Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.04.2013, 16:51   #1
Azzi
 
Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein - Standard

Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein



Hallo zusammen!
Also wie der Titel schon sagt friert mein Notebook, nach dem es in Windows 7 64 bit bootet für ein paar Sekunden ein. Dabei kann ich noch die Maus bewegen jedoch erscheint die Sanduhr und der Explorer sowie das System geben keine Rückmeldung. Sobald das einfreieren vorbei ist habe ich erstmal Ruhe bis ich das Notebook neustarte.

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:42:03, on 23.04.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
D:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Azzi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - D:\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Solver for Flow Simulation 2011 - Mentor Graphics Corporation - D:\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9880 bytes
         
Ich hoffe ihr könnt mir helfen!
Liebe Grüße

Alt 24.04.2013, 14:01   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein - Standard

Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein







Lesestoff:
Bitte keine Hijackthis-Logfiles posten!!!


Zitat:
Zitat von Larusso Beitrag anzeigen
Uns ist klar, dass HijackThis wahrscheinlich eines der bekanntesten Analysetools ist.
Jedoch scannt es nur noch sehr oberflächlich und gibt uns für eine genaue Analyse eures Systems zu wenig Informationen.

Darum, bitte keine HijackThis Logfiles posten, sondern folgendes lesen und abarbeiten.

http://www.trojaner-board.de/69886-a...-beachten.html

Nur mit diesen Informationen können wir euch helfen.

Danke
__________________

__________________

Alt 24.04.2013, 18:14   #3
Azzi
 
Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein - Standard

Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein



So hier die neuen Logfiles mit OTL:
Code:
ATTFilter
OTL logfile created on: 24.04.2013 18:51:48 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 71,14% Memory free
7,71 Gb Paging File | 6,66 Gb Available in Paging File | 86,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 10,98 Gb Free Space | 14,73% Space Free | Partition Type: NTFS
Drive D: | 204,03 Gb Total Space | 120,26 Gb Free Space | 58,94% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 6,16 Gb Free Space | 83,22% Space Free | Partition Type: FAT32
 
