11 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg [2008.05.12 05:20:31 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2008.04.16 13:11:34 | 000,669,960 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.04.16 13:11:34 | 000,143,498 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2008.01.21 04:25:01 | 000,589,824 | ---- | C] () -- C:\Windows\System32\jayy68xi.dll [2008.01.18 01:56:22 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat [2007.10.14 06:58:32 | 000,147,538 | ---- | C] () -- C:\Windows\hpqins11.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,380,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,631,026 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,117,652 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:CE2C623F @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84 < End of report > |
|
08.04.2011, 10:48
| #17 |
| | Windows Vista Blue Screen [gelöst] 2 LogfileOTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 08.04.2011 11:37:25 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sarah\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 126,32 Gb Free Space | 54,24% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 221,12 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: Sarah-PC | User Name: Sarah | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E3DDA89-A64C-4108-BA86-08FCCB15C65B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1248B531-C123-4960-BCD6-3AD0BD3FA059}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{182CB20A-9CF0-474D-906D-F71351F743F0}" = lport=137 | protocol=17 | dir=in | app=system |
"{19C81232-726B-49F1-B2FD-2231088820A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{299B0E31-22D8-4DF6-9E64-9AC831DC83B8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2BCE5870-864A-4F17-90D8-22EF3C717E4B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3E67E58F-931A-4EEE-AE32-0514F343241E}" = rport=138 | protocol=17 | dir=out | app=system |
"{3F05995E-A710-46FC-AFF9-AA39674BBBBE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{425FAC0B-F4F6-4D19-862B-C200038FB5A7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4FE41784-50B1-4A7D-96A8-C759DA1310CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5B5D043C-509A-4DAF-96A8-2F7C14D7FA55}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5EBCDEC3-FAFC-4C36-939E-499F90AAAAC9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{627192EE-FDDC-4776-A357-83CCC4BD24CC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63F1D5A2-1980-4094-A866-677DF79D34A3}" = lport=445 | protocol=6 | dir=in | app=system |
"{64AB0625-BFA4-4353-B415-21C9CDD219BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6B5356D1-5DD2-41C9-81A7-780B10AA7F3A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6ED13AD5-7B80-4AB1-8CF0-C22B2A32FBF8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{78F0B785-EB1F-4235-ACDD-B1BDCBA88CDD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E32241A-51AF-4BB7-B6B1-E47CD03DD8D8}" = lport=5000 | protocol=17 | dir=in | name=camfrog1 |
"{8474DB34-ECB7-4B25-B9D5-FFB73713A978}" = rport=137 | protocol=17 | dir=out | app=system |
"{948073B2-D92F-4CDE-A240-F855D6706819}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A0CBFEBC-D445-48BD-956D-6AD1A84FFAE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A32516AF-4759-4249-BDEA-3EF523822293}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A757DAB2-A922-454A-8A35-1F27188D9D9B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD3717B1-7EC7-4CA3-924B-43F595E911D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4FA2719-C204-456F-8833-48A212B965E4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C22C1BD7-6D2D-4B0F-AE74-F379AB677845}" = rport=445 | protocol=6 | dir=out | app=system |
"{C50D2EFF-23AA-4460-AAE5-748F74118488}" = lport=6005 | protocol=6 | dir=in | name=camfrog |
"{C5BBFC31-2F82-4654-BD4A-1B2DF9B1F928}" = rport=139 | protocol=6 | dir=out | app=system |
"{D2C54116-BDC2-420F-9B2A-9E6B2F2B982E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1A9DF7E-F6AD-4ED5-9443-53BC0E49D887}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF5CBA7C-98E6-4D64-BC43-4A6C3ABD544F}" = lport=139 | protocol=6 | dir=in | app=system |
"{F192A617-7EA4-4D0A-9A1B-C7C2A8FBD2C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{FAFFB230-9650-445A-BB7E-8F541FBE57AC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0246383D-AB6D-439B-A288-01215361779B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{04F75E38-45EA-4CFA-834A-FE34FC5F152B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{06E2BB6A-3E25-4ED1-93BC-3E9F7C1EF469}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{0DFFA93D-74F1-4436-A436-6211C1CBEE21}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0FC0B215-EACF-4C0B-9B2F-2500E0F17F58}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1A589D80-4DFB-40DD-B42C-B520B5BF8FA9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1D905744-5A7E-4FEB-B911-A1E523CA522F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{23C6AC5D-0B47-4EC9-8CFC-32D251E7057D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe |
"{25CC0600-49D6-4691-8954-76C09D57CC7B}" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"{2BBD669F-6D8D-4558-A768-898ADAFB7B73}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E67288E-6AA4-4C41-9E9D-063B804138BB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe |
"{2FC39C5F-0C41-4457-9B64-3D173950C7F9}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe |
"{399AC890-6717-4598-88EE-2FBC59EF8737}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4943C104-EEF4-4EFF-A553-D208EED6914D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{4B40E840-EA96-4C48-9E75-AE8D170C851D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C701DFD-540F-490F-9D2E-AD2B3FC9FFF4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4ECBAE6A-C8F8-46B8-AD44-7628A3E074F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52013A57-D128-45B6-AB91-5117E4502F00}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{52C918C8-FFC1-4395-BCB1-FA663973C2D7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{5897AFDA-E33A-4C4D-95F8-BAE442D00544}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{64E25145-83B7-4706-9C5D-F04FF293B925}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{67C9646F-9D6A-4852-A1D2-222D250D526F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{732DC77D-CC60-4B83-BA4D-A04167AEA50C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75CE5014-3129-49CD-B896-2EB66AE597B1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{82D05221-0148-45F4-AC32-83CE2B01006D}" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"{85E1FEE9-91A1-42A3-8276-79AD6D63A8B6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{860B7FF8-08DF-44F4-B473-CF5C64D2B6F1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{867E6FFC-A37F-46DE-A6D2-D23BF0CCB84C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{88B47B7B-F55D-4A33-81A5-CB04928AD306}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B006C4F-8A98-4361-9E4C-1B8F29E51A6A}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{9263C44B-4FF8-4BED-BDB6-881B89962B5C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{9C2D1ACB-27F8-4413-8B4F-03B5026B7C55}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe |
"{9DC7D986-5DC6-4BAE-ACF0-CF9A8CA78670}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A1FD6BA8-FD39-4E67-BE83-179C1897FBF3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A6CE29D6-2964-4F0A-B739-F7165AA35B8B}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{A958CF2D-A2E5-406D-8BD0-82489EE93F5E}" = protocol=6 | dir=out | app=system |
"{AABF5E68-189F-4319-98C9-0C22104939A4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B3B499FB-0CD0-4198-B24F-527EFD4192DF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B6E31713-AF8C-4A76-81C9-549E00BBDFE2}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{BBB04196-9311-4099-96AD-77DC7896908D}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{BCCE4772-3B78-462F-92E8-B6E7566BDC3D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C2A17FBC-94A7-4284-A55F-B9E6C0D6EEB7}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{D745DF30-7350-4E55-90A0-8A679551F417}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{DAE671A5-9FCF-43BE-BA77-3D300F459D34}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{DB23793C-2E07-4B3A-9C93-DC543B5EE75D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DBDC206C-30C0-4739-93DD-72FE25AB7AFD}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{E6BAB98A-F5F9-4674-A7F3-CC67FC370ED8}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{E7571E27-840A-4A0C-A2BA-05C958920D98}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{EA538F10-8123-4818-A46F-1D22CD1D95FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE2F224E-D808-41EE-AEBA-99E8DAEC090D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{EEEA4F8B-4FA8-412E-AF12-318882ED7112}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F50ACBA5-734B-4CBA-96E4-A29163E52A7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F714F464-50A9-4540-BC73-5F767514D1C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB7EFE97-2BCD-4F85-AE58-911B8B8D9B60}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB864B3F-1578-4025-B111-894BB6BBE645}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{1F472F4F-BE4F-4D1D-99FB-A5954C36406F}C:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe" = protocol=6 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe |
"TCP Query User{2231E050-823E-4D64-9ECF-C54BA9C09B3B}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{38F67658-C259-4D76-9B17-7EAD64B734CE}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{405165FF-7733-4844-879F-7EAA41123992}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{501FE247-E5BB-4F2C-8716-39B9D3A3AD8A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{687140E7-9E0E-47AF-9571-2B2BA3B04EAC}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{6F6694B5-CB82-47FD-AA41-830628E81FB2}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{7214A22A-AF68-485B-8550-A8449F89F9B9}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{89618E34-3D6C-48EB-8580-5F478E9890ED}C:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe" = protocol=6 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe |
"TCP Query User{8E34C7B1-4468-45DA-987E-431930510B5C}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{A327106A-2639-4672-A584-5D096837C153}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{A34D5759-931C-4DDD-8949-57FC767260B0}C:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"TCP Query User{A380D578-04C9-4E8A-AF8D-ECF674BE0C63}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{C13768B4-7524-45BE-BF85-DF033227AF41}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{CA1E25D2-E110-4D7B-9091-00F847F6225A}C:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe" = protocol=6 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe |
"TCP Query User{CA1FCA75-E8F8-4DA2-A6CF-E3DE40F11BC2}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{CB19F942-C056-4234-A5A0-0C376759416E}C:\program files\proengineer schools edition\i486_nt\obj\xtop.exe" = protocol=6 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\xtop.exe |
"TCP Query User{CF0C99EE-5251-47E1-A0B5-9180AE5D4BC5}C:\program files\proengineer schools edition\i486_nt\obj\xtop.exe" = protocol=6 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\xtop.exe |
"TCP Query User{D34582C2-F605-4EE2-A7BA-D2DBC12A7289}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DD6089A8-3B7D-4FF0-A54D-017C011D551F}C:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe" = protocol=6 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe |
"TCP Query User{F13FF121-8EE5-407E-BD80-82010A2FC3DE}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{F4A60246-B33E-49E5-8CBC-42B1F83C8B91}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F677CE85-D45A-410A-BAFD-55F469A9F43F}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{1ABAAC3C-7DF8-4576-8966-9B33C3EC421D}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{22CD5EF7-A117-457C-84E6-EFC8D1B64917}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{3D1F7440-D207-473C-920E-C1528F00B83F}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{55A6C5D6-EAF1-41D7-A353-084C3A279067}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{74FA4E1D-4E99-4EB7-B5B1-0FABFE895617}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{755E9848-B46A-43BD-80FC-3E623CAE694C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{82F1A577-8886-4D60-AF7E-D2082BE5BD55}C:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe" = protocol=17 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe |
"UDP Query User{8DDBD0AA-A7A1-4A0E-8870-97E7F228AF7B}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{9A29B844-8C04-4DE7-A51D-F5D46871907A}C:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe" = protocol=17 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe |
"UDP Query User{9F00DADC-D107-450F-B0B3-05FC641C8BE9}C:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"UDP Query User{A070A1A3-7768-4C1C-8D9F-48AE839BC3BA}C:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe" = protocol=17 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\pro_comm_msg.exe |
"UDP Query User{A3ACC5AE-0260-46C7-9C2C-00DE4261B3CA}C:\program files\proengineer schools edition\i486_nt\obj\xtop.exe" = protocol=17 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\xtop.exe |
"UDP Query User{C020A72E-5527-4860-959A-E2D0CC0A656C}C:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe" = protocol=17 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\nms\nmsd.exe |
