Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internet langsam/ausfälle

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.10.2012, 20:32   #1
Shuuji
 
Internet langsam/ausfälle - Standard

Internet langsam/ausfälle



Hallo liebes Trojaner-Board Team.
Ich habe mir vor kurzem neues inet zugelegt und nachdem ich jetzt endlich mal den richtigen router habe funktioniert mein inet auch. Ich habe mir eine 64000er Leitung von Primacom geholt und anfangs hat auch alles super funktioniert aber seit gestern stürzt es einfach mal ab und is extrem lahmarschig. Wenn ich allerdings nen Test mit speedtest.net mache zeigt er an das alles super rein kommt.....und am lappi geht eig auch alles relativ gut.
Deswegen wollte ich hier mal nachfragen was das sein könnte.

Hier erstmal die OTL-Logs

OTL.txt
Zitat:
OTL logfile created on: 26.10.2012 21:19:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shuu\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 65,56% Memory free
7,99 Gb Paging File | 6,07 Gb Available in Paging File | 75,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 37,83 Gb Free Space | 8,12% Space Free | Partition Type: NTFS
Drive F: | 4,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SHUUJI | User Name: Shuu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.26 21:14:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shuu\Desktop\OTL.exe
PRC - [2012.10.23 11:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.10.09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Shuu\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.06.07 15:27:06 | 000,510,976 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
PRC - [2012.05.25 02:02:59 | 002,686,976 | ---- | M] () -- C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.101\deploy\LoLLauncher.exe
PRC - [2012.02.04 12:42:22 | 001,294,336 | ---- | M] () -- C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe
PRC - [2012.02.04 01:12:37 | 003,087,440 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012.01.24 15:19:14 | 003,478,336 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.01.22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.01.06 04:43:40 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.07 14:03:58 | 001,033,728 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll
MOD - [2012.05.25 02:02:59 | 002,686,976 | ---- | M] () -- C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.101\deploy\LoLLauncher.exe
MOD - [2012.05.19 08:53:32 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Launcher.dll
MOD - [2012.02.17 14:28:24 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll
MOD - [2012.02.17 08:17:04 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll
MOD - [2012.02.17 08:16:26 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8435718626a24beaeefc98d45ae77127\PresentationFramework.ni.dll
MOD - [2012.02.17 08:16:10 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
MOD - [2012.02.17 08:16:03 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
MOD - [2012.02.17 08:16:00 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012.02.17 08:15:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012.02.17 08:15:55 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll
MOD - [2012.02.17 08:15:44 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012.02.17 08:15:42 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012.02.11 12:41:38 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2012.02.04 12:42:22 | 001,294,336 | ---- | M] () -- C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe
MOD - [2012.02.04 01:12:37 | 003,087,440 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2010.01.06 04:43:40 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.23 11:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.10.22 21:53:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.14 12:59:54 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.13 19:17:11 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.20 15:49:38 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.17 18:04:00 | 004,390,376 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011.04.06 14:40:10 | 000,571,904 | ---- | M] (AVerMedia Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)
SRV - [2011.04.01 23:52:24 | 000,403,456 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2011.01.29 03:50:38 | 000,348,160 | ---- | M] (AVerMedia) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2011.01.06 14:42:04 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.02.04 12:52:31 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.02.03 22:39:34 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2012.02.03 22:37:30 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.08.19 11:29:46 | 002,947,968 | ---- | M] (AVerMedia TECHNOLOGIES, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerTM62_x64.sys -- (TRIDCap)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010.05.31 12:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.01.22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.12.22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.12.31 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=111304&tt=100512_1_&babsrc=HP_ss&mntrId=30241b28000000000000bcaec5563874
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 78 16 D0 C8 E2 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=100512_1_&babsrc=SP_ss&mntrId=30241b28000000000000bcaec5563874
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={FAF2B5F6-1BBA-4837-A0DD-AEB9B0B09C64}&mid=1762e3d210a043d6904e35f09dafdbd1-207feff6200e898d7352f94d4e83363b8e4386e8&lang=en&ds=dw011&pr=sa&d=2012-06-10 16:03:45&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.8.4
FF - prefs.js..extensions.enabledAddons: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.3
FF - prefs.js..extensions.enabledAddons: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.2.1
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.22
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B3b706cc2-ca39-4b2c-aaf4-cbbc5134c83d%7D&mid=1762e3d210a043d6904e35f09dafdbd1-207feff6200e898d7352f94d4e83363b8e4386e8&ds=dw011&v=11.1.0.7&lang=en&pr=sa&d=2012-06-10%2016%3A03%3A45&sap=ku&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.04 12:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.22 21:53:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.06 21:53:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.22 21:53:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.06 21:53:49 | 000,000,000 | ---D | M]