Computer Name: AZZI-LAPTOP | User Name: Azzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
PRC - D:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - D:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (CoordinatorServiceHost) -- D:\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV - (Remote Solver for Flow Simulation 2011) -- D:\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe (Mentor Graphics Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (MAUSBFASTTRACK) -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys (Avid Technology, Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (JME) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (bcd3000) -- C:\Windows\SysNative\drivers\bcd3000_x64.sys (Behringer)
DRV:64bit: - (bcd3000wdm) -- C:\Windows\SysNative\drivers\bcd3000wdm_x64.sys (Behringer)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (MAUSBMICRO) -- C:\Windows\SysNative\drivers\MAudioMicro.sys (Avid Technology, Inc.)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (RL_DJIFIE2_USB) -- C:\Windows\SysNative\drivers\rldjif2u.sys (Ploytec GmbH)
DRV:64bit: - (RL_DJIFIE2_WDM) -- C:\Windows\SysNative\drivers\rldjif2a.sys (Ploytec GmbH)
DRV:64bit: - (RL_DJIFIE2_MIDI) -- C:\Windows\SysNative\drivers\rldjif2m.sys (Ploytec GmbH)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (camfilt2) -- C:\Windows\SysNative\drivers\camfilt2.sys (Guillemot Corporation)
DRV:64bit: - (OM0530) -- C:\Windows\SysNative\drivers\ov530vx.sys (OmniVision Technology Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 3C C5 AC DA AA CB 01  [binary data]
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..\SearchScopes,DefaultScope = {5B09AC6F-83A1-4520-BBE1-CDA195067BB4}
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..\SearchScopes\{5B09AC6F-83A1-4520-BBE1-CDA195067BB4}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Azzi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Azzi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.10.15 15:27:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.09.27 17:01:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.30 22:57:30 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Azzi\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Azzi\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Azzi\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: YouTube = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Google Mail = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2011.10.15 13:29:04 | 000,001,230 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71D945F1-9714-4607-B693-52471E5532D3}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{13d4e3b9-9615-11e1-bf51-d8156f1cae48}\Shell - "" = AutoRun
O33 - MountPoints2\{13d4e3b9-9615-11e1-bf51-d8156f1cae48}\Shell\AutoRun\command - "" = F:\MonopolyPBInstall.exe
O33 - MountPoints2\{679fc13a-a0e4-11e1-8b92-ee24d9837b48}\Shell - "" = AutoRun
O33 - MountPoints2\{679fc13a-a0e4-11e1-8b92-ee24d9837b48}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{d43f7276-d358-11e1-8554-ee5373723d4d}\Shell - "" = AutoRun
O33 - MountPoints2\{d43f7276-d358-11e1-8554-ee5373723d4d}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.23 20:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.04.23 20:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.23 20:28:41 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.04.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Users\Azzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013.04.23 17:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013.04.15 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\Azzi\Documents\Diablo III
[2013.04.15 18:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.15 18:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.04.15 18:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.15 18:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.04.15 18:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.04.15 18:28:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.04.15 18:02:55 | 000,000,000 | ---D | C] -- C:\Users\Azzi\Desktop\Rush4x_D3
[2013.04.15 16:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.24 18:52:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 18:52:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 18:49:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-343234313-4265166236-2536907646-1000UA.job
[2013.04.24 18:49:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 18:48:56 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job
[2013.04.24 18:46:39 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 18:46:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.24 18:46:08 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.24 18:45:14 | 000,000,020 | ---- | M] () -- C:\Users\Azzi\defogger_reenable
[2013.04.23 20:30:42 | 000,177,696 | ---- | M] () -- C:\Users\Azzi\Documents\923539_320984924698028_410596023_n.jpg
[2013.04.23 18:04:51 | 000,000,096 | ---- | M] () -- C:\Users\Azzi\Desktop\Plagegeister aller Art und deren Bekämpfung - Trojaner-Board.url
[2013.04.23 17:40:48 | 000,002,971 | ---- | M] () -- C:\Users\Azzi\Desktop\HiJackThis.lnk
[2013.04.23 16:49:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-343234313-4265166236-2536907646-1000Core.job
[2013.04.15 21:25:25 | 000,007,607 | ---- | M] () -- C:\Users\Azzi\AppData\Local\Resmon.ResmonCfg
[2013.04.15 18:47:26 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.15 18:47:26 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.15 18:47:26 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.15 18:47:26 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.15 18:47:26 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.15 18:41:05 | 004,988,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.15 16:36:02 | 000,000,655 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2013.04.06 18:58:49 | 000,000,269 | ---- | M] () -- C:\Windows\Brownie.ini
 
