| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 Notebook friert nach Windows boot für 30-60sekunden einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.04.2013, 16:51
| #1 |
| |  Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein Hallo zusammen! Also wie der Titel schon sagt friert mein Notebook, nach dem es in Windows 7 64 bit bootet für ein paar Sekunden ein. Dabei kann ich noch die Maus bewegen jedoch erscheint die Sanduhr und der Explorer sowie das System geben keine Rückmeldung. Sobald das einfreieren vorbei ist habe ich erstmal Ruhe bis ich das Notebook neustarte. Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:42:03, on 23.04.2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe D:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [Google Update] "C:\Users\Azzi\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - hxxp://support.asus.de/common/asusTek_sys_ctrl.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - D:\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Solver for Flow Simulation 2011 - Mentor Graphics Corporation - D:\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9880 bytes Liebe Grüße |
|
24.04.2013, 14:01
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein  Lesestoff:Bitte keine Hijackthis-Logfiles posten!!! Zitat:
__________________ |
|
24.04.2013, 18:14
| #3 |
| | Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein So hier die neuen Logfiles mit OTL:
__________________Code:
ATTFilter OTL logfile created on: 24.04.2013 18:51:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 71,14% Memory free 7,71 Gb Paging File | 6,66 Gb Available in Paging File | 86,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,52 Gb Total Space | 10,98 Gb Free Space | 14,73% Space Free | Partition Type: NTFS Drive D: | 204,03 Gb Total Space | 120,26 Gb Free Space | 58,94% Space Free | Partition Type: NTFS Drive E: | 7,40 Gb Total Space | 6,16 Gb Free Space | 83,22% Space Free | Partition Type: FAT32 Computer Name: AZZI-LAPTOP | User Name: Azzi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) PRC - D:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - D:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (CoordinatorServiceHost) -- D:\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.) SRV - (Remote Solver for Flow Simulation 2011) -- D:\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe (Mentor Graphics Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (MAUSBFASTTRACK) -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys (Avid Technology, Inc.) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (JME) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (bcd3000) -- C:\Windows\SysNative\drivers\bcd3000_x64.sys (Behringer) DRV:64bit: - (bcd3000wdm) -- C:\Windows\SysNative\drivers\bcd3000wdm_x64.sys (Behringer) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (MAUSBMICRO) -- C:\Windows\SysNative\drivers\MAudioMicro.sys (Avid Technology, Inc.) DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS) DRV:64bit: - (RL_DJIFIE2_USB) -- C:\Windows\SysNative\drivers\rldjif2u.sys (Ploytec GmbH) DRV:64bit: - (RL_DJIFIE2_WDM) -- C:\Windows\SysNative\drivers\rldjif2a.sys (Ploytec GmbH) DRV:64bit: - (RL_DJIFIE2_MIDI) -- C:\Windows\SysNative\drivers\rldjif2m.sys (Ploytec GmbH) DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.) DRV:64bit: - (camfilt2) -- C:\Windows\SysNative\drivers\camfilt2.sys (Guillemot Corporation) DRV:64bit: - (OM0530) -- C:\Windows\SysNative\drivers\ov530vx.sys (OmniVision Technology Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 3C C5 AC DA AA CB 01 [binary data] IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..\SearchScopes,DefaultScope = {5B09AC6F-83A1-4520-BBE1-CDA195067BB4} IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..