[2012.02.04 01:10:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Extensions
[2012.10.24 00:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions
[2012.06.10 16:00:54 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012.10.13 18:27:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.10.13 18:27:17 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions\ich@maltegoetz.de
[2012.10.14 22:28:19 | 000,340,281 | ---- | M] () (No name found) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.10.13 18:27:17 | 000,269,659 | ---- | M] () (No name found) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2012.10.13 18:27:17 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.02.04 14:30:27 | 000,002,057 | ---- | M] () -- C:\Users\Shuu\AppData\Roaming\Mozilla\Firefox\Profiles\4vkmjdpt.default\searchplugins\youtube-videosuche.xml
[2012.02.11 13:39:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.02.04 13:00:51 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
[2012.02.04 12:47:20 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.10.22 21:53:36 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.04 21:54:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2012.01.29 16:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.10 16:03:39 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.05.16 01:28:07 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.10.22 21:53:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 16:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Shuu\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.68.161.141 217.68.161.171
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96B39521-19B1-41BD-9C0F-99F879882943}: DhcpNameServer = 217.68.161.141 217.68.161.171
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\PROCEXP\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\PROCEXP\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.30 10:00:00 | 000,000,040 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2aef556b-4f1b-11e1-9cc3-bcaec5563874}\Shell - "" = AutoRun
O33 - MountPoints2\{2aef556b-4f1b-11e1-9cc3-bcaec5563874}\Shell\AutoRun\command - "" = F:\SetUp.exe -- [2012.04.30 10:00:00 | 000,458,752 | R--- | M] (STACK Co.,Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.10.26 21:15:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Shuu\Desktop\OTL.exe
[2012.10.26 01:47:08 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overflow
[2012.10.26 01:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overflow
[2012.10.26 01:38:58 | 000,000,000 | ---D | C] -- C:\Overflow
[2012.10.26 00:58:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.10.26 00:49:11 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\Malwarebytes
[2012.10.26 00:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.26 00:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.26 00:48:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.26 00:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.25 17:13:15 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\AdobeUM
[2012.10.25 17:13:05 | 000,000,000 | ---D | C] -- C:\Users\Shuu\Documents\My eBooks
[2012.10.24 18:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.10.24 18:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.10.22 13:22:41 | 000,000,000 | ---D | C] -- C:\Users\Shuu\Desktop\fb
[2012.10.21 15:37:42 | 000,000,000 | ---D | C] -- C:\Users\Shuu\Desktop\schatziii pics
[2012.10.19 23:52:51 | 000,000,000 | ---D | C] -- C:\Users\Shuu\Documents\Fiesta
[2012.10.16 16:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\.mono
[2012.10.16 16:32:27 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\.mono
[2012.10.16 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\Pokémon Trading Card Game Online
[2012.10.16 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
[2012.10.14 21:14:49 | 000,000,000 | ---D | C] -- C:\Dump
[2012.10.14 02:50:12 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gamigo
[2012.10.14 02:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gamigo
[2012.10.14 02:50:11 | 000,000,000 | ---D | C] -- C:\gamigo
[2012.10.14 02:44:08 | 000,000,000 | ---D | C] -- C:\Users\Shuu\Documents\Downloads
[2012.10.14 02:44:01 | 000,000,000 | ---D | C] -- C:\Users\Shuu\AppData\Roaming\GetRightToGo