========== Files Created - No Company Name ==========
 
[2013.04.24 18:45:14 | 000,000,020 | ---- | C] () -- C:\Users\Azzi\defogger_reenable
[2013.04.23 20:30:39 | 000,177,696 | ---- | C] () -- C:\Users\Azzi\Documents\923539_320984924698028_410596023_n.jpg
[2013.04.23 18:04:51 | 000,000,096 | ---- | C] () -- C:\Users\Azzi\Desktop\Plagegeister aller Art und deren Bekämpfung - Trojaner-Board.url
[2013.04.23 17:40:48 | 000,002,971 | ---- | C] () -- C:\Users\Azzi\Desktop\HiJackThis.lnk
[2013.04.15 16:35:44 | 000,000,655 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.03.16 17:35:02 | 000,117,660 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.02.07 16:14:52 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.01.31 14:01:23 | 000,000,132 | ---- | C] () -- C:\Users\Azzi\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.01.26 18:22:57 | 000,000,000 | ---- | C] () -- C:\Users\Azzi\AppData\Local\Temptable.xml
[2012.01.09 17:06:59 | 000,000,132 | ---- | C] () -- C:\Users\Azzi\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.01.02 14:11:02 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011.12.25 00:18:22 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2011.10.30 23:13:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.10.30 23:13:16 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.10.30 23:13:13 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.10.30 23:13:13 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.10.30 23:13:13 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.10.15 18:04:07 | 000,000,632 | ---- | C] () -- C:\Windows\Qiii.INI
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.17 13:15:37 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.08.15 19:12:09 | 000,000,000 | ---- | C] () -- C:\Windows\scummvm.ini
[2011.06.12 15:55:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.01.07 11:18:24 | 000,007,607 | ---- | C] () -- C:\Users\Azzi\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.01.06 14:34:28 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Ableton
[2012.01.19 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Audacity
[2012.06.19 11:08:16 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Blender Foundation
[2012.01.02 16:52:13 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Canneverbe Limited
[2011.07.27 14:24:07 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.10.15 15:04:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.10.15 14:38:16 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\com.adobe.dmp.contentviewer
[2011.10.12 20:18:23 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.11.12 02:53:17 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Daichi
[2012.01.02 14:08:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\DassaultSystemes
[2012.12.13 09:38:04 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Digidesign
[2012.01.28 20:29:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\DVDVideoSoft
[2012.04.13 18:43:05 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\EDrawings
[2011.11.27 14:35:07 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\GetRightToGo
[2011.03.06 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\GlarySoft
[2011.12.30 02:01:53 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\IrfanView
[2012.12.04 21:04:12 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Leadertech
[2012.11.03 22:18:50 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\LolClient
[2012.01.31 15:31:56 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Luxology
[2011.08.28 14:13:08 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\MAGIX
[2012.11.16 11:37:17 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\MediaMonkey
[2011.12.13 21:37:36 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Notepad++
[2011.01.04 17:55:22 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\OpenOffice.org
[2012.12.04 20:54:08 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\PACE Anti-Piracy
[2012.11.04 18:03:56 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Pioneer
[2012.11.29 16:27:30 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\PioneerLog
[2011.07.13 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Publish Providers
[2012.03.14 17:31:56 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\redsn0w
[2011.11.20 18:09:12 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\smc
[2011.03.06 23:31:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.11.19 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Subversion
[2013.02.07 19:19:35 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\TeamViewer
[2011.08.19 23:11:10 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\TIPP10
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1276 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:ekjD4Zwuzg1M4NvAAJLSYJmNmIMIm
@Alternate Data Stream - 1248 bytes -> C:\Users\Azzi\AppData\Local\Yh3Gil1YsDPGUe:dnTujyUSadLU8G5YDMoWWzjd
@Alternate Data Stream - 1248 bytes -> C:\ProgramData\Microsoft:cKj6LifAbX04r7ubbebr
@Alternate Data Stream - 1246 bytes -> C:\ProgramData\Microsoft:gHfua40KvIEnrX3AB
@Alternate Data Stream - 1221 bytes -> C:\ProgramData\Microsoft:H5dVPcFQdHkJaJXMSQ
@Alternate Data Stream - 1185 bytes -> C:\ProgramData\Microsoft:NXTK9qkha38x2kSbfDNL3X
@Alternate Data Stream - 1183 bytes -> C:\Program Files\Common Files\System:s956ZFYMpXxBdfc6boi6q1C
@Alternate Data Stream - 1179 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:YvHwDcwksllS55h7HEUo5PGHg
@Alternate Data Stream - 1169 bytes -> C:\ProgramData\Microsoft:6GDq5zHqtFfKCTZqi
@Alternate Data Stream - 1166 bytes -> C:\ProgramData\Microsoft:GpLTBww8K4aQoDSTzn2e
@Alternate Data Stream - 1164 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:eFKlgV2avryTjc7PdvoqSO1ivUau
@Alternate Data Stream - 1150 bytes -> C:\ProgramData\Microsoft:04g2RXCtoZ2Xwh6JhWTA
@Alternate Data Stream - 1140 bytes -> C:\ProgramData\Microsoft:sLmqNOcLYqm4cxrC1ttakl0D
@Alternate Data Stream - 1135 bytes -> C:\Users\Azzi\AppData\Local\NlTkdimrUdoor:rlUGdBvA3Pz4w5qdwkQR
@Alternate Data Stream - 1129 bytes -> C:\Users\Azzi\AppData\Local\Temp:YDyQ4HvYlS6rbcxnyolZ9vj
@Alternate Data Stream - 1120 bytes -> C:\ProgramData\Microsoft:Hn2wgfOXrJy2KnfO1VfCTcw
@Alternate Data Stream - 1087 bytes -> C:\ProgramData\Microsoft:tv9TauDnesKLh95h1N
@Alternate Data Stream - 1057 bytes -> C:\ProgramData\Microsoft:RHqX8DyjRhwntKtCOogLquA
@Alternate Data Stream - 1025 bytes -> C:\Program Files\Common Files\System:Dv2sBIwXO6q9iZSZ9dIuHp