\SearchScopes\{5B09AC6F-83A1-4520-BBE1-CDA195067BB4}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Azzi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Azzi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.10.15 15:27:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.09.27 17:01:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.30 22:57:30 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://google.de/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Azzi\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Azzi\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Azzi\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Enabled) = D:\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\ CHR - Extension: YouTube = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\ CHR - Extension: Google Mail = C:\Users\Azzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2011.10.15 13:29:04 | 000,001,230 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-343234313-4265166236-2536907646-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71D945F1-9714-4607-B693-52471E5532D3}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{13d4e3b9-9615-11e1-bf51-d8156f1cae48}\Shell - "" = AutoRun O33 - MountPoints2\{13d4e3b9-9615-11e1-bf51-d8156f1cae48}\Shell\AutoRun\command - "" = F:\MonopolyPBInstall.exe O33 - MountPoints2\{679fc13a-a0e4-11e1-8b92-ee24d9837b48}\Shell - "" = AutoRun O33 - MountPoints2\{679fc13a-a0e4-11e1-8b92-ee24d9837b48}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{d43f7276-d358-11e1-8554-ee5373723d4d}\Shell - "" = AutoRun O33 - MountPoints2\{d43f7276-d358-11e1-8554-ee5373723d4d}\Shell\AutoRun\command - "" = G:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.23 20:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.04.23 20:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.04.23 20:28:41 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.04.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Users\Azzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013.04.23 17:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2013.04.15 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\Azzi\Documents\Diablo III [2013.04.15 18:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.04.15 18:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013.04.15 18:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.04.15 18:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.04.15 18:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.04.15 18:28:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2013.04.15 18:02:55 | 000,000,000 | ---D | C] -- C:\Users\Azzi\Desktop\Rush4x_D3 [2013.04.15 16:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III ========== Files - Modified Within 30 Days ========== [2013.04.24 18:52:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.24 18:52:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.24 18:49:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-343234313-4265166236-2536907646-1000UA.job [2013.04.24 18:49:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.24 18:48:56 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job [2013.04.24 18:46:39 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.24 18:46:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.24 18:46:08 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys [2013.04.24 18:45:14 | 000,000,020 | ---- | M] () -- C:\Users\Azzi\defogger_reenable [2013.04.23 20:30:42 | 000,177,696 | ---- | M] () -- C:\Users\Azzi\Documents\923539_320984924698028_410596023_n.jpg [2013.04.23 18:04:51 | 000,000,096 | ---- | M] () -- C:\Users\Azzi\Desktop\Plagegeister aller Art und deren Bekämpfung - Trojaner-Board.url [2013.04.23 17:40:48 | 000,002,971 | ---- | M] () -- C:\Users\Azzi\Desktop\HiJackThis.lnk [2013.04.23 16:49:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-343234313-4265166236-2536907646-1000Core.job [2013.04.15 21:25:25 | 000,007,607 | ---- | M] () -- C:\Users\Azzi\AppData\Local\Resmon.ResmonCfg [2013.04.15 18:47:26 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.15 18:47:26 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.15 18:47:26 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.15 18:47:26 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.15 18:47:26 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.15 18:41:05 | 004,988,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.15 16:36:02 | 000,000,655 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk [2013.04.06 18:58:49 | 000,000,269 | ---- | M] () -- C:\Windows\Brownie.ini ========== Files Created - No Company Name ========== [2013.04.24 18:45:14 | 000,000,020 | ---- | C] () -- C:\Users\Azzi\defogger_reenable [2013.04.23 20:30:39 | 000,177,696 | ---- | C] () -- C:\Users\Azzi\Documents\923539_320984924698028_410596023_n.jpg [2013.04.23 18:04:51 | 000,000,096 | ---- | C] () -- C:\Users\Azzi\Desktop\Plagegeister aller