========== Files - Modified Within 30 Days ==========

[2012.10.26 21:14:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shuu\Desktop\OTL.exe
[2012.10.26 21:13:41 | 000,000,168 | ---- | M] () -- C:\Users\Shuu\defogger_reenable
[2012.10.26 18:26:55 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.26 18:26:55 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.26 18:19:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.26 18:19:27 | 3219,791,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.26 01:59:17 | 002,516,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.26 01:59:17 | 000,737,712 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012.10.26 01:59:17 | 000,722,244 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2012.10.26 01:59:17 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.26 01:59:17 | 000,149,282 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2012.10.26 01:59:17 | 000,145,590 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012.10.26 01:59:17 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.26 01:47:07 | 000,001,701 | ---- | M] () -- C:\Users\Shuu\Desktop\SCHOOLDAYS HQ.lnk
[2012.10.26 00:48:56 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.23 17:46:20 | 006,229,494 | ---- | M] () -- C:\Users\Shuu\Desktop\New Bitmap Image.bmp
[2012.10.19 17:23:00 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.15 15:29:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012.10.26 21:13:41 | 000,000,168 | ---- | C] () -- C:\Users\Shuu\defogger_reenable
[2012.10.26 01:47:07 | 000,001,701 | ---- | C] () -- C:\Users\Shuu\Desktop\SCHOOLDAYS HQ.lnk
[2012.10.26 00:48:56 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.23 17:33:29 | 006,229,494 | ---- | C] () -- C:\Users\Shuu\Desktop\New Bitmap Image.bmp
[2012.10.19 17:23:00 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.20 00:53:02 | 000,004,938 | ---- | C] () -- C:\Users\Shuu\AppData\Local\recently-used.xbel
[2012.06.10 16:03:53 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2012.06.10 16:03:53 | 000,103,875 | ---- | C] () -- C:\Windows\unins000.dat
[2012.05.26 14:51:11 | 000,000,043 | ---- | C] () -- C:\Users\Shuu\jagex_cl_runescape_LIVE.dat
[2012.05.26 14:51:11 | 000,000,024 | ---- | C] () -- C:\Users\Shuu\random.dat
[2012.05.26 14:51:06 | 000,000,023 | ---- | C] () -- C:\Users\Shuu\jagexappletviewer.preferences
[2012.05.16 01:43:33 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.05.16 01:28:08 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.10 06:07:02 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.02.10 06:05:09 | 000,041,058 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.02.09 21:58:24 | 002,491,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.04 16:44:59 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2012.02.04 16:44:59 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2012.02.04 16:44:56 | 000,614,400 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2012.02.04 16:44:56 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2012.02.04 16:44:56 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2012.02.04 16:44:56 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2012.02.04 16:44:56 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2012.02.04 16:44:56 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2012.02.04 16:44:56 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2012.02.03 22:46:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.03 22:31:06 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.01.04 11:59:19 | 014,164,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 11:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.10.16 19:21:40 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\.minecraft
[2012.10.16 16:32:27 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\.mono
[2012.06.13 22:22:16 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Audacity
[2012.05.16 01:28:05 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Babylon
[2012.10.26 01:38:30 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\DAEMON Tools Lite
[2012.02.10 00:00:39 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\DarknessIIDemo
[2012.05.13 02:25:06 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Downloaded Installations
[2012.04.05 22:37:37 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\FLAC to MP3 Converter
[2012.10.14 02:50:22 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\GetRightToGo
[2012.02.04 13:00:10 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\GHISLER
[2012.03.09 16:17:01 | 000,000,000 | -H-D | M] -- C:\Users\Shuu\AppData\Roaming\ijjigame
[2012.02.04 18:20:30 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\LolClient
[2012.05.25 02:19:35 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\LolClient2
[2012.08.03 17:56:44 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Might & Magic Heroes VI
[2012.03.28 16:46:30 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Notepad++
[2012.08.12 17:52:46 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\PhotoScape