< End of report >
         
OTL extras:
Code:
ATTFilter
OTL Extras logfile created on: 24.04.2013 18:51:48 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 71,14% Memory free
7,71 Gb Paging File | 6,66 Gb Available in Paging File | 86,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 10,98 Gb Free Space | 14,73% Space Free | Partition Type: NTFS
Drive D: | 204,03 Gb Total Space | 120,26 Gb Free Space | 58,94% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 6,16 Gb Free Space | 83,22% Space Free | Partition Type: FAT32
 
Computer Name: AZZI-LAPTOP | User Name: Azzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD8A60A-16CD-4F1D-8A7D-3F7286AB3721}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0B0B0EC6-A02F-4201-A2F5-C47AD13AF101}" = rport=139 | protocol=6 | dir=out | app=system | 
"{13105250-A6D5-41CE-A22E-AB7688F0FBFD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{1795A599-BFA0-41B8-92D1-64B3D7F2AB37}" = lport=138 | protocol=17 | dir=in | app=system | 
"{18AD4933-7AC9-4476-AA8B-1661555E9571}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1B487A76-25D7-430A-95B5-8232B587737B}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{259B55C2-368A-4CEA-8A02-78D529452FBF}" = rport=137 | protocol=17 | dir=out | app=system | 
"{2F094B8A-77E9-4F5D-97D2-61581239D049}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{35B0D947-26A4-4D08-9579-941BF18C396B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{3A2900C2-FEE5-49D0-8672-80483A2D9390}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3B254433-E446-469F-9B6E-DF7655A4E759}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3F09715B-B496-4DAA-BFEA-4A35CD48ADE6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{49995DA7-14C6-434E-99A2-4D7CF57E7BD9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4A085CB6-5BDB-4263-BFEF-97DAADA8165E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4B2048E7-4CAE-4268-A99C-7B8D5E7467A2}" = rport=445 | protocol=6 | dir=out | app=system | 
"{4CAD0F8B-4FFD-4050-8CDA-55C87E13A24B}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{51F0E1B8-B630-4CE0-93E5-1AC1C2CAA7CF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{56E6432D-D598-4209-81C2-A3DF36833AA9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5847164B-FC93-4DE1-AE9D-17A58C9B4FE4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{6015D025-1990-407F-8A00-8D99BCA8A1E5}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{66BE7A65-E518-4DBC-BC89-F372C0A87895}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{82457F23-5BF1-4E26-9D0E-98A7FA767F64}" = lport=139 | protocol=6 | dir=in | app=system | 
"{840990B1-B383-4980-8374-B09260702BED}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8C362C06-4A34-42F1-8EFA-7B1D662D5848}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9B55744B-30E9-4391-85A4-100C8431667B}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 | 
"{A2089DDF-2446-4BB0-BF6C-BECA231FC042}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{ADDD540A-FDB1-439C-9E4F-D4E541F54E58}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B6ABDC0E-DFC2-40B3-AD0D-89598C7C4186}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C969A80F-6D6D-415D-90E4-3E8164E9B707}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D3EB0960-87CF-4CC3-864B-4E5DF3578C2F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D6E8BD5A-20C0-4ACE-927C-B112BD397EE3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E87B6786-41B7-4454-A5C8-08F4C54F3ED3}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001A278B-60F4-4509-943C-98A261751D00}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{1101FF0E-0B21-4380-8809-686EEC6D86E3}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe | 
"{11FAD510-DB96-45B6-8069-27F619507A4D}" = protocol=6 | dir=in | app=d:\adobe\adobe flash builder 4.5\flashbuilder.exe | 
"{1A6839B3-D566-48B5-AE64-19EAFCD5BEAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1A76D7DA-D72C-47C8-87D8-5468BE72AC04}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{2102ACD5-613E-4144-B334-AA1B529ACE34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{217A7C3B-C600-4776-8950-3A744D7117B9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{2879F371-A972-4AD4-B2A1-58DC78E57EB4}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe | 
"{32FE3AFE-A4B5-408C-9921-36119D8C191C}" = protocol=6 | dir=in | app=d:\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{33857DB6-9A8D-4DA8-945A-8A80C31A0EF9}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe | 
"{39A6B622-2225-4D4A-9595-1B3B48F861BD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{3C926E51-7E6B-4A53-96E1-00C974367C2E}" = protocol=17 | dir=in | app=d:\adobe\adobe flash builder 4.5\flashbuilder.exe | 
"{44FF07C0-26BB-4D37-82BE-93FEDB021973}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4724CBC4-DC01-4C42-9650-D47E2F273C9E}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{4771B070-8224-49F1-9F1E-BC33F0C20FB7}" = protocol=6 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360.exe | 