Art und deren Bekämpfung - Trojaner-Board.url [2013.04.23 17:40:48 | 000,002,971 | ---- | C] () -- C:\Users\Azzi\Desktop\HiJackThis.lnk [2013.04.15 16:35:44 | 000,000,655 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk [2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.03.16 17:35:02 | 000,117,660 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012.02.07 16:14:52 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.01.31 14:01:23 | 000,000,132 | ---- | C] () -- C:\Users\Azzi\AppData\Roaming\Adobe GIF Format CS5 Prefs [2012.01.26 18:22:57 | 000,000,000 | ---- | C] () -- C:\Users\Azzi\AppData\Local\Temptable.xml [2012.01.09 17:06:59 | 000,000,132 | ---- | C] () -- C:\Users\Azzi\AppData\Roaming\Adobe BMP Format CS5 Prefs [2012.01.02 14:11:02 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI [2011.12.25 00:18:22 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll [2011.10.30 23:13:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.10.30 23:13:16 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011.10.30 23:13:13 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.10.30 23:13:13 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.10.30 23:13:13 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.10.15 18:04:07 | 000,000,632 | ---- | C] () -- C:\Windows\Qiii.INI [2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.08.17 13:15:37 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI [2011.08.15 19:12:09 | 000,000,000 | ---- | C] () -- C:\Windows\scummvm.ini [2011.06.12 15:55:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.01.07 11:18:24 | 000,007,607 | ---- | C] () -- C:\Users\Azzi\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.01.06 14:34:28 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Ableton [2012.01.19 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Audacity [2012.06.19 11:08:16 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Blender Foundation [2012.01.02 16:52:13 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Canneverbe Limited [2011.07.27 14:24:07 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.10.15 15:04:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.10.15 14:38:16 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\com.adobe.dmp.contentviewer [2011.10.12 20:18:23 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.11.12 02:53:17 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Daichi [2012.01.02 14:08:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\DassaultSystemes [2012.12.13 09:38:04 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Digidesign [2012.01.28 20:29:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\DVDVideoSoft [2012.04.13 18:43:05 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\EDrawings [2011.11.27 14:35:07 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\GetRightToGo [2011.03.06 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\GlarySoft [2011.12.30 02:01:53 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\IrfanView [2012.12.04 21:04:12 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Leadertech [2012.11.03 22:18:50 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\LolClient [2012.01.31 15:31:56 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Luxology [2011.08.28 14:13:08 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\MAGIX [2012.11.16 11:37:17 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\MediaMonkey [2011.12.13 21:37:36 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Notepad++ [2011.01.04 17:55:22 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\OpenOffice.org [2012.12.04 20:54:08 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\PACE Anti-Piracy [2012.11.04 18:03:56 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Pioneer [2012.11.29 16:27:30 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\PioneerLog [2011.07.13 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Publish Providers [2012.03.14 17:31:56 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\redsn0w [2011.11.20 18:09:12 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\smc [2011.03.06 23:31:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.11.19 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\Subversion [2013.02.07 19:19:35 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\TeamViewer [2011.08.19 23:11:10 | 000,000,000 | ---D | M] -- C:\Users\Azzi\AppData\Roaming\TIPP10 ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 1276 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:ekjD4Zwuzg1M4NvAAJLSYJmNmIMIm @Alternate Data Stream - 1248 bytes -> C:\Users\Azzi\AppData\Local\Yh3Gil1YsDPGUe:dnTujyUSadLU8G5YDMoWWzjd @Alternate Data Stream - 1248 bytes -> C:\ProgramData\Microsoft:cKj6LifAbX04r7ubbebr @Alternate Data Stream - 1246 bytes -> C:\ProgramData\Microsoft:gHfua40KvIEnrX3AB @Alternate Data Stream - 1221 bytes -> C:\ProgramData\Microsoft:H5dVPcFQdHkJaJXMSQ @Alternate Data Stream - 1185 bytes -> C:\ProgramData\Microsoft:NXTK9qkha38x2kSbfDNL3X @Alternate Data Stream - 1183 bytes -> C:\Program Files\Common Files\System:s956ZFYMpXxBdfc6boi6q1C @Alternate Data Stream - 1179 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:YvHwDcwksllS55h7HEUo5PGHg @Alternate Data Stream - 1169 bytes -> C:\ProgramData\Microsoft:6GDq5zHqtFfKCTZqi @Alternate Data Stream - 1166 bytes -> C:\ProgramData\Microsoft:GpLTBww8K4aQoDSTzn2e @Alternate Data Stream - 1164 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:eFKlgV2avryTjc7PdvoqSO1ivUau @Alternate Data Stream - 1150 bytes -> C:\ProgramData\Microsoft:04g2RXCtoZ2Xwh6JhWTA @Alternate Data Stream - 1140 bytes -> C:\ProgramData\Microsoft:sLmqNOcLYqm4cxrC1ttakl0D @Alternate Data Stream - 1135 bytes -> C:\Users\Azzi\AppData\Local\NlTkdimrUdoor:rlUGdBvA3Pz4w5qdwkQR @Alternate Data Stream - 1129 bytes -> C:\Users\Azzi\AppData\Local\Temp:YDyQ4HvYlS6rbcxnyolZ9vj @Alternate Data Stream - 1120 bytes -> C:\ProgramData\Microsoft:Hn2wgfOXrJy2KnfO1VfCTcw @Alternate Data Stream - 1087 bytes -> C:\ProgramData\Microsoft:tv9TauDnesKLh95h1N @Alternate Data Stream - 1057 bytes -> C:\ProgramData\Microsoft:RHqX8DyjRhwntKtCOogLquA @Alternate Data Stream - 1025 bytes -> C:\Program Files\Common Files\System:Dv2sBIwXO6q9iZSZ9dIuHp < End of report > Code:
ATTFilter OTL Extras logfile created on: 24.04.2013 18:51:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 71,14% Memory free
7,71 Gb Paging File | 6,66 Gb Available in Paging File | 86,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 10,98 Gb Free Space | 14,73% Space Free | Partition Type: NTFS
Drive D: | 204,03 Gb Total Space | 120,26 Gb Free Space | 58,94% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 6,16 Gb Free Space | 83,22% Space Free | Partition Type: FAT32
Computer Name: AZZI-LAPTOP | User Name: Azzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD8A60A-16CD-4F1D-8A7D-3F7286AB3721}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B0B0EC6-A02F-4201-A2F5-C47AD13AF101}" = rport=139 | protocol=6 | dir=out | app=system |
"{13105250-A6D5-41CE-A22E-AB7688F0FBFD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1795A599-BFA0-41B8-92D1-64B3D7F2AB37}" = lport=138 | protocol=17 | dir=in | app=system |
"{18AD4933-7AC9-4476-AA8B-1661555E9571}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B487A76-25D7-430A-95B5-8232B587737B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{259B55C2-368A-4CEA-8A02-78D529452FBF}" = rport=137 | protocol=17 | dir=out | app=system |
"{2F094B8A-77E9-4F5D-97D2-61581239D049}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{35B0D947-26A4-4D08-9579-941BF18C396B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3A2900C2-FEE5-49D0-8672-80483A2D9390}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B254433-E446-469F-9B6E-DF7655A4E759}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F09715B-B496-4DAA-BFEA-4A35CD48ADE6}" = lport=137 | protocol=17 | dir=in | app=system |
"{49995DA7-14C6-434E-99A2-4D7CF57E7BD9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4A085CB6-5BDB-4263-BFEF-97DAADA8165E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B2048E7-4CAE-4268-A99C-7B8D5E7467A2}" = rport=445 | protocol=6 | dir=out | app=system |
"{4CAD0F8B-4FFD-4050-8CDA-55C87E13A24B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{51F0E1B8-B630-4CE0-93E5-1AC1C2CAA7CF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56E6432D-D598-4209-81C2-A3DF36833AA9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5847164B-FC93-4DE1-AE9D-17A58C9B4FE4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6015D025-1990-407F-8A00-8D99BCA8A1E5}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{66BE7A65-E518-4DBC-BC89-F372C0A87895}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82457F23-5BF1-4E26-9D0E-98A7FA767F64}" = lport=139 | protocol=6 | dir=in | app=system |