"UDP Query User{C0814E22-8A1D-4C25-BCC3-B260D4A563DE}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{D1D5DF88-23C5-4754-9E70-C80AA704A3A0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D1D7D5D4-F989-425E-AA65-CB8F213ADC99}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E34742F9-9B3B-4EA8-B6C8-B5973EB21A52}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{E488B3BA-44FD-41E5-979C-5834B640A152}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{E75D036B-537E-4136-8368-EB48CFBA21F2}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{EB693E79-7BD5-4F8F-9B76-2F8A431CB57B}C:\program files\proengineer schools edition\i486_nt\obj\xtop.exe" = protocol=17 | dir=in | app=c:\program files\proengineer schools edition\i486_nt\obj\xtop.exe |
"UDP Query User{F65B8A43-2765-415B-AF23-E22C93141B7F}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{FEA1706E-D1D8-4E07-BBA8-B16169364496}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FEAF7893-D4E4-40D4-88BA-A22F84D99E94}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0474CEF2-37AE-441D-8FDE-A1EF7EAD01B9}" = Cisco AnyConnect VPN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22C29E59-2EF5-4B64-9B7F-9F7A69BC7D1A}" = FMRTE
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5AF0FD8E-1659-44F4-9C78-B09E0CB75F0E}" = KalOnline
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{688E07FE-9832-4FB9-8666-FB198D86ADC6}" = 2MOONS
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99A4344A-C723-4661-A507-D9D939480358}" = Cisco LEAP Module
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}" = Cisco EAP-FAST Module
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C049938D-8D8B-419A-B3E4-BCB445AAA1DD}" = LogMeIn Setup
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD344FA5-6657-47CD-940F-8727EED35595}" = Cisco PEAP Module
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"{E5407E8B-DABF-4EBE-807E-809DA7D50CBC}" = 2Moons
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Browser Defender_is1" = Browser Defender 3.0
"Camfrog 5.5" = Camfrog Video Chat 5.5
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EADM" = EA Download Manager
"Elantech" = ETDWare PS/2-x86 7.0.5.7_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Explorer Suite_is1" = Explorer Suite III
"Graboid Video" = Graboid Video 1.65
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"Java Platform, Enterprise Edition 5 SDK" = Java Platform, Enterprise Edition 5 SDK
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
"Orbit_is1" = Orbit Downloader
"Picasa 3" = Picasa 3
"Pro/ENGINEER Schools Edition Release Wildfire 4.0 Datecode M092" = Pro/ENGINEER Schools Edition Release Wildfire 4.0 Datecode M092
"PROHYBRIDR" = 2007 Microsoft Office system
"R for Windows 2.7.2_is1" = R for Windows 2.7.2
"RegInOut1.0.0.2000" = RegInOut
"Shop for HP Supplies" = Shop for HP Supplies
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SopCast" = SopCast 3.2.4
"Spyware Doctor" = Spyware Doctor 8.0
"TeamViewer 5" = TeamViewer 5
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warcraft III" = Warcraft III
"WinAce Archiver" = WinAce Archiver
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Power Loader" = Power Challenge Game Plugin
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
08.04.2011, 13:41
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows Vista Blue Screen [gelöst] Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:CE2C623F
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
[2011.04.05 17:10:55 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\gwyiypt.sys
[2011.04.05 11:12:01 | 268,435,456 | -HS- | C] () -- C:\Windows\System32\temppf.sys
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\Shell - "" = AutoRun
O33 - MountPoints2\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\Shell\AutoRun\command - "" = F:\autorun.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ |
|
08.04.2011, 15:16
| #19 |
| | Windows Vista Blue Screen [gelöst] Habs gemacht der Pc hat neu gestartet und dann ist der Blue Screen gekommen habe keine Logfiles bekommen nach dem Neustart nach dem Blue Screen. |
|
08.04.2011, 15:20
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista Blue Screen [gelöst] Wiederhol den Fix bitte.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.04.2011, 18:19
| #21 |
| | Windows Vista Blue Screen [gelöst] Habe es nochmal gemacht und dann wollte OTL einen Nuestart habe diesen Ausgeführt direkt im abgesicherten Modus gestartet aber kam keine Logfile Habe mal eine andere Frage falls ich mein System formatieren würde würde mein laptop wieder 100% funktionieren? |
|
11.04.2011, 18:27
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista Blue Screen [gelöst]Zitat:
  ??Wenn der Bluescreen nicht durch einen Hardwarefehler verursacht wird wahrscheinlich ja. Aber plätten kannst du das Teil immer noch. Such bitte nach dem Log im Ordner C:\_OTL
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2011, 19:13
| #23 |
| | Windows Vista Blue Screen [gelöst] All processes killed ========== OTL ========== Unable to delete ADS C:\ProgramData\Temp:CE2C623F . ADS C:\ProgramData\Temp:430C6D84 deleted successfully. File C:\Windows\System32\drivers\gwyiypt.sys not found. File C:\Windows\System32\temppf.sys not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! File C:\autoexec.bat not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{330bfa9a-eca4-11de-8b3f-90e6ba3b6e5b}\ not found. File F:\autorun.exe not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully. File C:\Program Files\softonic-de3\tbsoft.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully. File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found. File de3\tbsoft.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found. File de3\tbsoft.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "ICQ Search" removed from browser.search.selectedEngine ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User User: Fatih ->Temp folder emptied: 3783714 bytes ->Temporary Internet Files folder emptied: 4331265 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 137815790 bytes ->Google Chrome cache emptied: 82391043 bytes ->Flash cache emptied: 10674 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 5122668 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 223,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04112011_191116 |
|
11.04.2011, 19:14
| #24 |
| | Windows Vista Blue Screen [gelöst] hat aber nix geholfen bis jetzt der otl^^ |
|
11.04.2011, 19:15
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista Blue Screen [gelöst] Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2011, 19:32
| #26 |
| | Windows Vista Blue Screen [gelöst] nothing found kam als Ergebnis heraus keine ahnung wo sich der Log befindet |
|
11.04.2011, 19:33
| #27 |