"{53B1BEF5-3470-4693-A0D9-7FE89F4F13B2}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{5AB9FD99-3DA4-4F25-BE20-C9A7597150F0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{63AB525C-9598-4DA3-87C5-D72AD844F8F8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{67F2D250-682D-42B5-B2EF-E61B03ED3094}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{68628B17-62DF-454E-A444-1E0E803B04B0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{68F1E27D-5349-4CF1-858C-68AEE9EDD2C7}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe | 
"{75CBC72B-4904-4F46-9E19-7343DBA2E23D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{774C4F9A-36B7-4325-A42C-E0155F17B790}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{778785A9-F593-4295-8A30-F2A1CA97672F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7997DF51-55F2-4427-9921-910175E6213A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{7A821DFD-EC06-4481-8EA2-D79E00928347}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{7BDD34BD-CB58-4EF9-86D9-AAFF081D9FA9}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe | 
"{801E1A1F-BDA4-4C88-9CD8-66AF57B7DA17}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{85110866-28C1-4510-A39C-4F3626FCA6CA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{9686FF03-676A-41CE-940B-A1F5EA8CF2F2}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe | 
"{9DFA9E03-B165-4843-BF0F-52CD85D60716}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A095EF47-C7DD-4038-BAA5-3F255359B3FB}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe | 
"{A81EA846-0537-4948-8A4C-9C94250E65E0}" = protocol=17 | dir=in | app=d:\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{AA7E9782-5184-4C45-9E9D-272E35418470}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{AAB0511F-4EA4-428C-B304-2914CEFAC541}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B2459C58-B74C-4D9F-8272-C302CDAA9DD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B787D895-0956-4535-976C-80AD7C4803DE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{C42AD9E0-665B-4477-871E-A36A1A82B482}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{C74E6C83-F248-43D8-9D3F-FA6EC798E45B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{C8444583-8144-49BE-ABF5-3327C6EED6CA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D3594495-B46B-41B3-A48F-0651A3C20E6B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{D976A98A-3B9E-469B-A503-AD9570812E83}" = protocol=17 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{DB9F07DA-ACDF-4F94-A046-0A87D7F90C99}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{DF8DD2AF-285E-40B8-BBC9-4FD1B179CDDA}" = protocol=6 | dir=out | app=system | 
"{E01EE28A-0093-4C54-9A0D-BFFC53855823}" = protocol=17 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360.exe | 
"{E32FDE99-4081-4D06-A492-6B7251ABDB89}" = protocol=6 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{E7522BE8-ADDD-4C79-928B-7DEBEA5344C0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E9CEAD85-FAF8-48D6-B49F-536EE56D5966}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{EA4BDEE0-C0E9-45F2-AE33-C349D4929545}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EE54CFD7-A2BC-49E7-A28F-906D5F249AE0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F0692EE2-17AF-4D3F-B33D-802A596C0A3D}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{F20EC2D8-763A-4F69-B8AE-D7AC8DAE188D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{F87A5318-AD20-451F-9922-A08C88EE4CF8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FB61F844-E32A-4823-BDCB-AEBD51F7618F}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe | 
"{FC7B2120-C448-4816-B081-AC5B268CAD89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{28B9800A-4B87-49D8-B693-3310BCED100A}D:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=d:\starcraft\starcraft.exe | 
"TCP Query User{369D0EE6-BAF9-42BF-BF54-504D66DC5F72}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"TCP Query User{3D47DC4E-4E7E-4846-8D0D-78957D0E3D45}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{46481352-0790-4B0C-B5EE-FA6F24FE9C5B}D:\quake iii arena\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\quake iii arena\quake3\quake3.exe | 
"TCP Query User{4A37119B-9AAF-49C7-AFC9-B5F7DB2070FE}C:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe | 
"TCP Query User{64E2E9A3-5A10-4085-9609-19662DA28575}D:\quake iii arena\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\quake iii arena\quake3\quake3.exe | 
"TCP Query User{686C26E1-38E6-45B7-A96B-F9AF51E11D4A}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=6 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe | 
"TCP Query User{687D3833-D627-4A3D-BF9E-F22C66B9A25C}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=6 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe | 
"TCP Query User{6F960810-C7B6-4716-85E0-42DD213F50A9}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe | 
"TCP Query User{6FE16FFC-5FE5-4186-B001-7FFE1603D2B2}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe | 
"TCP Query User{90F713C5-7644-4E00-A4D5-DF1F6769112F}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe | 
"TCP Query User{99A82FFD-26E2-4E27-A989-3FE80EA027A1}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe | 