"{840990B1-B383-4980-8374-B09260702BED}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C362C06-4A34-42F1-8EFA-7B1D662D5848}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{9B55744B-30E9-4391-85A4-100C8431667B}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{A2089DDF-2446-4BB0-BF6C-BECA231FC042}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ADDD540A-FDB1-439C-9E4F-D4E541F54E58}" = lport=445 | protocol=6 | dir=in | app=system |
"{B6ABDC0E-DFC2-40B3-AD0D-89598C7C4186}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C969A80F-6D6D-415D-90E4-3E8164E9B707}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D3EB0960-87CF-4CC3-864B-4E5DF3578C2F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6E8BD5A-20C0-4ACE-927C-B112BD397EE3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E87B6786-41B7-4454-A5C8-08F4C54F3ED3}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001A278B-60F4-4509-943C-98A261751D00}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1101FF0E-0B21-4380-8809-686EEC6D86E3}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{11FAD510-DB96-45B6-8069-27F619507A4D}" = protocol=6 | dir=in | app=d:\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{1A6839B3-D566-48B5-AE64-19EAFCD5BEAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A76D7DA-D72C-47C8-87D8-5468BE72AC04}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2102ACD5-613E-4144-B334-AA1B529ACE34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{217A7C3B-C600-4776-8950-3A744D7117B9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2879F371-A972-4AD4-B2A1-58DC78E57EB4}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{32FE3AFE-A4B5-408C-9921-36119D8C191C}" = protocol=6 | dir=in | app=d:\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{33857DB6-9A8D-4DA8-945A-8A80C31A0EF9}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"{39A6B622-2225-4D4A-9595-1B3B48F861BD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{3C926E51-7E6B-4A53-96E1-00C974367C2E}" = protocol=17 | dir=in | app=d:\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{44FF07C0-26BB-4D37-82BE-93FEDB021973}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4724CBC4-DC01-4C42-9650-D47E2F273C9E}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{4771B070-8224-49F1-9F1E-BC33F0C20FB7}" = protocol=6 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360.exe |
"{53B1BEF5-3470-4693-A0D9-7FE89F4F13B2}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5AB9FD99-3DA4-4F25-BE20-C9A7597150F0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{63AB525C-9598-4DA3-87C5-D72AD844F8F8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{67F2D250-682D-42B5-B2EF-E61B03ED3094}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{68628B17-62DF-454E-A444-1E0E803B04B0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{68F1E27D-5349-4CF1-858C-68AEE9EDD2C7}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"{75CBC72B-4904-4F46-9E19-7343DBA2E23D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{774C4F9A-36B7-4325-A42C-E0155F17B790}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{778785A9-F593-4295-8A30-F2A1CA97672F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7997DF51-55F2-4427-9921-910175E6213A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{7A821DFD-EC06-4481-8EA2-D79E00928347}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{7BDD34BD-CB58-4EF9-86D9-AAFF081D9FA9}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{801E1A1F-BDA4-4C88-9CD8-66AF57B7DA17}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{85110866-28C1-4510-A39C-4F3626FCA6CA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9686FF03-676A-41CE-940B-A1F5EA8CF2F2}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{9DFA9E03-B165-4843-BF0F-52CD85D60716}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A095EF47-C7DD-4038-BAA5-3F255359B3FB}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{A81EA846-0537-4948-8A4C-9C94250E65E0}" = protocol=17 | dir=in | app=d:\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{AA7E9782-5184-4C45-9E9D-272E35418470}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AAB0511F-4EA4-428C-B304-2914CEFAC541}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B2459C58-B74C-4D9F-8272-C302CDAA9DD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B787D895-0956-4535-976C-80AD7C4803DE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{C42AD9E0-665B-4477-871E-A36A1A82B482}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{C74E6C83-F248-43D8-9D3F-FA6EC798E45B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8444583-8144-49BE-ABF5-3327C6EED6CA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3594495-B46B-41B3-A48F-0651A3C20E6B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{D976A98A-3B9E-469B-A503-AD9570812E83}" = protocol=17 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360_cl.exe |