[2012.10.25 23:53:51 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Pokémon Trading Card Game Online
[2012.04.15 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\QuickStoresToolbar
[2012.07.12 23:00:36 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Rovio
[2012.05.08 20:20:59 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\StepMania 5
[2012.05.05 15:15:27 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\SYSTEMAX Software Development
[2012.02.28 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\SystemRequirementsLab
[2012.02.21 03:21:21 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\TeamViewer
[2012.06.09 23:54:34 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\The Creative Assembly
[2012.10.26 00:32:53 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\TS3Client
[2012.08.06 00:47:53 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\Ubisoft
[2012.10.26 01:28:36 | 000,000,000 | ---D | M] -- C:\Users\Shuu\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
Extras.txt
Zitat:
OTL Extras logfile created on: 26.10.2012 21:19:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shuu\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 65,56% Memory free
7,99 Gb Paging File | 6,07 Gb Available in Paging File | 75,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 37,83 Gb Free Space | 8,12% Space Free | Partition Type: NTFS
Drive F: | 4,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SHUUJI | User Name: Shuu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B4423A9-6690-4A5D-816E-F563B615572E}" = lport=139 | protocol=6 | dir=in | app=system |
"{128D790F-83C8-4432-8FC4-C676579090DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{170F1FDC-E5FA-4D9C-BDE2-D247A47CF503}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1733D42A-C9E7-4322-B1C4-45DDF2878256}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2621BB5F-6489-4391-9C3A-7A01A2687293}" = lport=137 | protocol=17 | dir=in | app=system |
"{29378431-8087-4F02-940D-3A4FE0602750}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B30BC1F-ECF6-4E23-81B2-7A7231BDC0A0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3B9FF21D-7CF0-4279-B833-F81BE6601BD7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3C7A3E6A-5346-48A4-B4DB-D29777BA1DF4}" = lport=57089 | protocol=17 | dir=in | name=pando media booster |
"{3DE3B974-9587-4BCC-BE41-DBD8797BC7F9}" = lport=138 | protocol=17 | dir=in | app=system |
"{4244788A-9847-44F0-B451-B48C9501B7F7}" = rport=445 | protocol=6 | dir=out | app=system |
"{68BC41D5-F22D-4404-BCC8-6A930D66661A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6B108D4E-2635-4C38-AE3D-160AAB57FACB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{704A4628-1C9E-471D-B5B2-50428B8E0213}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{72ACD2DC-48F3-46F7-9A81-5D166B8DFCF0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C13529F-F178-4056-A131-142C884BDBA3}" = rport=139 | protocol=6 | dir=out | app=system |
"{7F612B8B-9B2A-4ACC-967A-F74D878A4E5E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9DB29FC9-0687-4EF0-839E-669B01B91E9C}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{A6B142DC-A8B8-4BEE-B730-A292CBD30827}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A7C0C581-A042-4377-94EB-32869EEFC07F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AB87A7F1-8832-4410-A012-FDDD77655005}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0ED45CE-A10E-4D5D-9429-290701D088D1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B360AFF6-C176-4627-9D05-8283F3C31769}" = lport=445 | protocol=6 | dir=in | app=system |
"{B4A093AE-68AD-4104-BB5A-F9210BEBF0B8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3A340F0-3F2B-46A8-8543-928010AFE855}" = lport=57089 | protocol=6 | dir=in | name=pando media booster |
"{C7937060-D73C-4C5B-B1E2-C1D4E5DBA439}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CBC42176-580D-4649-8CCF-BE9726E646EA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCFED933-24B9-4ED8-8A51-405FE78A5C71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D2897271-FF38-462A-9432-24903D9962C5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA200444-9D2E-4789-8B4C-8B9F5B1C1DB2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DF309CFD-34DE-491C-9932-B41760A9743B}" = lport=57193 | protocol=6 | dir=in | name=akamai netsession interface |
"{E46B5A5E-961C-447E-8364-11057CBC79ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E555499F-8B49-433D-A40B-78C106AD8B57}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6B02AB9-7CB5-4116-BB2A-44738F6DCD5B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EF9CF092-43B8-497C-A957-67547639D530}" = rport=138 | protocol=17 | dir=out | app=system |
"{F09C92CF-5C57-452A-8044-D5B3088C7EDB}" = lport=57089 | protocol=6 | dir=in | name=pando media booster |
"{F47CBB5F-046C-4918-94EB-BD927AC2E037}" = lport=57089 | protocol=17 | dir=in | name=pando media booster |
"{FC25AB48-8051-4D03-AADC-0363F8527483}" = rport=137 | protocol=17 | dir=out | app=system |
