| |
| |||||||
Alles rund um Windows: Lange BootzeitWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
10.11.2012, 14:08
| #1 |
| |  Problem: Lange Bootzeit Hallo! Zunächst mal mein System: AMD Phenom II X6 1090T 3,2GHz 8 GB Ram 1 TB Samsung HD103 SJ (AHCI-Modus) AMD Radeon HD 6870 Win7 x64 Ultimate Mein Problem: Seit einiger Zeit braucht der Rechner eine gefühlte Ewigkeit bis er einsatzbereit ist. Er bootet zunächst normal. Nach knapp 36 Sekunden bin ich bei "Bitte Warten". Nach 40 Sekunden bei "Willkommen". Das sehe ich für ca. 12 Sekunden. Sprich nach insgesamt 52 Sekunden lande ich auf dem Desktop. Bis hier hin halte ich alles für normal. Jetzt aber geht es los: Es dauert ca 40 weitere Sekunden, bis endlich mal ein Fenster öffnet (Computer, Mozilla). Zu dieser Zeit läuft der Bootvorgang also insgesamt schon ca. 1 Minute und 30 Sekunden. Von dort an kann ich mit dem Rechner zwar arbeiten, aber es ruckelt oder hängt immer mal wieder und alles läuft sehr sehr träge. Manchmal werden die Desktop-Icons, obwohl sie schon geladen waren, teilweise wieder weiß und dann kann ich ca. 15 Sekunden (oder etwas mehr...) nichts machen. Dann kommen sie langsam wieder. Erst nach insgesamt 2 Minuten und 10 Sekunden erscheint dann das letzte Icon in der Task-Leiste neben der Uhr (das AMD-Control-Center, dass dann auch erst meine dortigen Einstellungen zur Farbe usw. lädt). Bis zu diesem Punkt hört man deutlich ununterbrochene Zugriffe auf die Festplatte. Danach ist es still und die Kiste rennt völlig Problemlos über Stunden... Was ich schon getan habe: aswMBR hat sich aufgehängt bei quick scan, mit none ist es durchgelaufen und hat nix zu meckern gehabt MalwareBytes Anti Malware hat keine Malware gefunden Intivierenprogramm ist MS-Security-Essentials. Wenn ich den Echtzeitschutz ausschalte, bootet die Kiste ca. 5 Sekunden schneller. Das denke ich ist aber wohl normal. Habe zunächst manuell alles unnötige aus dem Autostart genommen (msconfig). Mit dem CCleaner hab ich die Registry gecheckt und "reapriert". Ich habe manuell Laufwerk C: entrümpelt und später auch noch mal den CCleaner rangelassen (ich shradder immer alles mit Eraser). So sind von 60,5 GB noch 25,1 frei auf C. Anschließend hab ich mit Auslogics DiskDefrag C defragmentiert. Nachdem es dann immer noch nicht wirklich besser wurde, hab ich eine zweite, nagelneue 1TB Festplatte genommen und das System mit CloneZilla gespiegelt. Dabe meckerte CloneZilla 3 defekte Sektoren auf der Original-Platte an. Nach dem Spiegeln hab ich die neue Platte nochmal durch scandisk geschickt (zur Sicherheit) und nochmal defragmentiert. All das hat nix gebracht. Auf beiden Platten gibt es keine Unterschiede. Jetzt hab ich OTL laufen lassen. Hier die Logs: OTL.TXT Code:
ATTFilter OTL logfile created on: 10.11.2012 13:14:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 5,92 Gb Available Physical Memory | 74,03% Memory free 8,39 Gb Paging File | 6,10 Gb Available in Paging File | 72,69% Paging File free Paging file location(s): c:\pagefile.sys 400 400 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 60,55 Gb Total Space | 25,12 Gb Free Space | 41,49% Space Free | Partition Type: NTFS Drive D: | 870,87 Gb Total Space | 432,18 Gb Free Space | 49,63% Space Free | Partition Type: NTFS Drive E: | 100,00 Mb Total Space | 71,61 Mb Free Space | 71,61% Space Free | Partition Type: NTFS Drive H: | 60,55 Gb Total Space | 11,85 Gb Free Space | 19,57% Space Free | Partition Type: NTFS Drive I: | 870,87 Gb Total Space | 426,04 Gb Free Space | 48,92% Space Free | Partition Type: NTFS Computer Name: ***** | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.11.10 13:11:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012.11.09 22:06:15 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe PRC - [2012.11.09 22:06:15 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugin-container.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.24 22:08:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\javaw.exe PRC - [2012.08.15 14:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2012.08.15 14:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.06.09 08:10:20 | 000,336,896 | ---- | M] (AVM Berlin) -- C:\Users\*****\AppData\Local\Apps\2.0\7JOQ3PQZ.PCM\JZQEV8KK.28E\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe PRC - [2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2011.02.23 17:42:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010.07.01 04:45:02 | 000,136,616 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe PRC - [2008.02.27 21:36:16 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\VLC-dbox2\vlc.exe ========== Modules (No Company Name) ========== MOD - [2012.11.09 22:06:15 | 002,399,712 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\mozjs.dll MOD - [2012.10.26 17:32:31 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll MOD - [2012.10.26 17:32:06 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll MOD - [2012.10.26 17:31:58 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll MOD - [2012.10.26 17:31:51 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012.10.26 17:30:54 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll MOD - [2012.10.26 17:30:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.10.26 