"{DB9F07DA-ACDF-4F94-A046-0A87D7F90C99}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{DF8DD2AF-285E-40B8-BBC9-4FD1B179CDDA}" = protocol=6 | dir=out | app=system |
"{E01EE28A-0093-4C54-9A0D-BFFC53855823}" = protocol=17 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360.exe |
"{E32FDE99-4081-4D06-A492-6B7251ABDB89}" = protocol=6 | dir=in | app=d:\solidworks corp\solidworks\photoview\photoview360_cl.exe |
"{E7522BE8-ADDD-4C79-928B-7DEBEA5344C0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E9CEAD85-FAF8-48D6-B49F-536EE56D5966}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EA4BDEE0-C0E9-45F2-AE33-C349D4929545}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EE54CFD7-A2BC-49E7-A28F-906D5F249AE0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F0692EE2-17AF-4D3F-B33D-802A596C0A3D}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{F20EC2D8-763A-4F69-B8AE-D7AC8DAE188D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F87A5318-AD20-451F-9922-A08C88EE4CF8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FB61F844-E32A-4823-BDCB-AEBD51F7618F}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{FC7B2120-C448-4816-B081-AC5B268CAD89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{28B9800A-4B87-49D8-B693-3310BCED100A}D:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=d:\starcraft\starcraft.exe |
"TCP Query User{369D0EE6-BAF9-42BF-BF54-504D66DC5F72}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{3D47DC4E-4E7E-4846-8D0D-78957D0E3D45}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{46481352-0790-4B0C-B5EE-FA6F24FE9C5B}D:\quake iii arena\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\quake iii arena\quake3\quake3.exe |
"TCP Query User{4A37119B-9AAF-49C7-AFC9-B5F7DB2070FE}C:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe |
"TCP Query User{64E2E9A3-5A10-4085-9609-19662DA28575}D:\quake iii arena\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\quake iii arena\quake3\quake3.exe |
"TCP Query User{686C26E1-38E6-45B7-A96B-F9AF51E11D4A}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=6 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe |
"TCP Query User{687D3833-D627-4A3D-BF9E-F22C66B9A25C}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=6 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe |
"TCP Query User{6F960810-C7B6-4716-85E0-42DD213F50A9}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe |
"TCP Query User{6FE16FFC-5FE5-4186-B001-7FFE1603D2B2}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe |
"TCP Query User{90F713C5-7644-4E00-A4D5-DF1F6769112F}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe |
"TCP Query User{99A82FFD-26E2-4E27-A989-3FE80EA027A1}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe |
"TCP Query User{9C7A2B81-6AD3-452C-ABB5-FA9219F37BEA}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe |
"TCP Query User{A9B96AD3-00C8-43F8-8732-F261DAE4A59D}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"TCP Query User{B137A988-AC3D-4BE1-A22D-525CFBBC3893}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe |
"TCP Query User{B42A56ED-6DC7-433D-84F8-68CA56833151}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E7CE2C31-8793-47EB-951B-DADCB3EFC72B}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{EA342181-9E3D-4593-B725-A699FBD97D13}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=6 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe |
"TCP Query User{EDAF27F8-DFEF-480C-BA37-C2F6F8394018}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=6 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe |
"UDP Query User{01EA43CC-A1AA-4985-9D81-A78C74743EDE}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=17 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe |
"UDP Query User{0F064ED0-3C69-4965-8669-F4C88144B096}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe |
"UDP Query User{1A013AA6-B5EE-4CCC-9BDC-65F12D843E43}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe |
"UDP Query User{351FBBD4-4F85-4DE3-9794-74B56DF53FD9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{4A005725-3E2E-4E6A-941C-5F0767267A7F}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe |
"UDP Query User{63EED558-F5A9-4929-BDC4-3BFD006C6415}D:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=d:\starcraft\starcraft.exe |
"UDP Query User{7382442F-848E-4DA7-B2F4-BACA173E8ADC}C:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\edb_streamd.exe |
"UDP Query User{7CF73CD0-58EC-41C2-A9FD-E8E13B6C64DE}D:\quake iii arena\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\quake iii arena\quake3\quake3.exe |
"UDP Query User{82571B29-5F87-486B-9878-DB6548C718EE}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"UDP Query User{9FAC08EA-571A-4CB7-9CE6-4DC290BFE98C}C:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\rekordbox.exe |
"UDP Query User{A9287615-F97D-4756-8D05-A977D024EB97}D:\quake iii arena\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\quake iii arena\quake3\quake3.exe |
"UDP Query User{B633436C-11A3-42B3-8092-2A0BBAF277C3}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{B9FF9E07-3191-4660-813B-A38FEA4A6558}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvlinksysmgr.exe |
"UDP Query User{BA893115-0395-4B78-8B97-FACA47E06EBD}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=17 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe |
"UDP Query User{CA53C2F4-F5F1-48FB-92B4-E35EF4B34788}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{CEB8286D-AB76-4872-8160-C69386257A1C}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{D08225AB-A7BC-4935-BBC1-591439DACAB7}D:\matlab\r2012b\bin\win64\matlab.exe" = protocol=17 | dir=in | app=d:\matlab\r2012b\bin\win64\matlab.exe |
"UDP Query User{DF7F203E-80BC-4E55-BDAB-A984547F9815}C:\miranda-im-v0.9.33-x64\miranda64.exe" = protocol=17 | dir=in | app=c:\miranda-im-v0.9.33-x64\miranda64.exe |
"UDP Query User{EDBB42DD-9624-4B60-B131-E43285EE8703}C:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pioneer\rekordbox 2.0.1\psvnfsd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{455804F2-70A9-46BD-BEB8-957000EC20D4}" = SolidWorks eDrawings 2011 x64 Edition SP02
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{45CB0703-D49C-31B2-0DBD-FDD98D7DEF7A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F113377-0BA1-4552-9ABB-9BF220FAF132}" = SolidWorks 2011 x64 Edition SP02
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{618F0662-4BB3-4074-9E44-3B7DBCF1AB2C}" = Microsoft .NET Framework 2.0 SDK (x64) - DEU
"{64A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{8F8689D5-36FE-4BA3-AE55-6D68DE45A2B5}" = SolidWorks Flow Simulation 2011 SP02 x64 Edition
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEF0C5DA-21C5-4FA7-AD05-5D21C525543C}" = SolidWorks 2011 x64 German Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Matlab R2012b" = MATLAB R2012b
"Microsoft .NET Framework 2.0 SDK (x64) - DEU" = Microsoft .NET Framework 2.0 SDK (x64) - DEU
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"USB_AUDIO_DEusb-audio.deRLDJIF2" = Digital Jockey - IE2
"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E8FE5BE-472B-4235-96E5-EC6463474641}" = Brother HL-2030
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = Catalyst Control Center
"{BD21728C-22C5-2D69-2F52-C4437E8FF02E}" = Catalyst Control Center InstallProxy
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.8.0
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"mmfsetup_is1" = MixMeister Fusion Demo 7.4.4
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Notepad++" = Notepad++
"Pioneer CDJ" = Pioneer CDJ Driver
"Pioneer rekordbox 2.0.1" = rekordbox 2.0.1
"SolidWorks Installation Manager 20110-40200-1100-100" = SolidWorks 2011 x64 Edition SP02
"StarCraft II" = StarCraft II
"VLC media player" = VLC media player 1.1.9
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-343234313-4265166236-2536907646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.01.2013 07:58:59 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4040
Error - 15.01.2013 07:59:00 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 15.01.2013 07:59:00 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5038