| | Windows Vista Blue Screen [gelöst] 2011/04/11 20:30:46.0584 3800 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/11 20:30:47.0067 3800 ================================================================================ 2011/04/11 20:30:47.0067 3800 SystemInfo: 2011/04/11 20:30:47.0067 3800 2011/04/11 20:30:47.0067 3800 OS Version: 6.0.6001 ServicePack: 1.0 2011/04/11 20:30:47.0067 3800 Product type: Workstation 2011/04/11 20:30:47.0067 3800 ComputerName: FATIH-PC 2011/04/11 20:30:47.0067 3800 UserName: Fatih 2011/04/11 20:30:47.0067 3800 Windows directory: C:\Windows 2011/04/11 20:30:47.0067 3800 System windows directory: C:\Windows 2011/04/11 20:30:47.0067 3800 Processor architecture: Intel x86 2011/04/11 20:30:47.0067 3800 Number of processors: 2 2011/04/11 20:30:47.0067 3800 Page size: 0x1000 2011/04/11 20:30:47.0067 3800 Boot type: Safe boot with network 2011/04/11 20:30:47.0067 3800 ================================================================================ 2011/04/11 20:30:47.0754 3800 Initialize success 2011/04/11 20:30:50.0796 3356 ================================================================================ 2011/04/11 20:30:50.0796 3356 Scan started 2011/04/11 20:30:50.0796 3356 Mode: Manual; 2011/04/11 20:30:50.0796 3356 ================================================================================ 2011/04/11 20:30:52.0340 3356 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys 2011/04/11 20:30:52.0465 3356 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/04/11 20:30:52.0558 3356 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/04/11 20:30:52.0621 3356 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/04/11 20:30:52.0683 3356 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/04/11 20:30:52.0824 3356 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys 2011/04/11 20:30:52.0902 3356 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/04/11 20:30:53.0042 3356 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/04/11 20:30:53.0104 3356 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/04/11 20:30:53.0120 3356 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/04/11 20:30:53.0167 3356 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/04/11 20:30:53.0198 3356 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/04/11 20:30:53.0229 3356 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/04/11 20:30:53.0292 3356 AmUStor (53952d6d1bdec4090abca19d84f34e20) C:\Windows\system32\drivers\AmUStor.SYS 2011/04/11 20:30:53.0370 3356 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/04/11 20:30:53.0401 3356 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/04/11 20:30:53.0448 3356 AsDsm (104db777372411c55850c4a2ae6877ef) C:\Windows\system32\drivers\AsDsm.sys 2011/04/11 20:30:53.0526 3356 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys 2011/04/11 20:30:53.0682 3356 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/11 20:30:53.0697 3356 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys 2011/04/11 20:30:53.0806 3356 athr (4d9d710254410a7caef269819ea7b53c) C:\Windows\system32\DRIVERS\athr.sys 2011/04/11 20:30:53.0931 3356 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/04/11 20:30:53.0994 3356 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys 2011/04/11 20:30:54.0056 3356 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/04/11 20:30:54.0118 3356 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/04/11 20:30:54.0196 3356 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/11 20:30:54.0274 3356 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/04/11 20:30:54.0306 3356 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/04/11 20:30:54.0368 3356 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/04/11 20:30:54.0415 3356 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/04/11 20:30:54.0446 3356 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/04/11 20:30:54.0524 3356 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/04/11 20:30:54.0571 3356 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/04/11 20:30:54.0633 3356 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/11 20:30:54.0680 3356 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/11 20:30:54.0742 3356 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/04/11 20:30:54.0789 3356 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys 2011/04/11 20:30:54.0976 3356 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/04/11 20:30:55.0008 3356 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/04/11 20:30:55.0054 3356 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/04/11 20:30:55.0117 3356 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/04/11 20:30:55.0148 3356 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/04/11 20:30:55.0226 3356 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys 2011/04/11 20:30:55.0288 3356 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys 2011/04/11 20:30:55.0382 3356 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2011/04/11 20:30:55.0429 3356 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/04/11 20:30:55.0476 3356 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/04/11 20:30:55.0554 3356 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/04/11 20:30:55.0600 3356 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/11 20:30:55.0647 3356 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/04/11 20:30:55.0788 3356 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys 2011/04/11 20:30:55.0897 3356 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/04/11 20:30:55.0975 3356 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/04/11 20:30:56.0037 3356 ETD (7009ee1da6a128193a9d4a596570f0ef) C:\Windows\system32\DRIVERS\ETD.sys 2011/04/11 20:30:56.0084 3356 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys 2011/04/11 20:30:56.0131 3356 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys 2011/04/11 20:30:56.0178 3356 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/11 20:30:56.0209 3356 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/04/11 20:30:56.0256 3356 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/04/11 20:30:56.0287 3356 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/11 20:30:56.0334 3356 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys 2011/04/11 20:30:56.0380 3356 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/11 20:30:56.0427 3356 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/04/11 20:30:56.0521 3356 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/04/11 20:30:56.0568 3356 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/11 20:30:56.0599 3356 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/04/11 20:30:56.0630 3356 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/04/11 20:30:56.0692 3356 