"TCP Query User{9C7A2B81-6AD3-452C-ABB5-FA9219F37BEA}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe | 
"TCP Query User{A9B96AD3-00C8-43F8-8732-F261DAE4A59D}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe | 
"TCP Query User{B137A988-AC3D-4BE1-A22D-525CFBBC3893}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe | 
"TCP Query User{B42A56ED-6DC7-433D-84F8-68CA56833151}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{E7CE2C31-8793-47EB-951B-DADCB3EFC72B}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"TCP Query User{EA342181-9E3D-4593-B725-A699FBD97D13}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=6 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe | 
"TCP Query User{EDAF27F8-DFEF-480C-BA37-C2F6F8394018}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=6 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe | 
"UDP Query User{01EA43CC-A1AA-4985-9D81-A78C74743EDE}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=17 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe | 
"UDP Query User{0F064ED0-3C69-4965-8669-F4C88144B096}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe | 
"UDP Query User{1A013AA6-B5EE-4CCC-9BDC-65F12D843E43}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe | 
"UDP Query User{351FBBD4-4F85-4DE3-9794-74B56DF53FD9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{4A005725-3E2E-4E6A-941C-5F0767267A7F}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe | 
"UDP Query User{63EED558-F5A9-4929-BDC4-3BFD006C6415}D:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=d:\starcraft\starcraft.exe | 
"UDP Query User{7382442F-848E-4DA7-B2F4-BACA173E8ADC}C:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe | 
"UDP Query User{7CF73CD0-58EC-41C2-A9FD-E8E13B6C64DE}D:\quake iii arena\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\quake iii arena\quake3\quake3.exe | 
"UDP Query User{82571B29-5F87-486B-9878-DB6548C718EE}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe | 
"UDP Query User{9FAC08EA-571A-4CB7-9CE6-4DC290BFE98C}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe | 
"UDP Query User{A9287615-F97D-4756-8D05-A977D024EB97}D:\quake iii arena\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\quake iii arena\quake3\quake3.exe | 
"UDP Query User{B633436C-11A3-42B3-8092-2A0BBAF277C3}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{B9FF9E07-3191-4660-813B-A38FEA4A6558}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe | 
"UDP Query User{BA893115-0395-4B78-8B97-FACA47E06EBD}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=17 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe | 
"UDP Query User{CA53C2F4-F5F1-48FB-92B4-E35EF4B34788}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"UDP Query User{CEB8286D-AB76-4872-8160-C69386257A1C}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"UDP Query User{D08225AB-A7BC-4935-BBC1-591439DACAB7}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=17 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe | 
"UDP Query User{DF7F203E-80BC-4E55-BDAB-A984547F9815}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=17 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe | 
"UDP Query User{EDBB42DD-9624-4B60-B131-E43285EE8703}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{455804F2-70A9-46BD-BEB8-957000EC20D4}" = SolidWorks eDrawings 2011 x64 Edition SP02
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{45CB0703-D49C-31B2-0DBD-FDD98D7DEF7A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F113377-0BA1-4552-9ABB-9BF220FAF132}" = SolidWorks 2011 x64 Edition SP02
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{618F0662-4BB3-4074-9E44-3B7DBCF1AB2C}" = Microsoft .NET Framework 2.0 SDK (x64) - DEU
"{64A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{8F8689D5-36FE-4BA3-AE55-6D68DE45A2B5}" = SolidWorks Flow Simulation 2011 SP02 x64 Edition 
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEF0C5DA-21C5-4FA7-AD05-5D21C525543C}" = SolidWorks 2011 x64 German Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Matlab R2012b" = MATLAB R2012b
"Microsoft .NET Framework 2.0 SDK (x64) - DEU" = Microsoft .NET Framework 2.0 SDK (x64) - DEU
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"USB_AUDIO_DEusb-audio.deRLDJIF2" = Digital Jockey - IE2
"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E8FE5BE-472B-4235-96E5-EC6463474641}" = Brother HL-2030
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = Catalyst Control Center
"{BD21728C-22C5-2D69-2F52-C4437E8FF02E}" = Catalyst Control Center InstallProxy
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.8.0
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"mmfsetup_is1" = MixMeister Fusion Demo 7.4.4
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Notepad++" = Notepad++
"Pioneer CDJ" = Pioneer CDJ Driver
"Pioneer rekordbox 2.0.1" = rekordbox 2.0.1
"SolidWorks Installation Manager 20110-40200-1100-100" = SolidWorks 2011 x64 Edition SP02
"StarCraft II" = StarCraft II
"VLC media player" = VLC media player 1.1.9
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.01.2013 07:58:59 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4040
 