17:30:42 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.10.26 17:30:24 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.10.26 17:30:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.10.26 17:30:20 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.10.26 17:30:17 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.06.09 08:09:56 | 000,368,640 | ---- | M] () -- C:\Users\*****\AppData\Local\Apps\2.0\7JOQ3PQZ.PCM\JZQEV8KK.28E\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.DLL MOD - [2011.07.14 13:21:10 | 002,263,552 | ---- | M] () -- C:\Program Files (x86)\VLC\libvlccore.dll MOD - [2011.07.14 13:21:10 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\VLC\libvlc.dll MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.07.14 18:58:23 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.09.28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.11.09 22:06:15 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.09 17:31:02 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.02 20:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.08.15 14:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2012.08.15 14:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2012.08.15 12:19:58 | 000,079,872 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2012.08.01 16:10:32 | 000,917,656 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.03.16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.02.23 17:42:01 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.12.14 15:17:12 | 000,128,928 | ---- | M] (Futuremark Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010.07.01 04:45:02 | 000,136,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 20:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008.02.27 21:36:16 | 000,095,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VLC-dbox2\vlc.exe -- (VLC media player) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.08.26 13:56:21 | 000,138,400 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.15 14:18:16 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2012.08.15 14:18:08 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2012.08.15 14:16:52 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2012.08.15 14:16:50 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2012.08.15 14:16:16 | 000,032,920 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2012.08.01 16:10:36 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2012.07.06 11:29:52 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2012.07.06 11:29:52 | 000,070,256 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock) DRV:64bit: - [2012.06.09 08:10:11 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio) DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.07 12:05:09 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2012.01.07 12:02:31 | 000,271,424 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.07.29 12:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2011.07.29 12:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2011.07.09 00:32:08 | 000,769,816 | ---- | M] (www.ext2fsd.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ext2fsd.sys -- (Ext2Fsd) DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.04.02 12:12:55 | 000,026,424 | --S- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DRIVER_BIN64 -- (DRIVER_B) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2010.04.27 16:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo) DRV:64bit: - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:64bit: - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2010.04.27 03:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:64bit: - [2010.04.27 03:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) DRV:64bit: - [2010.04.27 03:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:64bit: - [2007.09.17 14:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2012.08.26 13:56:21 | 000,138,400 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0) DRV - [2011.07.29 12:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011.07.29 12:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011.01.06 10:06:56 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Setup Files\Ms7599v1F0\NTIOLib_X64.sys -- (NTIOLib_1_0_6) DRV - [2010.10.22 09:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4) DRV - [2010.07.01 04:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2) DRV - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2010.05.10 09:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de-de.facebook.com/ IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 9C B5 86 A1 CE CB 01 [binary data] IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\..\SearchScopes,DefaultScope = {038BCFFD-BCCA-4C11-8005-E22AB8A64D8B} IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\..