"{FCA9738B-A8C2-445C-AA95-80EFD607BD0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03AC13AA-0F21-4015-9346-6AD26A3B0582}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{0BD91869-62A8-4C00-BA34-E4F75B0CDC51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D5EF541-7A33-41D3-9614-6B33BA1AA8F1}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{10D630C8-26D6-41AC-9641-799F888EAFF1}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{18C0209D-76B2-4FB1-88CB-DFD22FA6C343}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1B28A940-789F-4020-AE0B-21420B714958}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1EAB478A-C727-475D-8FA8-92E47782A138}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{20CDD8D3-5464-47F8-BD5F-C49486400031}" = protocol=17 | dir=in | app=c:\games\star wars-the old republic\launcher.exe |
"{20EB546A-0C54-4F36-B9EC-E38150BFB85F}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{248FBE7C-8C54-40E0-9F98-E249996B8E1D}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{26937BAB-CEAD-48D1-A435-AFDECB5ED716}" = protocol=6 | dir=in | app=c:\users\shuu\appdata\local\akamai\netsession_win.exe |
"{26A7B656-7543-4D19-862A-BD936BE059EA}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2918FA5B-4E93-4C21-BBCD-195E77555CF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2C60197D-7867-4EFD-9AAF-70B1EB45490D}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\configwizard.exe |
"{35D5399E-6775-4F7A-88A5-8E080F201CA4}" = protocol=58 | dir=in | app=system |
"{3A6A186F-AFC5-419B-A1E3-317803C5A211}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\configwizard.exe |
"{44D432ED-47D2-41BF-8B45-6E9041CF9BE4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{45D791CA-3869-4EED-A9D2-5FBBC2B09CCD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{49E23198-85A6-44E8-98AC-CF536462C101}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4C7CA431-751B-428C-8820-96C97DE72036}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4FDEE28F-74F1-4D5C-896B-44F2ADE5981B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{52FA2268-10C7-4C0E-A62D-053B997AA43D}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{533C085D-D142-48C2-AC0C-DE6483C5FCBE}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe |
"{54859C9D-F8ED-45CE-8586-094C9546E2A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{591DCCA1-4C74-4A79-B44C-75842636F172}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5936374C-4E01-4134-8610-70355FE5F092}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{5BA46C95-FE1A-4662-8161-26C6B56AC1C4}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{5C8905C8-1D61-4A5F-BE00-94B433B4C655}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{5E63F7F3-6C2F-4C41-8520-6DB638CBF0A8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{5F0661C3-88D5-461B-A9E8-90B2C7A603F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5F8AD4AC-4454-4DCD-879A-2DFFDE0C5C45}" = protocol=6 | dir=in | app=c:\games\star wars-the old republic\launcher.exe |
"{64A1DFA8-2885-455D-8AF6-389B29E0936C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{663247A9-4E93-476C-9E3F-84CA7824C133}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |
"{7B12B790-CC76-45CC-9615-DB613724B4FC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{7FC0FC94-F9B1-43B2-8682-57EAA5CE436D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82EC4658-C81D-4628-BC40-EDF17ADF2F1A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{8700973C-4942-41D7-A33E-621D2290EDEB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{8783760D-D282-412B-A12F-B77D5BBEF249}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{89E22075-0DA7-42B4-A310-F5A6AC2C2AA6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B88B2EB-12F7-42BE-A24F-EF546491BEE3}" = protocol=6 | dir=in | app=c:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{8F02736B-74D9-4838-ADC8-09DFC6E8DA3A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9292656A-7887-4668-B2C3-F602A0FFCE68}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{958836C5-485C-4531-B1AA-9229CA20AA1F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{9622D331-AAB9-43F3-9383-D0CAF3C65CEA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{98B01D76-FF15-4A0C-A066-D8A536C2CAB6}" = protocol=6 | dir=in | app=c:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{98C4C4D9-9188-4B22-90BF-AD3FF776DA03}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{98E920CA-1D11-4E78-937D-FDB7096D06CB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9A6F34A1-5762-475B-8B8A-E1E5ECEC1454}" = protocol=6 | dir=out | app=system |
"{9B8B699D-7450-44AF-8B23-767F4E90732F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A1E25E7C-FBF5-4F78-BEF6-69084C5E2F4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AF9B69EE-A048-40E0-A37F-AF8EC21C0162}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B43AC00C-400C-4BC0-9A85-685646B68712}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B47CB9C0-ED5F-401C-8EEA-CC7369EAED5C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B7F3547F-A691-481A-8B77-29365FF78A56}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{C0853AD6-5496-48AD-BB30-CDAC597FF021}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{C11D14AF-C10C-4D2E-8361-360A576F20E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1DC4599-A305-41B5-88D9-E04C41BE69A5}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{C2E931F3-1828-4ACE-B3AF-AC43393F5806}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe |
"{C5D0FD9D-B3E0-4BB6-875C-2CC80E44DC89}" = protocol=17 | dir=in | app=c:\users\shuu\appdata\local\akamai\netsession_win.exe |
"{C62D45A1-1249-40CE-8FC0-AC4FC5A94D2A}" = protocol=17 | dir=in | app=c:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{C8588EA9-6CAD-468C-B6B4-B94FB034437A}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe |
"{CE54E4D7-0E4C-47EA-B150-A99F6A754CB2}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{D02FBECC-0824-47C3-9CE5-698A8A40316E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D6072DAB-7DA5-4CB3-A159-984BB7FED899}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D7465976-2D7A-42EA-BE25-F91951FF334C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{D93090EE-8B5F-4053-8758-D4938EE91A08}" = protocol=6 | dir=in | app=c:\games\star wars-the old republic\launcher.exe |
"{DA646196-2099-44E1-B3EC-E3ED99277C73}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DBDF08B5-86A8-4286-A0D0-D4D404E1F98E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DE7DB130-A03C-444B-BB2C-DCE74884AC62}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{E4D92E34-D3A4-48DF-9750-7E421D4765DA}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe |
"{E97401CC-0882-4513-8ADD-3FCFB899FBF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EC659FC7-ACE0-4A0C-B674-8ABF76D5B03E}" = protocol=17 | dir=in | app=c:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{F20FACE3-B7AF-49C3-8C67-789B5512C3D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F27E9694-0FE0-4DDF-9629-315EA9E2B492}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{F2CDF304-0166-4E53-81EA-D67FDC62F551}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |
"{F68A8DA4-184C-48D0-914A-300CF054DF40}" = protocol=17 | dir=in | app=c:\games\star wars-the old republic\launcher.exe |
"TCP Query User{094257C2-BFDF-405B-9E15-977299E2375B}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{16740077-CA25-4D9E-A3F1-19BA249D9BC8}C:\users\shuu\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\shuu\appdata\local\akamai\netsession_win.exe |
"TCP Query User{1B65A163-A5B7-46FA-BD67-30B8E79950BB}C:\program files (x86)\stepmania 5\program\stepmania-sse2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania-sse2.exe |
"TCP Query User{1DA8DDDB-D339-4566-BEF2-79542354AF8E}C:\ubisoft\gro\pdc-live\yeti_release.exe" = protocol=6 | dir=in | app=c:\ubisoft\gro\pdc-live\yeti_release.exe |
"TCP Query User{2798CC49-98D6-4106-8516-C5E99CFCF629}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{446A875A-4BB6-459B-BE3E-24687B90BC55}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{63E05158-AE80-4268-AF96-E547F521356C}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{6D4BDDD4-4A1A-4B2C-B4B5-569F9D295AB1}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{7602E6F5-ED5C-4443-BFD3-03C49081B33B}C:\program files (x86)\stepmania 5\program\stepmania.exe" = protocol=6 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania.exe |
"TCP Query User{7770E258-F77C-47FA-8CB6-431F019DA6D5}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"TCP Query User{99BCB191-D30E-41AD-AA92-DB6ABA79770C}E:\gamez\cs 1.6\valve\hl.exe" = protocol=6 | dir=in | app=e:\gamez\cs 1.6\valve\hl.exe |
"TCP Query User{9B4514DF-BCA2-4F11-BD2D-D4792B13F61C}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{9EF51B4B-AF89-44E6-BEEB-52847413B260}C:\users\shuu\appdata\local\apps\2.0\zpvmh3rd.n0g\22rtnrwx.3jt\laun...app_59711684aa47878d_0001.0018_2b8913981b129228\launcher.exe" = protocol=6 | dir=in | app=c:\users\shuu\appdata\local\apps\2.0\zpvmh3rd.n0g\22rtnrwx.3jt\laun...app_59711684aa47878d_0001.0018_2b8913981b129228\launcher.exe |
"TCP Query User{B90C963C-32B4-4878-877F-18CDFDBB48D5}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"TCP Query User{E883B585-5418-49BA-A094-DFAD06DC85CE}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{E8E72C15-D55A-4239-99E9-2B4C73DA6C72}C:\program files (x86)\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo ii\game.exe |
"TCP Query User{F8ED0BFB-709B-4B20-9BBB-14F27405E8CE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{FE824403-C78A-4403-95F4-3D1D9594AEA2}D:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{09CB3EC9-C378-4A6D-9FA5-4B939A08CF89}D:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{28E49F8E-8B2D-407D-B305-D5F4E18A1780}E:\gamez\cs 1.6\valve\hl.exe" = protocol=17 | dir=in | app=e:\gamez\cs 1.6\valve\hl.exe |
"UDP Query User{4C3D1CCF-17F5-43EB-97FC-F52966929E7B}C:\program files (x86)\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo ii\game.exe |