Error - 15.01.2013 07:59:00 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 15.01.2013 07:59:00 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5038
 
Error - 15.01.2013 07:59:00 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5038
 
Error - 15.01.2013 07:59:02 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 15.01.2013 07:59:02 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6567
 
Error - 15.01.2013 07:59:02 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6567
 
Error - 15.01.2013 08:15:10 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 15.01.2013 08:15:10 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 974756
 
Error - 15.01.2013 08:15:10 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 974756
 
Error - 27.01.2013 11:06:59 | Computer Name = Azzi-Laptop | Source = Windows Search Service | ID = 1019
Description = 
 
Error - 15.04.2013 11:17:56 | Computer Name = Azzi-Laptop | Source = Windows Search Service | ID = 1019
Description = 
 
Error - 15.04.2013 12:27:23 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514,
 Zeitstempel: 0x4ce792c4  Name des fehlerhaften Moduls: MSI5EDA.tmp, Version: 2.0.0.9,
 Zeitstempel: 0x4d4b089c  Ausnahmecode: 0xc000000d  Fehleroffset: 0x00019d88  ID des fehlerhaften
 Prozesses: 0x518  Startzeit der fehlerhaften Anwendung: 0x01ce39f5f7b49e4d  Pfad der
 fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\Installer\MSI5EDA.tmp  Berichtskennung: 59d8a017-a5e9-11e2-b23b-bcaec506d2b8
 
Error - 15.04.2013 12:27:41 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514,
 Zeitstempel: 0x4ce792c4  Name des fehlerhaften Moduls: MSI8A80.tmp, Version: 2.0.0.9,
 Zeitstempel: 0x4d4b089c  Ausnahmecode: 0xc000000d  Fehleroffset: 0x00019d88  ID des fehlerhaften
 Prozesses: 0xef0  Startzeit der fehlerhaften Anwendung: 0x01ce39f6254b8351  Pfad der
 fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\Installer\MSI8A80.tmp  Berichtskennung: 642de343-a5e9-11e2-b23b-bcaec506d2b8
 
Error - 19.04.2013 00:33:35 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: diablo III.exe, Version: 1.0.7.15295,
 Zeitstempel: 0x51364a91  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x03beb652  ID des fehlerhaften
 Prozesses: 0x830  Startzeit der fehlerhaften Anwendung: 0x01ce3cb60f5007af  Pfad der
 fehlerhaften Anwendung: D:\Diablo III\diablo III.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 4c0bf86e-a8aa-11e2-acc6-bcaec506d2b8
 