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/11 20:30:56.0770 3356 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/04/11 20:30:56.0833 3356 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys 2011/04/11 20:30:56.0880 3356 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/04/11 20:30:56.0926 3356 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/11 20:30:56.0973 3356 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys 2011/04/11 20:30:57.0020 3356 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/04/11 20:30:57.0129 3356 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/04/11 20:30:57.0301 3356 IntcAzAudAddService (d991871aa47da7989540ac2c0f6ec533) C:\Windows\system32\drivers\RTKVHDA.sys 2011/04/11 20:30:57.0426 3356 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/04/11 20:30:57.0472 3356 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/11 20:30:57.0519 3356 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/11 20:30:57.0582 3356 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/04/11 20:30:57.0613 3356 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/04/11 20:30:57.0675 3356 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/04/11 20:30:57.0691 3356 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/04/11 20:30:57.0738 3356 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/11 20:30:57.0769 3356 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/04/11 20:30:57.0831 3356 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/04/11 20:30:57.0878 3356 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/11 20:30:57.0909 3356 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 2011/04/11 20:30:57.0972 3356 kbfiltr (7f2b8d0b31fb4a797e5786ef124c5a80) C:\Windows\system32\DRIVERS\kbfiltr.sys 2011/04/11 20:30:58.0034 3356 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/11 20:30:58.0096 3356 L1C (fb6e5529c06c1ac997d486fd897d019d) C:\Windows\system32\DRIVERS\L1C60x86.sys 2011/04/11 20:30:58.0174 3356 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/11 20:30:58.0237 3356 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/04/11 20:30:58.0299 3356 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/04/11 20:30:58.0377 3356 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/04/11 20:30:58.0440 3356 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/04/11 20:30:58.0471 3356 lullaby (969d61d7463d78037dc6b020a435fc0c) C:\Windows\system32\DRIVERS\lullaby.sys 2011/04/11 20:30:58.0518 3356 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/04/11 20:30:58.0580 3356 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/04/11 20:30:58.0689 3356 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/04/11 20:30:58.0736 3356 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/11 20:30:58.0798 3356 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/11 20:30:58.0830 3356 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/11 20:30:58.0861 3356 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/04/11 20:30:58.0954 3356 MpFilter (dfa1cd670ea50a21c87c92c727c50950) C:\Windows\system32\DRIVERS\MpFilter.sys 2011/04/11 20:30:59.0017 3356 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/04/11 20:30:59.0048 3356 MpNWMon (77075a384a94b83e19d78efbcf8a832e) C:\Windows\system32\DRIVERS\MpNWMon.sys 2011/04/11 20:30:59.0079 3356 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/11 20:30:59.0126 3356 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/04/11 20:30:59.0157 3356 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys 2011/04/11 20:30:59.0220 3356 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/11 20:30:59.0266 3356 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/11 20:30:59.0298 3356 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/11 20:30:59.0344 3356 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/04/11 20:30:59.0376 3356 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/04/11 20:30:59.0454 3356 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/04/11 20:30:59.0500 3356 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/04/11 20:30:59.0578 3356 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/11 20:30:59.0625 3356 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/11 20:30:59.0688 3356 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/04/11 20:30:59.0719 3356 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys 2011/04/11 20:30:59.0766 3356 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/11 20:30:59.0812 3356 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/04/11 20:30:59.0859 3356 MTsensor (bb16693616427eac1a436e106ea8d318) C:\Windows\system32\DRIVERS\ATKACPI.sys 2011/04/11 20:30:59.0875 3356 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys 2011/04/11 20:30:59.0968 3356 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/11 20:31:00.0031 3356 NDIS (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys 2011/04/11 20:31:00.0078 3356 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/11 20:31:00.0093 3356 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/11 20:31:00.0124 3356 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/11 20:31:00.0171 3356 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/04/11 20:31:00.0218 3356 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/11 20:31:00.0249 3356 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/11 20:31:00.0343 3356 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/04/11 20:31:00.0390 3356 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys 2011/04/11 20:31:00.0421 3356 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/11 20:31:00.0468 3356 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys 2011/04/11 20:31:00.0546 3356 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/04/11 20:31:00.0577 3356 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/04/11 20:31:00.0624 3356 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys 2011/04/11 20:31:00.0967 3356 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/04/11 20:31:01.0294 3356 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/04/11 20:31:01.0326 3356 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/04/11 20:31:01.0357 3356 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/04/11 20:31:01.0497 3356 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/11 20:31:01.0575 3356 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/04/11 20:31:01.0606 3356 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys 2011/04/11 20:31:01.0653 3356 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/04/11 20:31:01.0684 3356 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys 2011/04/11 20:31:01.0731 3356 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/04/11 20:31:01.0778 3356 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/04/11 