\SearchScopes\{038BCFFD-BCCA-4C11-8005-E22AB8A64D8B}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "facebook.com" FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\components [2012.11.09 22:06:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugins [2012.11.09 22:06:14 | 000,000,000 | ---D | M] [2011.02.18 10:41:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2012.09.23 11:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\3jvz8lrf.default\extensions [2012.06.22 14:24:31 | 000,109,964 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\3jvz8lrf.default\extensions\adblockpopups@jessehakanen.net.xpi [2012.07.27 18:36:37 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\3jvz8lrf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (no name) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001..\Run: [AVMUSBFernanschluss] C:\Users\*****\AppData\Local\Apps\2.0\7JOQ3PQZ.PCM\JZQEV8KK.28E\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{594C849F-261E-494B-9343-CCEC28BAA96C}: NameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F52BD77-70DC-49A4-9CF9-3DF78AB415E6}: DhcpNameServer = 7.254.254.254 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{92a6cd41-391f-11e1-8c49-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{92a6cd41-391f-11e1-8c49-806e6f6e6963}\Shell\AutoRun\command - "" = J:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.10 13:05:22 | 000,000,000 | R--D | C] -- C:\Users\*****\Videos [2012.11.09 22:06:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11 [2012.11.09 21:41:00 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes [2012.11.09 21:40:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.11.09 21:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.11.09 21:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.11.09 21:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.11.09 21:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.11.09 21:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.11.08 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\ATI [2012.11.08 18:34:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd [2012.11.07 23:55:11 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Macromedia [2012.11.07 23:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\Eraser [2012.11.07 23:31:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.10.28 23:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.10.28 23:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012.10.28 23:45:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.10.28 23:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012.10.28 22:30:43 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.10.28 22:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012.10.28 22:23:58 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Abelssoft [2012.10.28 22:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheckDrive [2012.10.28 22:23:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckDrive [2012.10.26 16:53:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2012.10.26 16:53:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2012.10.26 16:53:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2012.10.26 16:53:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2012.10.26 16:53:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2012.10.26 16:53:01 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2012.10.26 16:53:01 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2012.10.26 16:53:01 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2012.10.26 16:53:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2012.10.26 16:53:01 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2012.10.26 16:53:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2012.10.26 16:53:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012.10.26 16:53:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2012.10.26 16:53:01 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2012.10.26 16:53:01 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2012.10.26 16:53:00 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012.10.26 16:53:00 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2012.10.26 16:53:00 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012.10.26 16:53:00 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2012.10.26 16:53:00 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2012.10.26 16:53:00 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2012.10.26 16:53:00 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2012.10.26 16:53:00 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2012.10.26 16:53:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2012.10.26 16:32:28 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.10.26 16:32:26 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.10.21 16:36:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SeaTools for Windows [2012.10.20 08:58:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.10.20 08:58:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.10.20 08:58:54 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2011.02.16 14:52:40 | 000,249,856 | ---- | C] (Flo) -- C:\Program Files (x86)\TIMER.exe [9 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.10 12:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.10 12:28:33 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.10 12:28:33 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.10 12:23:43 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.11.10 12:21:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.10 