Error - 21.04.2013 14:52:17 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: diablo III.exe, Version: 1.0.7.15295,
 Zeitstempel: 0x51364a91  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x03d29632  ID des fehlerhaften
 Prozesses: 0x1300  Startzeit der fehlerhaften Anwendung: 0x01ce3ec004f4b1ef  Pfad der
 fehlerhaften Anwendung: D:\Diablo III\diablo III.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 9661d7fd-aab4-11e2-be90-bcaec506d2b8
 
[ System Events ]
Error - 24.04.2013 01:38:45 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description = 
 
Error - 24.04.2013 06:50:21 | Computer Name = Azzi-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 24.04.2013 06:50:56 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 34001
Description = 
 
Error - 24.04.2013 06:50:56 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description = 
 
Error - 24.04.2013 12:03:57 | Computer Name = Azzi-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 24.04.2013 12:05:36 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 34001
Description = 
 
Error - 24.04.2013 12:05:36 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description = 
 
Error - 24.04.2013 12:46:32 | Computer Name = Azzi-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 24.04.2013 12:48:00 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 34001
Description = 
 
Error - 24.04.2013 12:48:00 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description = 
 
 
< End of report >
         
Ich hoffe mir kann wirklich jemand helfen!
Grüße!
__________________

Alt 24.04.2013, 21:13   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein - Standard

Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein



Code:
ATTFilter
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
         
Diese Einträge in der Hosts dienen dazu, raubkopierte (gecrackte) Software lauffähig zu machen

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein
adobe, asus, bho, bonjour, explorer, hijack, hijackthis, hotkey, html, internet, internet explorer, logfile, lsass.exe, maus, microsoft, notebook, pdf, performance, plug-in, sanduhr, security, sekunden, software, system, windows, wmp



Ähnliche Themen: Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein


  1. Windows 10 bootet nicht (Reboot and select proper boot device or insert boot media in selected boot device and press a key)
    Alles rund um Windows - 18.10.2015 (4)
  2. Windows 7 friert ein nach unbestimmter Zeit
    Alles rund um Windows - 25.06.2015 (5)
  3. Windows Vista hängt friert nach 20 min ein
    Plagegeister aller Art und deren Bekämpfung - 06.04.2015 (10)
  4. Windows 7: Boot nicht möglich; schwarzer Bildschirm mit Mauszeiger nach Windowslogo
    Log-Analyse und Auswertung - 11.11.2014 (17)
  5. Windows 7 Friert ein nach gewisser Zeit.
    Alles rund um Windows - 25.03.2014 (5)
  6. Windows bleibt gleich nach dem Boot weiss.
    Alles rund um Windows - 22.12.2013 (55)
  7. Windows XP nach dem boot vorgang bleibt der bildschirm grau
    Log-Analyse und Auswertung - 04.12.2013 (13)
  8. Trojaner: GVU - Boot Cd, Windows Vista, Notebook -startet neu,
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (5)
  9. Log Analyse - Windows friert nach Start ein
    Log-Analyse und Auswertung - 19.06.2013 (3)
  10. Comodo IS Free findet Virus in rss.exe - jetzt Windows Fehlermeldung nach Boot
    Plagegeister aller Art und deren Bekämpfung - 13.04.2013 (19)
  11. Windows 7 Taskleiste friert ein nach Start
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (36)
  12. Windows Vista RunDLL-Boot-Fehler nach Bundestrojaner-Entfernung (rty0_7z.exe)
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (18)
  13. Windows friert nach Systemstart ein.
    Log-Analyse und Auswertung - 15.01.2011 (59)
  14. Windows bootet nicht, nach Boot Sequenz Bildschirm schwarz.
    Alles rund um Windows - 07.08.2009 (0)
  15. Windows XP friert nach einiger Zeit ein.
    Alles rund um Windows - 07.04.2009 (1)
  16. Windows friert wenige Sekunden nach Start ein!
    Plagegeister aller Art und deren Bekämpfung - 18.01.2009 (11)
  17. Windows XP friert nach Start ein
    Alles rund um Windows - 10.01.2009 (1)

Zum Thema Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein - Hallo zusammen! Also wie der Titel schon sagt friert mein Notebook, nach dem es in Windows 7 64 bit bootet für ein paar Sekunden ein. Dabei kann ich noch die - Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein...
Archiv
Du betrachtest: Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.