20:31:01.0825 3356 PCTCore (995e6bc3bb92bb4a9eb49a663c43b6cb) C:\Windows\system32\drivers\PCTCore.sys 2011/04/11 20:31:01.0872 3356 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\Windows\system32\drivers\pctDS.sys 2011/04/11 20:31:01.0918 3356 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\Windows\system32\drivers\pctEFA.sys 2011/04/11 20:31:02.0012 3356 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/04/11 20:31:02.0230 3356 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/11 20:31:02.0262 3356 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/04/11 20:31:02.0355 3356 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/11 20:31:02.0418 3356 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/04/11 20:31:02.0496 3356 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/04/11 20:31:02.0542 3356 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/11 20:31:02.0574 3356 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/11 20:31:02.0605 3356 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/11 20:31:02.0652 3356 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/11 20:31:02.0683 3356 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/11 20:31:02.0730 3356 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/11 20:31:02.0745 3356 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/11 20:31:02.0823 3356 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/04/11 20:31:02.0839 3356 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/11 20:31:02.0886 3356 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys 2011/04/11 20:31:02.0964 3356 RMCAST (fdeb76bed9c0a75329ca426623297158) C:\Windows\system32\DRIVERS\RMCAST.sys 2011/04/11 20:31:03.0026 3356 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/11 20:31:03.0073 3356 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/04/11 20:31:03.0166 3356 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 2011/04/11 20:31:03.0229 3356 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/04/11 20:31:03.0276 3356 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/04/11 20:31:03.0322 3356 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/04/11 20:31:03.0354 3356 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/04/11 20:31:03.0432 3356 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/04/11 20:31:03.0463 3356 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/04/11 20:31:03.0494 3356 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/04/11 20:31:03.0525 3356 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/04/11 20:31:03.0572 3356 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/04/11 20:31:03.0634 3356 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/04/11 20:31:03.0666 3356 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/04/11 20:31:03.0712 3356 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys 2011/04/11 20:31:03.0806 3356 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys 2011/04/11 20:31:03.0946 3356 SNP2UVC (060f51141b20b8156804446a04ab8b2a) C:\Windows\system32\DRIVERS\snp2uvc.sys 2011/04/11 20:31:04.0024 3356 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/04/11 20:31:04.0102 3356 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys 2011/04/11 20:31:04.0196 3356 srv (8e5fc19b3b38364c5f44ccecec5248e9) C:\Windows\system32\DRIVERS\srv.sys 2011/04/11 20:31:04.0243 3356 srv2 (4ceeb95e0b79e48b81f2da0a6c24c64b) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/11 20:31:04.0290 3356 srvnet (f9c65e1e00a6bbf7c57d9b8ea068c525) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/11 20:31:04.0368 3356 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/04/11 20:31:04.0430 3356 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/11 20:31:04.0508 3356 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/04/11 20:31:04.0539 3356 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/04/11 20:31:04.0570 3356 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/04/11 20:31:04.0664 3356 Tcpip (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\drivers\tcpip.sys 2011/04/11 20:31:04.0742 3356 Tcpip6 (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/11 20:31:04.0789 3356 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/11 20:31:04.0851 3356 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/04/11 20:31:04.0882 3356 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/04/11 20:31:04.0929 3356 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/11 20:31:04.0992 3356 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/11 20:31:05.0054 3356 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/11 20:31:05.0116 3356 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/04/11 20:31:05.0226 3356 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/11 20:31:05.0257 3356 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/04/11 20:31:05.0304 3356 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/11 20:31:05.0366 3356 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/04/11 20:31:05.0413 3356 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/04/11 20:31:05.0444 3356 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/04/11 20:31:05.0491 3356 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/04/11 20:31:05.0538 3356 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/11 20:31:05.0600 3356 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys 2011/04/11 20:31:05.0662 3356 usbccgp (afb10a231254a1920c3bb4a0d02e1ca6) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/11 20:31:05.0709 3356 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/04/11 20:31:05.0740 3356 usbehci (44245742c4ed2eafd69020583424455b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/11 20:31:05.0772 3356 usbhub (db39b3f83af77bca019d7df6aaddbdae) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/11 20:31:05.0818 3356 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/04/11 20:31:05.0865 3356 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/11 20:31:05.0912 3356 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/04/11 20:31:05.0990 3356 USBSTOR (1aa742316f1af7ec4b139f17f6c7c31a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/11 20:31:06.0021 3356 usbuhci (587809974e43cfad0ca0ef6e1d940ca9) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/11 20:31:06.0099 3356 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/04/11 20:31:06.0177 3356 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/11 20:31:06.0208 3356 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/04/11 20:31:06.0240 3356 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/04/11 20:31:06.0286 3356 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/04/11 20:31:06.0318 3356 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/04/11 20:31:06.0364 3356 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/04/11 