"UDP Query User{764D0438-E5C1-42FD-9E2B-E6C1BF41D91C}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"UDP Query User{81713FEA-E878-40BD-B2F2-C23B4F278CE8}C:\program files (x86)\stepmania 5\program\stepmania.exe" = protocol=17 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania.exe |
"UDP Query User{84743AE8-42D1-4195-9B2E-B73D9084272B}C:\users\shuu\appdata\local\apps\2.0\zpvmh3rd.n0g\22rtnrwx.3jt\laun...app_59711684aa47878d_0001.0018_2b8913981b129228\launcher.exe" = protocol=17 | dir=in | app=c:\users\shuu\appdata\local\apps\2.0\zpvmh3rd.n0g\22rtnrwx.3jt\laun...app_59711684aa47878d_0001.0018_2b8913981b129228\launcher.exe |
"UDP Query User{8A4DE377-04D5-4AE6-8257-46BCA0D33A1F}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{906A8BAB-CABD-4F3A-88B1-F1096FCD6F42}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{968A7670-B306-4F15-9096-B895326F6290}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{A2B70953-DBA8-47E8-940B-4D01C7F6F15D}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"UDP Query User{A3913935-8A14-451B-929D-1675234F014B}C:\ubisoft\gro\pdc-live\yeti_release.exe" = protocol=17 | dir=in | app=c:\ubisoft\gro\pdc-live\yeti_release.exe |
"UDP Query User{A59A73B9-26E6-49C8-A31E-C5AC0AFB96C8}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{C644E3E4-3B45-4DA1-B7B3-DBBB4894658B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{CA2B1B0E-B3AF-4A5C-9AE7-67A6E89A5EDB}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{DB60B929-0BA7-4036-8B87-AD3D7BFF1A09}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{EB836942-853F-496C-8986-4DA2CF07149C}C:\program files (x86)\stepmania 5\program\stepmania-sse2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania-sse2.exe |
"UDP Query User{F89D61FC-C6A7-439D-AA10-3C0E0760C30F}C:\users\shuu\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\shuu\appdata\local\akamai\netsession_win.exe |
"UDP Query User{FC47918B-4409-48B0-8581-BA9457B19329}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{0CC4F67D-D41D-8C1A-C605-39154DDEAC63}" = AMD Fuel
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}" = AMD Catalyst Install Manager
"{5F92DAD2-FD95-DD12-50DF-A6F66C7E67C8}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UDK-83e861db-9650-4e7f-8631-29d7472ea09a" = My Game Long Name
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.10 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{18600C30-CD5D-48D4-82AB-52A869DAE122}" = S4 League_EU
"{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
"{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
"{33CFCB69-2FA5-43E8-B8A8-FAA155F870B5}" = SnugTV Station
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
"{496D7B7E-EBDC-4E2B-B021-4FF03B188B69}" = Pokémon Trading Card Game Online
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
"{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
"{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
"{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739126B3-1C80-4F1F-8D59-312A19633E1A}_is1" = Epub reader
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
"{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
"{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
"{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
"{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
"{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
"{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer MediaCenter 3D
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D544AE4C-4152-225B-A897-6756C8986B14}" = AMD VISION Engine Control Center
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"ArtMoney PRO_is1" = ArtMoney PRO v7.27
"ArtMoney SE_is1" = ArtMoney SE v7.37
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audacity_is1" = Audacity 2.0
"AVerMedia H727 PCIe TV Tuner" = AVerMedia H727 PCIe TV Tuner 1.12.64.49
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1" = FLAC to MP3 Converter 6.1.8
"Debut" = Debut Video Capture Software
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"Dungeon Keeper II" = Dungeon Keeper 2
"Europe MapleStory_is1" = Europe MapleStory
"FBReader for Windows" = FBReader for Windows
"Fiesta Online DE" = Fiesta Online DE 1.04.095
"Fraps" = Fraps (remove only)
"Gunz" = ijji - Gunz
"hon" = Heroes of Newerth
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer MediaCenter 3D
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"mIRC" = mIRC
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Notepad++" = Notepad++
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"RocketDock_is1" = RocketDock 1.3.5
"Rockstar Games Social Club" = Rockstar Games Social Club
"SCHOOLDAYS HQ" = SCHOOLDAYS HQ
"Steam App 10" = Counter-Strike
"Steam App 105600" = Terraria
"Steam App 203730" = Q.U.B.E.
"Steam App 204410" = The Darkness II Demo
"Steam App 40800" = Super Meat Boy
"Steam App 420" = Half-Life 2: Episode Two
"StepMania 5" = StepMania v5.0 alpha 1a (Nur entfernen)
"Syndicate_is1" = Syndicate
"TeamViewer 7" = TeamViewer 7
"Total War Shogun 2 - Fall Of The Samurai_is1" = Total War Shogun 2 - Fall Of The Samurai
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"d8be6c3f847d7d92" = Ghost Recon Online