Error - 15.01.2013 07:59:00 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5038
Error - 15.01.2013 07:59:02 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 15.01.2013 07:59:02 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6567
Error - 15.01.2013 07:59:02 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6567
Error - 15.01.2013 08:15:10 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 15.01.2013 08:15:10 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 974756
Error - 15.01.2013 08:15:10 | Computer Name = Azzi-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 974756
Error - 27.01.2013 11:06:59 | Computer Name = Azzi-Laptop | Source = Windows Search Service | ID = 1019
Description =
Error - 15.04.2013 11:17:56 | Computer Name = Azzi-Laptop | Source = Windows Search Service | ID = 1019
Description =
Error - 15.04.2013 12:27:23 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514,
Zeitstempel: 0x4ce792c4 Name des fehlerhaften Moduls: MSI5EDA.tmp, Version: 2.0.0.9,
Zeitstempel: 0x4d4b089c Ausnahmecode: 0xc000000d Fehleroffset: 0x00019d88 ID des fehlerhaften
Prozesses: 0x518 Startzeit der fehlerhaften Anwendung: 0x01ce39f5f7b49e4d Pfad der
fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe Pfad des fehlerhaften Moduls:
C:\Windows\Installer\MSI5EDA.tmp Berichtskennung: 59d8a017-a5e9-11e2-b23b-bcaec506d2b8
Error - 15.04.2013 12:27:41 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514,
Zeitstempel: 0x4ce792c4 Name des fehlerhaften Moduls: MSI8A80.tmp, Version: 2.0.0.9,
Zeitstempel: 0x4d4b089c Ausnahmecode: 0xc000000d Fehleroffset: 0x00019d88 ID des fehlerhaften
Prozesses: 0xef0 Startzeit der fehlerhaften Anwendung: 0x01ce39f6254b8351 Pfad der
fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe Pfad des fehlerhaften Moduls:
C:\Windows\Installer\MSI8A80.tmp Berichtskennung: 642de343-a5e9-11e2-b23b-bcaec506d2b8
Error - 19.04.2013 00:33:35 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: diablo III.exe, Version: 1.0.7.15295,
Zeitstempel: 0x51364a91 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x03beb652 ID des fehlerhaften
Prozesses: 0x830 Startzeit der fehlerhaften Anwendung: 0x01ce3cb60f5007af Pfad der
fehlerhaften Anwendung: D:\Diablo III\diablo III.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 4c0bf86e-a8aa-11e2-acc6-bcaec506d2b8
Error - 21.04.2013 14:52:17 | Computer Name = Azzi-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: diablo III.exe, Version: 1.0.7.15295,
Zeitstempel: 0x51364a91 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x03d29632 ID des fehlerhaften
Prozesses: 0x1300 Startzeit der fehlerhaften Anwendung: 0x01ce3ec004f4b1ef Pfad der
fehlerhaften Anwendung: D:\Diablo III\diablo III.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 9661d7fd-aab4-11e2-be90-bcaec506d2b8
[ System Events ]
Error - 24.04.2013 01:38:45 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description =
Error - 24.04.2013 06:50:21 | Computer Name = Azzi-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.04.2013 06:50:56 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 34001
Description =
Error - 24.04.2013 06:50:56 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description =
Error - 24.04.2013 12:03:57 | Computer Name = Azzi-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.04.2013 12:05:36 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 34001
Description =
Error - 24.04.2013 12:05:36 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description =
Error - 24.04.2013 12:46:32 | Computer Name = Azzi-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.04.2013 12:48:00 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 34001
Description =
Error - 24.04.2013 12:48:00 | Computer Name = Azzi-Laptop | Source = ipnathlp | ID = 30013
Description =
< End of report >
Grüße! |
|
24.04.2013, 21:13
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Notebook friert nach Windows boot für 30-60sekunden einCode:
ATTFilter O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
 Siehe auch => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein |
| adobe, asus, bho, bonjour, explorer, hijack, hijackthis, hotkey, html, internet, internet explorer, logfile, lsass.exe, maus, microsoft, notebook, pdf, performance, plug-in, sanduhr, security, sekunden, software, system, windows, wmp |
Linear-Darstellung