20:31:06.0411 3356 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys 2011/04/11 20:31:06.0458 3356 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys 2011/04/11 20:31:06.0598 3356 vpnva (1b7c80c66742dafaa31f98af4c3a5bc2) C:\Windows\system32\DRIVERS\vpnva.sys 2011/04/11 20:31:06.0676 3356 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/04/11 20:31:06.0770 3356 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/04/11 20:31:06.0801 3356 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/11 20:31:06.0848 3356 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/11 20:31:06.0895 3356 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/04/11 20:31:06.0926 3356 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/11 20:31:07.0051 3356 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/04/11 20:31:07.0176 3356 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/04/11 20:31:07.0254 3356 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/11 20:31:07.0347 3356 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/11 20:31:07.0425 3356 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys 2011/04/11 20:31:07.0659 3356 ================================================================================ 2011/04/11 20:31:07.0659 3356 Scan finished 2011/04/11 20:31:07.0659 3356 ================================================================================ 2011/04/11 20:31:14.0804 3824 Deinitialize success |
|
11.04.2011, 19:48
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista Blue Screen [gelöst] Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2011, 20:03
| #29 |
| | Windows Vista Blue Screen [gelöst] da steht ich muss antivirs: microsoft security essential antivir desktop antispyware:microsoft security essentials und antivir desktop beenden bzw deaktivieren wie mach ich das bin im abgesicherten modus zurzeit um confi.exe auszuführen |
|
11.04.2011, 20:54
| #30 |
| | Windows Vista Blue Screen [gelöst] Combofix Logfile: Code:
ATTFilter ComboFix 11-04-11.01 - Fatih 11.04.2011 21:28:38.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.49.1031.18.3070.2471 [GMT 2:00]
ausgeführt von:: c:\users\Fatih\Desktop\cofi.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-03-11 bis 2011-04-11 ))))))))))))))))))))))))))))))
.
.
2011-04-11 19:43 . 2011-04-11 19:43 -------- d-----w- c:\users\Fatih\AppData\Local\temp
2011-04-11 19:43 . 2011-04-11 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-11 19:24 . 2011-04-11 19:24 -------- d-----w- C:\cofi
2011-04-11 18:54 . 2011-04-11 18:54 -------- d-----w- c:\program files\CCleaner
2011-04-11 17:25 . 2011-03-15 04:05 6792528 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E9BC639D-5588-46F2-AEA4-7EBBC862B805}\mpengine.dll
2011-04-11 17:18 . 2011-04-11 17:18 6478 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-04-10 21:28 . 2011-04-11 18:26 -------- d-----w- C:\Temp
2011-04-08 13:53 . 2011-04-08 13:53 -------- d-----w- C:\_OTL
2011-04-06 12:04 . 2011-04-06 12:04 -------- d-----w- C:\bb587e879a5226a37f64d1ae
2011-04-06 12:02 . 2010-12-02 09:12 837224 ----a-w- c:\windows\system32\nvgenco32hda.dll
2011-04-06 12:02 . 2010-11-11 23:10 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-04-06 12:02 . 2010-11-11 23:10 122984 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-04-06 11:58 . 2011-04-06 11:58 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-04-06 11:57 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-06 11:57 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-06 11:57 . 2011-01-08 03:27 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-06 11:57 . 2011-01-08 03:27 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-04-06 11:57 . 2011-01-08 03:27 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-04-06 11:57 . 2011-01-08 03:27 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-04-06 11:57 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-04-06 11:57 . 2011-01-08 03:27 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-04-06 11:57 . 2011-01-08 03:27 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-04-06 11:57 . 2011-01-08 03:27 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-06 11:57 . 2011-01-08 03:27 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-04-06 11:57 . 2011-01-08 03:27 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-04-06 11:56 . 2011-04-06 12:03 -------- d-----w- c:\program files\NVIDIA Corporation
2011-04-06 11:56 . 2011-04-06 11:56 -------- d-----w- C:\NVIDIA
2011-04-05 22:20 . 2011-04-05 22:20 -------- d-----w- c:\windows\Sun
2011-04-05 21:22 . 2011-04-05 21:22 -------- d-----w- c:\windows\system32\SPReview
2011-04-05 21:01 . 2011-04-05 21:01 -------- d-----w- c:\windows\system32\EventProviders
2011-04-05 15:24 . 2011-04-05 15:24 -------- d-----w- c:\program files\Western Digital Corporation
2011-03-22 12:56 . 2011-03-18 17:56 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-22 12:56 . 2011-03-18 17:56 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-22 12:56 . 2011-03-18 17:56 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-22 12:56 . 2011-03-18 17:56 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-22 12:56 . 2011-03-18 17:56 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-22 12:56 . 2011-03-18 17:56 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-22 12:56 . 2011-03-18 17:56 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-22 12:56 . 2011-03-18 17:56 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 07:45 . 2009-10-04 17:53 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-03-19 09:14 . 2010-08-13 21:17 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-15 04:05 . 2010-04-23 14:02 6792528 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-01-17 08:10 . 2011-02-12 09:03 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files\Common Files\MSIactionall.dll
2011-03-18 17:56 . 2011-03-22 12:56 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
backup=c:\windows\pss\SRS Premium Sound.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Fatih^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LogMeIn.lnk]
path=c:\users\Fatih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LogMeIn.lnk
backup=c:\windows\pss\LogMeIn.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Fatih^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SDK Tray Menu.lnk]
backup=c:\windows\pss\SDK Tray Menu.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*Restore]
2009-09-13 23:57 318464 ----a-w- c:\windows\System32\rstrui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 19:30 272952 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