12:21:45 | 2146,050,047 | -HS- | M] () -- C:\hiberfil.sys [2012.11.09 22:25:19 | 000,001,094 | ---- | M] () -- C:\Users\*****\Desktop\XMedia Recode.lnk [2012.11.09 22:23:12 | 000,002,535 | ---- | M] () -- C:\Users\*****\Desktop\Skype.lnk [2012.11.09 22:21:52 | 000,000,951 | ---- | M] () -- C:\Users\*****\Desktop\GIMP 2.lnk [2012.11.09 22:21:34 | 000,002,153 | ---- | M] () -- C:\Users\*****\Desktop\Mozilla Firefox.lnk [2012.11.08 18:53:24 | 001,621,690 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.08 18:53:24 | 000,699,570 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.08 18:53:24 | 000,654,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.08 18:53:24 | 000,149,392 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.08 18:53:24 | 000,122,346 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.28 16:55:35 | 000,001,483 | ---- | M] () -- C:\Users\*****\Desktop\vlc-dbox.lnk [2012.10.26 16:56:14 | 001,598,648 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [9 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.09 22:25:19 | 000,001,094 | ---- | C] () -- C:\Users\*****\Desktop\XMedia Recode.lnk [2012.11.09 22:25:00 | 000,000,940 | ---- | C] () -- C:\Users\*****\Desktop\Steam.lnk [2012.11.09 22:23:29 | 000,001,018 | ---- | C] () -- C:\Users\*****\Desktop\Tunngle beta.lnk [2012.11.09 22:23:12 | 000,002,535 | ---- | C] () -- C:\Users\*****\Desktop\Skype.lnk [2012.11.09 22:21:52 | 000,000,951 | ---- | C] () -- C:\Users\*****\Desktop\GIMP 2.lnk [2012.11.09 22:21:34 | 000,002,153 | ---- | C] () -- C:\Users\*****\Desktop\Mozilla Firefox.lnk [2012.11.09 22:21:00 | 000,001,211 | ---- | C] () -- C:\Users\*****\Desktop\VMware Player.lnk [2012.10.28 22:30:28 | 000,001,310 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2012.10.28 16:55:10 | 000,001,483 | ---- | C] () -- C:\Users\*****\Desktop\vlc-dbox.lnk [2012.10.03 14:59:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.06 20:38:46 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2012.04.06 20:38:46 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2012.04.06 20:38:46 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2012.04.06 20:38:46 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2012.04.06 20:38:46 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012.02.15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.02.15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.11.01 21:57:10 | 000,000,124 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.09.20 12:39:12 | 000,000,241 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2011.09.20 12:39:12 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2011.09.20 12:38:54 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.09.20 12:38:53 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.09.20 12:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.08.29 17:39:27 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\nLame.dll [2011.08.29 17:39:27 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.02.23 17:42:03 | 000,219,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.02.23 17:42:01 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.02.23 17:42:01 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.02.19 11:28:51 | 000,000,708 | ---- | C] () -- C:\Windows\wiso.ini [2011.02.18 19:17:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.02.18 19:17:08 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011.02.18 19:17:06 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.02.18 19:17:05 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.02.18 19:17:05 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.02.18 10:41:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.02.18 08:49:18 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2011.02.18 08:47:49 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI [2011.02.17 15:29:55 | 001,598,648 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.02.17 13:44:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.04.05 06:10:14 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ashampoo [2011.07.01 11:23:03 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Audacity [2011.04.04 20:50:26 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Auslogics [2012.11.09 21:14:53 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DAEMON Tools Lite [2012.11.09 21:14:53 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DAEMON Tools Pro [2012.11.10 13:02:28 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Dropbox [2011.04.18 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\elsterformular [2012.11.09 21:14:53 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\FileZilla [2012.04.27 15:59:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\gtk-2.0 [2011.07.03 19:25:49 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Haenlein-Software [2011.02.17 15:37:12 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Leadertech [2012.09.23 17:02:44 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Mp3tag [2011.04.29 15:01:03 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PC Suite [2012.11.09 22:20:55 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TeamViewer [2012.10.03 15:08:08 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Tunngle [2011.02.17 17:35:47 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Windows Live Writer [2011.08.29 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\XMedia Recode ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 10.11.2012 13:14:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,92 Gb Available Physical Memory | 74,03% Memory free