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.10.2012 15:01:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 26.10.2012 15:14:13 | Computer Name = Shuuji | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .


< End of report >
Malwarebytes-Log:

Zitat:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.25.07

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Shuu :: SHUUJI [Administrator]

26.10.2012 00:49:39
mbam-log-2012-10-26 (00-49-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 200456
Laufzeit: 2 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Shuu\Downloads\epubreader.exe (PUP.BundleInstaller.OI) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
So wenn ich nochwas posten soll sagt bescheid ^^
Danke schonmal für die Hilfe
Grüße Shuuji

Alt 27.10.2012, 20:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet langsam/ausfälle - Standard

Internet langsam/ausfälle



Sieht imho unauffällig aus

Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen.

So kann man sehen ob sich da ein Hardwareproblem abzeichnet oder der Fehler eher in der Konfig in Windows und/oder im Dateisystem ist.

Lad dir mal sowas wie Knoppix oder Xubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon.
Teste dann mal ausgiebig die Internetverbindung unter Linux und berichte ob die Verbindung und das System dort normal schnell oder auch langsam ist.
__________________

__________________

Antwort

Themen zu Internet langsam/ausfälle
akamai, autorun, battle.net, bho, cid, downloader, entfernen, error, failed, firefox, flash player, helper, install.exe, internet, jdownloader, league of legends, logfile, mozilla, mp3, pando media booster, plug-in, realtek, registry, required, rundll, scan, security, software, super, svchost.exe, teamspeak, total commander, trojaner-board, usb, usb 3.0, vdeck.exe, windows



Ähnliche Themen: Internet langsam/ausfälle


  1. PC langsam. Internet langsam. Beim Start öffnen sich unseriöse Sachen.
    Plagegeister aller Art und deren Bekämpfung - 26.12.2014 (7)
  2. Notebook extrem langsam und teilweise Ausfälle
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (11)
  3. Windows 7 Internet Explorer langsam Internet Explorer reagiert lahm oder gar nicht
    Log-Analyse und Auswertung - 28.05.2014 (15)
  4. PC langsam, Internet manchmal langsam, Trojaner?
    Log-Analyse und Auswertung - 03.04.2014 (1)
  5. Rechner langsam, Internet langsam, neue Programme , mit Log Files
    Log-Analyse und Auswertung - 08.05.2013 (4)
  6. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  7. Internet Langsam
    Plagegeister aller Art und deren Bekämpfung - 08.11.2012 (19)
  8. GoDaddy: Kein Hackerangriff für Ausfälle verantwortlich
    Nachrichten - 12.09.2012 (0)
  9. Angeblicher Hacker-Angriff: Massive Ausfälle beim Webhoster GoDaddy
    Nachrichten - 11.09.2012 (0)
  10. Internet Explorer 2 x im Taskmanager und Internet-Explorer + System furchtbar langsam
    Log-Analyse und Auswertung - 24.09.2010 (7)
  11. Seit Win 7 PC-Ausfälle?
    Netzwerk und Hardware - 04.07.2010 (3)
  12. Internet langsam und zu reagiert das Internet und Outlook nicht mehr
    Log-Analyse und Auswertung - 27.08.2009 (37)
  13. internet seitenaufbau total langsam,internet aktivität zu hoch.
    Plagegeister aller Art und deren Bekämpfung - 03.12.2008 (0)
  14. unregelmäßige Internet-Ausfälle
    Antiviren-, Firewall- und andere Schutzprogramme - 29.06.2008 (9)
  15. CD Laufwerk geht auf und zu| Rechner langsam | Internet langsam
    Log-Analyse und Auswertung - 01.06.2007 (1)
  16. pc so langsam . internet aufbau langsam pc ständig am arbeiten
    Log-Analyse und Auswertung - 04.05.2007 (9)

Zum Thema Internet langsam/ausfälle - Hallo liebes Trojaner-Board Team. Ich habe mir vor kurzem neues inet zugelegt und nachdem ich jetzt endlich mal den richtigen router habe funktioniert mein inet auch. Ich habe mir eine - Internet langsam/ausfälle...
Archiv
Du betrachtest: Internet langsam/ausfälle auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.