2009-04-09 13:17 237568 ----a-w- c:\program files\AmIcoSingLun\AmIcoSinglun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 00:51 72248 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 00:51 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2009-08-20 03:31 170624 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2009-07-07 18:20 8493624 ----a-w- c:\program files\ASUS\ATKOSD2\ATKOSD2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2010-11-13 17:02 281768 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-09-03 21:17 3342336 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
2009-07-30 10:45 497024 ----a-w- c:\program files\Elantech\ETDCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-04-21 17:24 136176 ----atw- c:\users\Fatih\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
2009-06-19 17:29 105016 ----a-w- c:\program files\ASUS\ATK Hotkey\HControlUser.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 20:17 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 15:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2011-01-13 14:17 1589208 ----a-w- c:\program files\PC Tools Security\pctsGui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-01-28 05:30 2387968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu]
2009-02-25 21:40 218408 ----a-w- c:\program files\CyberLink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2010-06-01 08:17 5252408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
2010-02-21 03:03 1093208 ----a-w- c:\program files\Microsoft Security Essentials\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCsoft Launcher]
2010-09-14 07:56 38184 ----a-w- c:\program files\NCSoft\Launcher\NCLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-07 19:06 3597416 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTools FGuard]
2011-01-07 13:54 108496 ----a-w- c:\program files\PC Tools Security\BDT\FGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
2009-04-28 00:50 50472 ----a-w- c:\program files\CyberLink\PowerDVD9\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
2009-04-28 03:41 87336 ----a-w- c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-07-10 11:26 7612960 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-26 16:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2009-05-19 21:16 222504 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager]
2010-03-29 06:51 68000 ----a-w- c:\program files\NOS\bin\getPlus_Helper.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2009-05-20 05:16 222504 ----a-w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-12-04 05:15 218408 ----a-w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
2008-12-04 05:15 218408 ----a-w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
2009-08-15 04:55 210216 ----a-w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2008-01-21 02:23 2153472 ----a-w- c:\windows\System32\oobefldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
2009-06-11 12:14 162912 ------w- c:\program files\CyberLink\YouCam\YouCamTray.exe
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-19 691696]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-13 135336]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2011-01-07 247760]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-06-28 173352]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-08-16 592120]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-08 25600]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
R3 vtany;vtany;c:\windows\vtany.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-12-10 239168]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-07-29 87040]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x86.sys [2009-07-27 50688]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ECACHE
*NewlyCreated* - KLMD25
*Deregistered* - klmd25
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-28 05:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2011-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-185602744-2463074575-3719456933-1000Core.job
- c:\users\Fatih\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 17:24]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-185602744-2463074575-3719456933-1000UA.job
- c:\users\Fatih\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 17:24]
.
2011-03-13 c:\windows\Tasks\RegInOut Scheduled Scan - Fatih.job
- c:\program files\RegInOut\RegInOut.exe [2010-03-15 12:40]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uInternet Settings,ProxyOverride = <local>
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Fatih\AppData\Roaming\Mozilla\Firefox\Profiles\n3n3q5b7.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - prefs.js: network.proxy.ftp - proxy.hofmann.stw.uni-erlangen.de
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.hofmann.stw.uni-erlangen.de
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy.hofmann.stw.uni-erlangen.de
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy.hofmann.stw.uni-erlangen.de
FF - prefs.js: network.proxy.socks_port - 1080
FF - prefs.js: network.proxy.ssl - proxy.hofmann.stw.uni-erlangen.de
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
BHO-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
Toolbar-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
HKCU-Run-PlayNC Launcher - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
MSConfigStartUp-Metropolis - c:\users\Fatih\AppData\Local\Temp\sshnas21.dll
MSConfigStartUp-mnxobwof - c:\users\Fatih\AppData\Local\whmpyuaja\ipofctsshdw.exe
MSConfigStartUp-qywvrkca - c:\users\Fatih\AppData\Local\yurpydnrl\igamuqpshdw.exe
MSConfigStartUp-ZE18MW23GY - c:\users\Fatih\AppData\Local\Temp\Uhj.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-04-11 21:43
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
C:\ADSM_PData_0150
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
.
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec /V"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-185602744-2463074575-3719456933-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:50,18,e8,0a,b9,38,f7,66,a1,dc,05,ee,30,cd,f1,21,57,74,e0,f4,f1,e2,4e,
37,63,b8,88,9a,4d,e4,75,df,5c,cb,05,f0,c3,db,a1,3e,53,aa,1b,91,bf,7f,9f,c1,\
"??"=hex:51,3b,5b,50,a1,8d,da,b0,28,47,09,53,f2,0c,89,a3
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(568)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(1280)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
Zeit der Fertigstellung: 2011-04-11 21:49:52
ComboFix-quarantined-files.txt 2011-04-11 19:49
.
Vor Suchlauf: 16 Verzeichnis(se), 159.324.364.800 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 159.356.817.408 Bytes frei
.
- - End Of File - - 07C6974CF23256320A08F887A1271385
|
|
| Themen zu Windows Vista Blue Screen |
| abend, abgesicherte, abgesicherten, abgesicherten modus, blue, blue screen, dringend, error, forum, fängt, gestern, heute, konnte, laptop, modus, rebootet, screen, stürzt, verschwindet, versuch, versucht, vista, windows, windows vista |
Linear-Darstellung