8,39 Gb Paging File | 6,10 Gb Available in Paging File | 72,69% Paging File free
Paging file location(s): c:\pagefile.sys 400 400 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,55 Gb Total Space | 25,12 Gb Free Space | 41,49% Space Free | Partition Type: NTFS
Drive D: | 870,87 Gb Total Space | 432,18 Gb Free Space | 49,63% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 71,61 Mb Free Space | 71,61% Space Free | Partition Type: NTFS
Drive H: | 60,55 Gb Total Space | 11,85 Gb Free Space | 19,57% Space Free | Partition Type: NTFS
Drive I: | 870,87 Gb Total Space | 426,04 Gb Free Space | 48,92% Space Free | Partition Type: NTFS
Computer Name: ***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{096BF204-4E28-42DD-AC66-0A1EFCBD83FF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0C88F1D6-C156-4741-90E2-39E3C6DB95E5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14F2C138-343D-4C33-9653-C08668243CC8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A9D8281-1ABF-4F82-A258-A194F7F51E08}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1B6B6CDE-3959-4C74-B1CB-2E84D77A5C1F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1E34B836-812B-48D6-A5AC-BA05A94CAB29}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2CEFE288-2EB1-409F-A554-88D04C5EC855}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3404B22A-A3C4-4CF4-9080-681005327E22}" = lport=445 | protocol=6 | dir=in | app=system |
"{3E1388AE-5094-42BE-92D7-808C70600AB1}" = lport=139 | protocol=6 | dir=in | app=system |
"{4C0E866A-0B0F-4AD9-BAFD-00FFD1779F65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C527AA6-1A58-4E40-BDAE-EB87B63A9724}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50A0B4B5-E5A4-42B8-841C-6EAAE00976DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{5D4EFAED-8715-4DD9-83DE-7A6C548B3F6C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EC58575-78E7-446B-876F-A78D5A174BC8}" = rport=138 | protocol=17 | dir=out | app=system |
"{6125434A-9FCF-4A1A-A45D-ECF529DCB7DE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6579441A-8F01-415A-90D4-9CBAADA60758}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{65DE57F2-0F7A-46F1-8C79-25F152515AAB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{77435A4F-F755-48F6-9D75-9E5B25E57791}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78D914C6-B956-4756-BD4B-4871B5A28738}" = lport=137 | protocol=17 | dir=in | app=system |
"{7B6F01FC-5602-4C5F-BA1B-61FDEC87DC37}" = rport=139 | protocol=6 | dir=out | app=system |
"{895CE7C9-F814-4EDE-A3B4-382D605AE871}" = lport=138 | protocol=17 | dir=in | app=system |
"{95B071F0-09D4-45A3-B974-6DBCF065DBFD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{979C23D0-FCC9-4E7B-B25E-80FED2A8B463}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A9744167-EE48-4F3D-A277-A00C56C79C49}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AE6B9307-8F4C-4D53-9C97-CA05D6D19642}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B9A24C15-AD86-4EC0-897A-A90070DB6082}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BD5006E8-66BA-41D3-A0D1-331B30890C3E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEA45941-333E-4271-A7B5-84528C80F39B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA08A7F2-8A41-4F5F-B5DD-A9B88679E6B0}" = rport=445 | protocol=6 | dir=out | app=system |
"{E2542DCF-56A0-4344-B7E7-20F87869D5F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E998C5D0-576F-4697-8F4F-F109BF58F80E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EA243B64-0180-4CD1-9060-00C2E0C48AAB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F33A2205-DC3C-4365-A183-97C4B634E844}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009F3DB8-68BA-429D-AA31-D16311F53F0D}" = protocol=6 | dir=in | app=d:\spiele\battlefield bad company 2\bfbc2updater.exe |
"{02B94A8A-41E9-45D2-8B3F-C185A00B10C7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2 demo\trine2_launcher.exe |
"{04D6063C-83FA-4E07-B07A-CD179189ECB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{07894827-0078-447B-A93E-237C1F51C4ED}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{09377013-3A12-4870-92CE-B3B61C3410E4}" = protocol=17 | dir=in | app=d:\spiele\racedriver grid\grid.exe |
"{09B9C121-2FFD-460E-A554-5FFABC7015D9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0B0C0CCD-379D-4786-88F8-A794EDC0A0BD}" = protocol=6 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4mp.dat |
"{0B6993ED-0800-4C03-9B52-10FD95140B66}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{138AC253-F261-4078-BD43-4D5CCD8909B6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1540BF24-7DD7-45EB-B297-EE83AE09DD90}" = protocol=17 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iwnetserver.exe |
"{167489A5-0B1D-4B46-9859-5AF46324AEC5}" = protocol=6 | dir=in | app=c:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe |
"{185785EC-65B7-429A-A365-738899B69399}" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"{1BF7A946-38A2-4CEF-9DB1-48FCA9302323}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{1D7F2A37-A26F-4E9A-B963-76B98C0FBA89}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2 demo\trine2_launcher.exe |
"{1E8693C6-A845-4629-B4BA-045BB457B7AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22F6162B-EA43-4BF7-94D5-90548801312C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23DBFC98-EC96-4C23-9310-55B0AB445CAC}" = protocol=6 | dir=out | app=system |
"{266B2E3D-0716-421F-83FE-FCCDA6B6ED9D}" = protocol=17 | dir=in | app=d:\spiele\operation flashpoint - dragon rising\ofdr.exe |
"{285DE3C6-C91F-474D-837F-EF1EBEB86BEF}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{2C9DD07F-A644-4B81-93CB-60E64810D403}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{32FB0DBA-9DAD-47D6-9478-AA6DF4793945}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{348391BB-8028-4535-AACF-1FD666A12F75}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3491CF22-F1E9-4A3D-A8D1-2AD98BB6C423}" = protocol=17 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4m.exe |
"{39914E8C-9C7A-4364-B3C5-C0C515948AFD}" = protocol=6 | dir=in | app=c:\users\*****\appdata\local\apps\2.0\7joq3pqz.pcm\jzqev8kk.28e\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{3E56C5B5-2DE4-469E-9F6D-6B40F1DAC5C6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43103FE3-5732-4694-9F48-7D65B8184E87}" = protocol=6 | dir=in | app=d:\spiele\f1 2012\f1_2012.exe |
"{44094F5B-B65A-49EC-983E-0BF7D9D9DACF}" = protocol=17 | dir=in | app=d:\spiele\f1 2011\f1_2011.exe |
"{47C054E4-8775-4A37-89AA-E713C793D4E9}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{48FDA24F-04D2-434F-B61D-88EDD1394AEC}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{4D3211CD-1E3D-4301-AB86-96E504C7F061}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4EFF37D8-1CED-4B31-B6E7-70FAF1DA0C4B}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{523C6548-D32F-4EB4-B05F-F7E433EFE741}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{54F3EA19-0DA9-41F8-8AE2-A0E68F5A1C85}" = protocol=17 | dir=in | app=c:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe |
"{59F92DAD-990E-44FA-9643-967F1CD903DB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{5D205058-08A5-47F3-959D-B53A8388408F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{5E49B784-0FC0-4991-8C22-27BB1330ABA5}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{5FA4BEDA-7361-4205-8411-9618532920B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA5D036-F091-4FE6-A8DA-B954E3F35C28}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{66E71B5B-41CB-4E0E-BDAE-0CA50ACA7218}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6708967C-179F-41F9-9802-BFD2A6D73AE3}" = protocol=6 | dir=in | app=d:\spiele\f1 2011\f1_2011.exe |
"{672F2CDA-76C8-4F8E-8B15-0AE32F7F5017}" = protocol=6 | dir=in | app=d:\spiele\operation flashpoint - dragon rising\ofdr.exe |
"{68C56752-6AAA-4AFF-9EF4-81FD810178F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68DC01A3-0CBF-4326-AF89-F97141B96783}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{68DFA506-FF84-49CE-8D40-6B6B5B152881}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6A43D493-6F02-4798-9AE4-BEA934516BB1}" = protocol=17 | dir=in | app=c:\users\*****\appdata\local\apps\2.0\7joq3pqz.pcm\jzqev8kk.28e\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{6A5EC238-C5D5-4B9D-A5F8-DDDC8FC72A1A}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{6FD01F7C-6010-48C2-9C3A-BF340842179E}" = protocol=6 | dir=in | app=d:\spiele\racedriver grid\grid.exe |
"{70AC04A6-DDFF-42C6-883B-BBA931E2A422}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7637CC1E-7A18-4357-B6C5-67E0999103DC}" = dir=in | app=%programfiles% (x86)\vlc-dbox2\vlc.exe |
"{7C196ABA-F73D-43BC-882E-BF6C07B6A384}" = protocol=17 | dir=in | app=d:\spiele\f1 2012\f1_2012.exe |
"{7CE9E5E6-DE0D-4B41-A8ED-0D9F0EA38150}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{82DA561A-3071-468A-8FE3-EE433E1AEC6C}" = protocol=6 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iwnetserver.exe |
"{8621EFA8-E973-42A2-A90A-337C994AC87A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8936786B-9B84-429F-8D32-98DF37DC905C}" = protocol=17 | dir=in | app=d:\spiele\battlefield bad company 2\bfbc2updater.exe |
"{8DF94145-49DB-4919-908F-C05CF6BF74F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{901EBE68-C2CB-476D-BDFD-B10A6EA2FFB0}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{91BC8861-D25B-4396-B0BC-BD918E99D5D6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{922B5045-4189-45AD-A65C-75C98B9062B4}" = protocol=17 | dir=in | app=c:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe |
"{9533267B-A99D-423F-ACE5-892B5CD145BA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{99414101-5916-4710-AA60-DF4A5BE09615}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{9970F095-7F49-42BA-B4B0-5FC5DD653867}" = protocol=17 | dir=in | app=d:\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"{9D5CB668-4623-4F81-B81E-8020B4E8ADAB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A0AA4A9A-2380-493D-B831-33BFFC9A70FB}" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"{AFB528BF-B9AE-4D34-8303-BFCD26A15E97}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{B23BD7D0-1E62-4323-A7ED-37C913EF4E3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B3389090-FC3D-4DC8-B0E8-E8971D01C0A0}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{B57E1CB7-D959-4731-9B70-583867DE49B5}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{B5BC87A8-A9D9-49AA-83A3-F7EE3C790F06}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{B89FD3EA-F1B1-4B64-9B29-E96285FB7E34}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BEEBC41B-9BFA-4D4D-9F0D-864235B19C92}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{BFDE4C29-F7E8-441D-BABC-CE44C7FB3EA2}" = dir=out | app=%programfiles% (x86)\vlc-dbox2\vlc.exe |
"{C037A6A1-F728-4A88-B6CD-58F7FB8612E7}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{C1CBA4FC-26D0-4C48-A487-6B0CEEBAB815}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{C1F1324B-A450-4ACB-BCFD-6631B315CB35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{C339C7E6-9923-47BE-83CB-FBE030423D80}" = protocol=6 | dir=in | app=c:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe |
"{CBD057DA-3E17-4397-9624-8CD107F525A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D475882B-CDE7-4050-BC85-2A5F8B7E4421}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{DBFBAE87-ED2E-4C8A-868B-2598D7985E03}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{E2EA82A4-2873-49B6-97C2-E0F266EDED1E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E55EF1C5-92DE-48B6-8679-379E1C42E48E}" = protocol=6 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4m.exe |
"{E87D8385-30D5-4A13-93E6-88647473B77E}" = protocol=17 | dir=in | app=c:\users\*****\appdata\local\apps\2.0\7joq3pqz.pcm\jzqev8kk.28e\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{EF99F6F3-A70F-43E5-B17B-F5B4649F3576}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{F0066DEB-F5F6-4C25-B6DE-79E4A37C64F0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F0E8AC78-22F6-47A5-9C99-E224AE36AC5B}" = protocol=17 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4mp.dat |
"{F516B672-AE6C-49BF-9903-74C3F7EE6959}" = protocol=6 | dir=in | app=c:\users\*****\appdata\local\apps\2.0\7joq3pqz.pcm\jzqev8kk.28e\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{FFBB2D23-41CB-44B0-9B3C-19D83659BD49}" = protocol=6 | dir=in | app=d:\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{3617657B-A06B-4DF1-A32F-AD528F9D0E17}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{36E28815-4485-4886-87C9-629F261209D0}D:\spiele\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\spiele\fifa 12\game\fifa.exe |
"TCP Query User{3D30AB19-94EC-4508-A874-C0F8468E0FFD}D:\spiele\call of duty 6 - modern warfare 2\iw4m.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4m.exe |
"TCP Query User{64BD6DCC-172E-44B9-AE34-36E40BE6DE0B}D:\spiele\call of duty 6 - modern warfare 2\iw4mp.dat" = protocol=6 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4mp.dat |
"TCP Query User{68AA07E0-627A-46BE-9A07-49079DE5EBF6}C:\program files (x86)\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vlc\vlc.exe |
"TCP Query User{753545B8-B89D-4EC8-92F9-B56D7BFE8915}D:\tv\freetz\7170\7170 recovr.exe" = protocol=6 | dir=in | app=d:\tv\freetz\7170\7170 recovr.exe |
"TCP Query User{82F026EC-E9E2-4F86-A9CF-305D372E849B}C:\program files (x86)\vlc-dbox2\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vlc-dbox2\vlc.exe |
"TCP Query User{9C18F48D-E508-49A3-BEA7-147A09C9F42C}D:\spiele\call of duty 7 - black ops\blackops.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 7 - black ops\blackops.exe |
"TCP Query User{B3C284D9-64F7-4775-BA2E-951F0F89782B}C:\program files (x86)\mozilla firefox 4.0 beta 11\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 11\plugin-container.exe |
"TCP Query User{C3A2793C-01C0-4BEE-8A9C-4AAB1121E4DD}D:\spiele\f1 2012\f1_2012.exe" = protocol=6 | dir=in | app=d:\spiele\f1 2012\f1_2012.exe |
"TCP Query User{DAC6A131-066A-4984-9813-71CE9FC1C787}D:\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{F16F65B0-07BB-455E-B6D5-653FAA83E6F2}D:\spiele\call of duty 6 - modern warfare 2\iwnetserver.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iwnetserver.exe |
"TCP Query User{FB45D4D7-67A4-462E-938E-96B1E66681DE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{FCDBCFDC-53ED-4CF7-941C-0D00CAB6F85E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{09A210BF-8B28-434F-94F8-B8C8E245791D}D:\spiele\call of duty 6 - modern warfare 2\iw4m.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4m.exe |
"UDP Query User{1182BBA7-5360-4CD9-9714-8B88CD63FDC3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{1C059B08-DDA6-4E87-B5CD-2EBBA4851C12}D:\tv\freetz\7170\7170 recovr.exe" = protocol=17 | dir=in | app=d:\tv\freetz\7170\7170 recovr.exe |
"UDP Query User{21F029BF-E671-4E31-B872-8E8AF5156405}C:\program files (x86)\vlc-dbox2\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vlc-dbox2\vlc.exe |
"UDP Query User{2FFAA51D-A598-4220-8480-C3B331219BFB}D:\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{4718FF89-A3F7-4326-8438-F52235E2D8C2}C:\program files (x86)\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vlc\vlc.exe |
"UDP Query User{62D71F2E-17D8-40E3-9F0E-6EF9E906C813}D:\spiele\call of duty 7 - black ops\blackops.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 7 - black ops\blackops.exe |
"UDP Query User{70535787-AA17-4B71-8C6E-71C73B5650FB}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{721D12F5-5C55-46A3-915E-915645B5B366}D:\spiele\call of duty 6 - modern warfare 2\iw4mp.dat" = protocol=17 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iw4mp.dat |
"UDP Query User{85E92E02-7AB7-4CC4-8F02-1E38A6A045A2}C:\program files (x86)\mozilla firefox 4.0 beta 11\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 11\plugin-container.exe |
"UDP Query User{A49893A1-2499-41F6-A6E1-4498C988F7C8}D:\spiele\call of duty 6 - modern warfare 2\iwnetserver.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 6 - modern warfare 2\iwnetserver.exe |
"UDP Query User{B35B66BD-B713-4970-BEDD-AA2F5259CB11}D:\spiele\f1 2012\f1_2012.exe" = protocol=17 | dir=in | app=d:\spiele\f1 2012\f1_2012.exe |
"UDP Query User{B98A8ED6-F953-44BD-AB4B-37F9A99F276B}D:\spiele\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\spiele\fifa 12\game\fifa.exe |
"UDP Query User{C15F82E3-7544-4CBD-83F1-B221B823F1EC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders
"{3AB49270-1A18-D672-48AA-74F211D18B67}" = AMD Fuel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB}" = AMD Drag and Drop Transcoding
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMwarePlayer_x64
"{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"Ext2Fsd_is1" = Ext2Fsd 0.51
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"sp6" = Logitech SetPoint 6.32
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{38AFE2B1-19DB-432A-BA4A-410BFBA78DCE}" = DVD-Cover Printmaster 1.4
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018402}" = F1 2010
"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"{434D0FA1-A4CC-401A-9E74-621000028101}" = F1 2011
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}" = AMD OverDrive
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = AMD VISION Engine Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite MFC-260C
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1" = Hydrogen 0.9.6 preview release for windows
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1" = CheckDrive
"{BD60F72D-3F2F-4AE1-9C41-3CF75B2CA59A}" = DVR-Studio Pro 2
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.2.5
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"Ashampoo Burning Studio 7_is1" = Ashampoo Burning Studio 7.10
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DAEMON Tools Pro" = DAEMON Tools Pro
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.1 Home Edition
"F1 2012_is1" = F1 2012
"Fifa 12 (c) Electronic Arts_is1" = Fifa 12 (c) Electronic Arts version 1
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 2.90
"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"PunkBusterSvc" = PunkBuster Services
"ST6UNST #1" = DVD-Cover v.1.5.1.6
"Steam App 204260" = Trine 2 Demo
"Stockcar Sim Series 2012" = Stockcar Sim Series 2012
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Tunngle beta_is1" = Tunngle beta
"Universal Extractor_is1" = Universal Extractor 1.6.1
"VirtualDubMod 1.5.4.11.5.4.1" = VirtualDubMod 1.5.4.1
"VLC media player" = VideoLAN VLC media player 0.8.6e
"VMware_Player" = VMware Player
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3028256280-3325482936-3710690060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:00 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:01 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:13 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 28.04.2012 08:18:13 | Computer Name = ***** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ System Events ]
Error - 08.11.2012 14:54:53 | Computer Name = ***** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
VLC media player erreicht.
Error - 08.11.2012 14:59:14 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 09.11.2012 16:00:37 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 09.11.2012 17:10:39 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 09.11.2012 17:18:54 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 09.11.2012 18:01:40 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 09.11.2012 18:02:42 | Computer Name = ***** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft-Netzwerkinspektion erreicht.
Error - 09.11.2012 18:02:42 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Microsoft-Netzwerkinspektion" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 09.11.2012 18:02:43 | Computer Name = ***** | Source = Microsoft Antimalware | ID = 3002
Description = Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt
Feature:
%%886 Fehlercode: 0x8007041d Fehlerbeschreibung: Der Dienst antwortete nicht rechtzeitig
auf die Start- oder Steuerungsanforderung. Grund: %%892
Error - 10.11.2012 07:21:58 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
 |
| Themen zu Lange Bootzeit |
| bho, black, computer, document, eraser, error, excel, fehler, firefox, flash player, helper, hängt, iexplore.exe, install.exe, jdownloader, kis, langsam, laufwerk c, logfile, mozilla, mp3, msvcrt, plug-in, problem, programm, realtek, registry, rundll, scan, sekunden, shradder, svchost.exe, system, windows |
Lange Bootzeit
Baum-Darstellung