|
Plagegeister aller Art und deren Bekämpfung: Laptop plötzlich sehr langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.07.2010, 18:32 | #1 |
| Laptop plötzlich sehr langsam Hallo Ich habe seit kurzem ein Problem mit meinem Laptop. Mein Laptop wurde plötzlich sehr langsam und ich habe keine Ahnung warum. Mitlerweile kann ich nicht einmal mehr Solitaire ruckelfrei spielen. Ich hoffe, dass mir jemand helfen kann. Hier sind schon mal meine Logdateien. Hijackthis Logdatei Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:33:12, on 05.07.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\SYSTEM32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\PLFSetI.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Users\XXX\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\ XXX \Downloads\HiJackThis204.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://de.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - D:\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c95c72a41d02ba) (gupdate1c95c72a41d02ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NMSAccessU - Unknown owner - D:\CDBurnerXP\NMSAccessU.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Windows\ O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 12108 bytes Malwarebytes Logdatei Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4271 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 04.07.2010 16:19:03 Log Datei Malwarebytes Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 405984 Laufzeit: 4 Stunde(n), 38 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) OTL Logdatei OTL logfile created on: 05.07.2010 09:07:54 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\XXX\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111.44 Gb Total Space | 39.94 Gb Free Space | 35.84% Space Free | Partition Type: NTFS Drive D: | 232.88 Gb Total Space | 135.70 Gb Free Space | 58.27% Space Free | Partition Type: NTFS Drive E: | 111.44 Gb Total Space | 111.35 Gb Free Space | 99.92% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XXX -PC Current User Name: XXX Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\ XXX \Downloads\HiJackThis204.exe (Trend Micro Inc.) PRC - C:\Users\ XXX \Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Users\ XXX \AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - D:\CDBurnerXP\NMSAccessU.exe () PRC - D:\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\ACER\Mobility Center\MobilityService.exe () PRC - D:\Alcohol 120%\StarWind\StarWindServiceAE.exe (Rocket Division Software) PRC - C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) ========== Modules (SafeList) ========== MOD - C:\Users\ XXX \Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\powrprof.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (NMSAccessU) -- D:\CDBurnerXP\NMSAccessU.exe () SRV - (AdobeActiveFileMonitor7.0) -- D:\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe () SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (StarWindServiceAE) -- D:\Alcohol 120%\StarWind\StarWindServiceAE.exe (Rocket Division Software) SRV - (SSScsiSV) -- C:\Programme\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (NuidFltr) -- C:\Windows\System32\drivers\nuidfltr.sys (Microsoft Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider) DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated) DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated) DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (Ltn_stk7070P) -- C:\Windows\System32\drivers\Ltn_stk7070P.sys (LiteOn) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.) DRV - (xnacc) -- C:\Windows\System32\drivers\xnacc.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation) DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (ASPI) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://de.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://de.intl.acer.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = h**p://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = h**p://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = h**p://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..extensions.enabledItems: {8e175e4c-dec2-4917-bd9a-d75e7cb33d61}:3.6.0 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009.04.22 11:13:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.03 17:27:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.03 17:27:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.05.11 13:12:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.05.11 13:12:58 | 000,000,000 | ---D | M] -- C:\Users\ XXX\AppData\Roaming\mozilla\Extensions [2010.05.11 13:12:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ XXX\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.07.04 20:29:49 | 000,000,000 | ---D | M] -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions [2010.07.04 20:29:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.04 20:29:16 | 000,000,000 | ---D | M] (XboxFox) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{8e175e4c-dec2-4917-bd9a-d75e7cb33d61} [2009.01.24 19:24:37 | 000,000,000 | ---D | M] (Halloween) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859} [2010.07.04 20:29:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{8e175e4c-dec2-4917-bd9a-d75e7cb33d61}\chrome\mozapps\extensions [2010.07.04 21:21:11 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.05.11 19:09:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.05.08 11:24:13 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.05.08 11:24:13 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.05.08 11:24:14 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.05.08 11:24:14 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.05.08 11:24:14 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\ XXX \AppData\Roaming\Mozilla\Firefox\Desktop Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Users\ XXX \AppData\Roaming\Mozilla\Firefox\Desktop Hintergrund.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.04 20:18:48 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices [2010.07.04 20:01:46 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2010.07.04 20:01:44 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2010.07.04 20:01:44 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2010.07.04 20:00:52 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2010.07.04 20:00:51 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010.07.04 20:00:49 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.07.04 20:00:49 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.07.04 20:00:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.07.04 20:00:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2010.07.04 20:00:48 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2010.07.04 20:00:48 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.07.04 20:00:48 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2010.07.04 20:00:48 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2010.07.04 20:00:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2010.07.04 20:00:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2010.07.04 20:00:48 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2010.07.04 20:00:47 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2010.07.04 20:00:47 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2010.07.04 20:00:47 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2010.07.04 20:00:46 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.07.04 20:00:46 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.07.04 20:00:46 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2010.07.04 20:00:46 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2010.07.04 20:00:46 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2010.07.04 20:00:46 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.07.04 20:00:46 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2010.07.04 20:00:45 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2010.07.04 20:00:45 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.07.04 19:59:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2010.07.04 19:59:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2010.07.04 19:59:51 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2010.07.04 19:59:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll [2010.07.04 19:59:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll [2010.07.04 19:59:47 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2010.07.04 19:59:47 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2010.07.04 19:59:47 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2010.07.04 19:59:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll [2010.07.04 19:59:47 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2010.07.04 19:59:47 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2010.07.04 19:59:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2010.07.04 19:57:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2010.07.04 19:57:35 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2010.07.04 14:23:36 | 000,000,000 | R--D | C] -- C:\Users\ XXX \Pictures [2010.07.03 17:12:10 | 000,000,000 | ---D | C] -- C:\Users\ XXX \Documents\DriverGenius [2010.07.03 16:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters [2010.07.03 16:08:20 | 000,000,000 | ---D | C] -- C:\Users\ XXX \AppData\Roaming\Malwarebytes [2010.07.03 16:07:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.07.03 16:07:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.07.03 16:07:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.07.03 16:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.02 21:00:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2010.07.02 21:00:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2010.07.02 21:00:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2010.07.02 19:56:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2010.06.30 19:26:23 | 000,000,000 | R--D | C] -- C:\Users\ XXX \Music [2010.06.30 18:00:48 | 000,000,000 | ---D | C] -- C:\Users\ XXX \Documents\RCT3 [2010.06.30 18:00:48 | 000,000,000 | ---D | C] -- C:\Users\ XXX \AppData\Roaming\Atari [2010.06.26 14:43:28 | 000,000,000 | ---D | C] -- C:\Users\ XXX \Documents\E-Books [2010.06.24 21:17:19 | 000,000,000 | ---D | C] -- C:\Programme\Smart Projects [2010.06.24 20:48:15 | 000,102,400 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe [2010.06.24 11:49:07 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.06.24 11:49:07 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.06.24 11:49:07 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.06.23 08:20:44 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.06.23 08:20:43 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.06.23 08:20:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.06.12 13:15:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.06.12 13:15:53 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.06.12 13:15:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.06.12 13:15:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.06.12 13:15:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.06.12 13:15:45 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.06.12 13:15:44 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.06.12 13:15:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.06.12 13:15:44 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.06.12 13:15:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.06.12 13:15:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.06.12 13:15:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.06.12 13:15:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.06.12 13:15:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.06.12 13:15:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.06.12 13:15:44 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.06.12 13:15:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.06.12 13:15:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.06.12 13:15:42 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.07.05 09:13:32 | 003,407,872 | -HS- | M] () -- C:\Users\ XXX \NTUSER.DAT [2010.07.05 09:13:07 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.07.05 09:05:15 | 000,027,649 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.07.05 09:05:15 | 000,027,649 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.07.05 09:01:55 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010.07.05 08:59:45 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2010.07.05 08:58:07 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.05 08:58:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.05 08:57:36 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.07.05 08:57:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.05 08:57:17 | 000,000,020 | -HS- | M] () -- C:\Users\ XXX \ntuser.ini [2010.07.05 08:57:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.05 08:56:01 | 2682,621,952 | -HS- | M] () -- C:\hiberfil.sys [2010.07.04 21:29:48 | 000,524,288 | -HS- | M] () -- C:\Users\ XXX \NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.07.04 21:29:48 | 000,065,536 | -HS- | M] () -- C:\Users\ XXX \NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.07.04 21:29:09 | 001,990,948 | -H-- | M] () -- C:\Users\ XXX \AppData\Local\IconCache.db [2010.07.04 20:48:08 | 000,120,154 | ---- | M] () -- C:\Users\ XXX \Documents\Früchte.docx [2010.07.04 20:29:41 | 000,679,420 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.07.04 20:29:41 | 000,638,542 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.07.04 20:29:41 | 000,148,770 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.07.04 20:29:41 | 000,121,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.07.04 20:29:40 | 001,581,904 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.07.04 20:08:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2010.07.04 20:07:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.07.04 19:54:34 | 000,010,135 | ---- | M] () -- C:\Users\ XXX\Documents\Netzwerkschlüssel.docx [2010.07.04 19:20:53 | 000,012,322 | ---- | M] () -- C:\Users\ XXX \Documents\Systemscan mit OTL.docx [2010.07.04 16:19:26 | 000,001,140 | ---- | M] () -- C:\Users\ XXX \Documents\Log Datei Malwarebytes [2010.07.04 12:17:32 | 000,001,356 | ---- | M] () -- C:\Users\ XXX \AppData\Local\d3d9caps.dat [2010.07.03 17:24:11 | 000,092,724 | ---- | M] () -- C:\Users\ XXX \Desktop\System_wird_immer_langsamer.pdf [2010.07.02 21:07:25 | 000,394,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.07.01 10:40:01 | 000,106,496 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT [2010.06.26 13:09:29 | 000,105,472 | ---- | M] () -- C:\Users\ XXX \AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.24 20:48:22 | 000,013,391 | ---- | M] () -- C:\Windows\DIIUnin.dat [2010.06.24 20:48:16 | 000,102,400 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe [2010.06.24 20:48:16 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif [2010.06.20 14:27:28 | 000,002,631 | ---- | M] () -- C:\Users\ XXX \Desktop\Microsoft Office Word 2007.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.05 08:57:17 | 000,000,020 | -HS- | C] () -- C:\Users\ XXX \ntuser.ini [2010.07.04 20:47:56 | 000,120,154 | ---- | C] () -- C:\Users\ XXX \Documents\Früchte.docx [2010.07.04 20:08:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2010.07.04 20:07:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.07.04 19:54:31 | 000,010,135 | ---- | C] () -- C:\Users\ XXX\Documents\Netzwerkschlüssel.docx [2010.07.04 19:20:48 | 000,012,322 | ---- | C] () -- C:\Users XXX\Documents\Systemscan mit OTL.docx [2010.07.04 16:19:26 | 000,001,140 | ---- | C] () -- C:\Users\ XXX \Documents\Log Datei Malwarebytes [2010.07.03 17:24:11 | 000,092,724 | ---- | C] () -- C:\Users\ XXX\Desktop\System_wird_immer_langsamer.pdf [2010.06.24 20:48:22 | 000,013,391 | ---- | C] () -- C:\Windows\DIIUnin.dat [2010.06.24 20:48:16 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009.09.24 11:38:52 | 000,000,217 | ---- | C] () -- C:\Windows\AvDetected.ini [2009.09.12 10:28:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.04 15:07:06 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.06.19 19:50:23 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2009.05.22 13:22:26 | 000,000,292 | ---- | C] () -- C:\Windows\game.ini [2009.05.03 10:11:10 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.02.21 14:58:53 | 000,165,376 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.02.21 14:58:40 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.01.20 18:20:55 | 000,000,540 | ---- | C] () -- C:\Windows\WinInit.Ini [2009.01.07 16:35:26 | 000,138,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2008.12.22 14:57:50 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI [2008.12.02 19:43:07 | 000,000,060 | ---- | C] () -- C:\Windows\GDINST.INI [2008.12.02 19:28:31 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2008.12.02 13:10:48 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2008.12.02 13:10:48 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.05.16 04:24:58 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.04.01 10:39:14 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008.04.01 10:39:14 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008.04.01 10:14:24 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll [2008.04.01 10:09:50 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008.04.01 09:59:39 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:861A898F @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9F683177 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:580E04D8 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C95B63DA @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8AB6C1D7 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:193426B4 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B606BA34 @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019 @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:1D32EC29 < End of report > |
06.07.2010, 18:34 | #2 |
| Laptop plötzlich sehr langsam Und hier sind noch die OTL-Extra-datei und die SUPERAntiSpyware Logdatei:
__________________OTL Extra Logdatei OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.07.2010 09:07:55 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\ XXX \Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111.44 Gb Total Space | 39.94 Gb Free Space | 35.84% Space Free | Partition Type: NTFS Drive D: | 232.88 Gb Total Space | 135.70 Gb Free Space | 58.27% Space Free | Partition Type: NTFS Drive E: | 111.44 Gb Total Space | 111.35 Gb Free Space | 99.92% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XXX -PC Current User Name: XXX Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 1 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1CB9B39E-B345-4998-B1BC-66EB855C001F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5068E7B2-7B66-4DEC-AFCB-63840BDE1BBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5F122869-DFC0-4FF8-BBC0-0E7E3087DE46}" = rport=10243 | protocol=6 | dir=out | app=system | "{83C751FF-A7B1-48D5-990D-C526CCAF7237}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{88A8B1EF-3771-4850-A43E-A966AB024A12}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{9310F68E-DA2A-4796-AA90-05F4EE3A9EA5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E29A94B1-5739-4A0E-853E-A6E1CCE633A6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E5CBA887-DA72-40C5-A359-0BBFA5CBB9C3}" = lport=2869 | protocol=6 | dir=in | app=system | "{F0A9FB3C-1912-443F-B2D6-2C4456ABDBB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FF31AE14-E55D-4356-97BF-C423808C2496}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00A8468F-E573-4EFF-8FB0-69E83DB802A5}" = protocol=6 | dir=out | app=system | "{00B18D5D-AD72-4988-B6FE-9112E4BB534A}" = dir=in | app=f:\setup\hpznui01.exe | "{050F0811-72C1-4E5B-9D3C-D4DC827AEC73}" = protocol=17 | dir=in | app=d:\ein quantum trost\jb_liveengine_s.exe | "{06955779-FF10-4A17-984A-3FBBC9B73DA0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{0B0F34CD-EAE4-4D9E-88A4-515CD5E5E7CC}" = protocol=6 | dir=in | app=f:\dwizard615.exe | "{109AE322-97E4-412F-A61B-2BFB1927D5E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{10FE6C18-E636-4720-8CA9-D082C568398F}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | "{11EC9F63-BE3F-4512-8C50-0FA3CA0B4550}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | "{17F72182-D0DF-42EC-AE65-1602C13F97DB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{1903D7B9-F581-49FD-9F30-FA980A468A85}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | "{230B3936-A5F0-41D5-95B2-7D8E8A08ACEF}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{29F88FC7-CDFA-46A7-8132-E2EAD45E18E9}" = protocol=17 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | "{2C62952C-8B3D-4859-AEC3-C772A20069DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{365D9EDC-862C-49AE-9D2A-7A3B6FFA8755}" = protocol=17 | dir=in | app=d:\call of duty 5 world at war\codwawmp.exe | "{36F996C0-77C6-44BE-8104-45B15C61613A}" = protocol=17 | dir=in | app=f:\dwizard615.exe | "{36FC5D70-62FB-4A88-978E-3E17A21AF9BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{3DA3E72B-AB4B-4014-B77D-44AD948C8593}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{3EF0F3CB-ACAC-4A27-AA34-2C694D2F23A8}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{4113D8DE-0620-4DBB-B356-F3BFD112E8F0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | "{4275722E-5B93-4A7E-A00E-311A097B127F}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | "{460E324B-CDBF-4205-B469-5436463D1CF0}" = protocol=6 | dir=in | app=f:\libneap.dll | "{48F9D505-F29A-4F40-86B3-7E08704167F0}" = protocol=17 | dir=in | app=d:\far cry 2\bin\fc2editor.exe | "{4982D4B2-DB87-485B-831D-7D12F5D6BE21}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | "{4B8AFF84-CEB1-42B6-83C0-700E4D0129D6}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | "{4D39F704-DED6-4736-9DB8-894C8DC2271D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4EEC5371-F593-469A-8254-7203E4A4198F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{4F4DE206-AD56-4A85-9239-536212E248CB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dawn of war 2\dow2.exe | "{536CCE94-0911-42D3-8230-867CF9EF8E1D}" = protocol=17 | dir=in | app=f:\libneap.dll | "{556C08DC-BFDA-4CB7-A428-A5FCC5AD4B27}" = protocol=6 | dir=in | app=d:\call of duty 5 world at war\codwaw.exe | "{55CA9118-79BD-44B7-9D12-EA1D6D407E36}" = protocol=17 | dir=in | app=d:\gta iv\rockstar games social club\rgsclauncher.exe | "{5724CF4B-B631-428B-9912-4D57E7437B17}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | "{57DB125C-7429-48CD-8C71-5C62C1C62E68}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{5CD77B3C-B264-4D54-BACC-2404DF959540}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{60B7C901-2328-4A36-ABB6-590F4152C0D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{610FE03B-E93C-47FF-8411-F5325B518BAC}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe | "{61DC26FA-854A-4B55-B317-269E81E42095}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{62B6CBA0-13B6-4332-9B76-6FC9D287A9F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{64C3E8EB-74C1-4B4A-A626-ECF2EC88CE35}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | "{6836F22A-A650-41F0-B309-5C243C0ACF6C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{69300C9F-FB94-437F-8325-F1D33AA239E9}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | "{6A5988FF-D3F5-43BA-897A-2CBCDC9D65CB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{6E8686FB-EEFC-4A81-B905-E25356C6E25F}" = protocol=6 | dir=in | app=d:\itunes\itunes.exe | "{7043B60B-FDD9-46CA-9286-9D6464359AFA}" = protocol=17 | dir=in | app=d:\far cry 2\bin\farcry2.exe | "{704CD558-3AA5-443F-B573-C3CC46B4653E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{70564204-5C2B-4722-9CCD-0E6AA0901DD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{71989C70-CE24-4303-AD18-5E904EF6C703}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{72D2972E-DD70-4F6A-8D2D-2C2EA26E5ED8}" = protocol=6 | dir=in | app=d:\ein quantum trost\jb_liveengine_s.exe | "{732D98B5-658B-45BD-BDE2-65345664786E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{7594D2BD-736A-4A81-B5A8-84E9D4D3318D}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe | "{7632999A-7EC2-4CF7-8203-AE68F5230E85}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{779D1631-DBFB-411A-85E8-E5B0A5790724}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe | "{781C2052-321E-481A-B6D7-8578ED79F48F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{79908454-FCC9-4D02-8290-CC78382A7C25}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | "{7C82D757-9C61-4883-B588-DB19D1767B84}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{7F99041F-5832-452D-B39A-35DEB85B575E}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | "{80CA228D-5FD3-4458-8106-141F1D762B38}" = protocol=17 | dir=in | app=d:\call of duty 4 modern warfare\iw3mp.exe | "{8508037C-ABA3-478C-8EE9-FDDDD52358F0}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{854B91A2-3F31-45F0-A3C1-B3DB9481AD6F}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe | "{8596C4CE-F084-43B1-9368-C7FD9FD7E9CC}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{86F0B8FD-47C6-4C83-BE6C-4470EDB7E190}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{8717589A-BCCB-4DB1-B19B-686E58D816EC}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{8D7511F1-63C4-4C08-BBD2-701229850AD6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{8E49CC00-0B1B-40CB-B2AC-218127121AF7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{8EB87AFF-A2E6-405A-BEF3-71E0BC54AA38}" = protocol=6 | dir=in | app=d:\far cry 2\bin\fc2launcher.exe | "{90817642-E5C1-4225-BC7D-94DBC69EC6A2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{90CDEEF9-05AD-4A80-A585-6541B3DD8436}" = protocol=17 | dir=in | app=d:\sacred 2 fallen angel\system\sacred2.exe | "{9333852D-341C-445E-9A4A-D9D87080F235}" = protocol=6 | dir=in | app=d:\gta iv\rockstar games social club\rgsclauncher.exe | "{9429A128-8A7D-44AD-91DB-98660C580190}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9B6C04F6-7104-4921-B15E-26BE48C124AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9F0D1376-B123-4E47-9156-D9F7E7094CD4}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | "{9F58E589-D9C6-4954-B465-5D12CA1BE021}" = protocol=6 | dir=in | app=d:\sacred 2 fallen angel\system\sacred2.exe | "{A0F39B49-AC13-4FCD-90FB-ECFDFF349C49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A0FAD3A6-2A72-4F76-A7B8-25C2C0C4CC9C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dawn of war 2\dow2.exe | "{A81F2463-21F2-4257-88BA-4061426E374A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "{AE3F4D98-2511-4486-9DDA-0EBE51D81DE0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{AFFA9177-F4A7-4204-A2B9-D05FF4C98505}" = protocol=6 | dir=in | app=d:\far cry 2\bin\fc2editor.exe | "{B1414B4C-27C9-4031-88DE-AB193B59D963}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{B2940878-D770-4DE1-89A2-D21254699CE9}" = protocol=6 | dir=in | app=d:\call of duty 5 world at war\codwawmp.exe | "{B2E07B66-652C-495F-8183-B9EDC7FBDEB1}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{B4BEC0BE-912B-444C-9A7E-BFA1B0D0B9E2}" = protocol=6 | dir=in | app=d:\call of duty 4 modern warfare\iw3mp.exe | "{BA9580E8-A2D9-4332-A278-58E0186E09D5}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | "{C0167C73-06A6-4B1F-9968-0E1BC76D1876}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{C0FB55F1-F475-4E83-A316-6AB99E85006C}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | "{C7A2B4E3-873E-41A8-B952-1AAB3B705E83}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | "{CC8F1DA4-9A50-4F91-B095-D18787D5B7E7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{CEA6B1A3-2B7B-4928-BBA9-6D69DA314636}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{D5B2D380-F5BF-457A-BDE5-68BA9E439194}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D98861E1-7A13-4FFE-B4EC-F1E0CE8D184A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{DB77520B-3808-4915-906D-0F9C90987BA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{DD3CCF32-645E-4C02-838A-3BF7010EE102}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{DDB11C1A-2848-4F03-A18C-1A56FC8AD13D}" = protocol=6 | dir=in | app=d:\far cry 2\bin\farcry2.exe | "{DE42ADBB-3A32-4807-AF2B-8CA39C860966}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | "{E14E1F54-E9E0-4E53-8142-AD79EF21FDB1}" = protocol=17 | dir=in | app=d:\call of duty 5 world at war\codwaw.exe | "{E1C9D9CB-0270-4651-B029-ED95774A7AFA}" = protocol=6 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | "{E1ECC78B-292B-41AC-A174-384A90CEDF3B}" = protocol=17 | dir=in | app=d:\far cry 2\bin\fc2launcher.exe | "{E38424D5-D701-42EF-B320-4998F55025B4}" = protocol=17 | dir=in | app=d:\itunes\itunes.exe | "{E534AAE7-7FF9-457E-9B73-71CF5947D3EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E6F59923-B8B2-4817-8B1F-31DB6A983562}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | "{EA967A30-750F-4C84-BA0E-82F8694E0EF5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | "{EB7055D9-760A-4317-B3D5-2C9475F2B6F3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{F44854D7-A1CB-4440-AA0A-E04B541761C6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FBE81F06-5BAA-4C65-BA8F-B642CC859389}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "TCP Query User{03E3861B-F962-440E-8E88-6BA536323058}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | "TCP Query User{0874E1F4-26D9-4752-84AD-951B464FC98D}C:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe" = protocol=6 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe | "TCP Query User{217FDE4A-F4E0-4045-A7FA-8A8381565607}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{2C7BE825-1B65-4C51-A296-B4FD673B44C9}C:\program files\microsoft games\halo\halo.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo\halo.exe | "TCP Query User{2E17C6C2-8352-4353-8454-FE15B1FEE515}C:\program files\play2p\play2p.exe" = protocol=6 | dir=in | app=c:\program files\play2p\play2p.exe | "TCP Query User{37DD6645-000C-4708-B069-DB01DB0EEB41}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | "TCP Query User{4267349C-774B-4D47-9FD2-6558B5EE8BF8}C:\program files\gamespy\comrade\comrade.exe" = protocol=6 | dir=in | app=c:\program files\gamespy\comrade\comrade.exe | "TCP Query User{42DF938A-CF0C-438C-A362-634396FF8051}C:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe" = protocol=6 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe | "TCP Query User{5C6AED03-1B82-42A8-8224-243635EC084B}D:\scarface the world is yours\scarface.exe" = protocol=6 | dir=in | app=d:\scarface the world is yours\scarface.exe | "TCP Query User{74AD3098-3167-4BE1-86E5-24A4BBB9E648}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "TCP Query User{7BD3215A-9F27-4941-97BD-499C09310BA5}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=6 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | "TCP Query User{7DADD748-8E97-4487-9800-B8D517874D50}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "TCP Query User{7E297E55-C48A-41C8-833B-B81AD315FAD8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{A1B7D707-DE51-4C51-881A-82C4B49187B6}C:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe" = protocol=6 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe | "TCP Query User{B970A3F9-622A-49F7-968F-3760AAF37940}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | "TCP Query User{C5156FE1-21DF-411A-947A-44084C3A48A3}D:\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=d:\tmunitedforever\tmforever.exe | "TCP Query User{C52DD437-B752-4760-8B91-33EB374C817C}C:\users\ XXX \program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | "TCP Query User{C67BB4D0-695A-45F4-BC7D-B396AAA62299}C:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | "TCP Query User{CA65D444-21B9-46C9-BD04-74D46E77B3AA}D:\quake 4\quake4.exe" = protocol=6 | dir=in | app=d:\quake 4\quake4.exe | "TCP Query User{CC3C5014-4EA0-4A90-99E7-DB861B0E7498}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=6 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | "TCP Query User{CCD597C4-0FE6-42C9-AA9E-2F7F537DF81F}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | "TCP Query User{CECF4D29-394F-4932-8C21-CADF01D73F9D}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | "TCP Query User{D1EDDF6D-67B9-4DC8-BD9F-482EAE539971}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=6 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | "TCP Query User{D4DB6749-39D1-44F2-91C2-8F45E2036D97}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=6 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | "TCP Query User{DD8D52DC-2554-47A7-B4AA-5D20C5E4BAE4}D:\sacred 2 fallen angel\system\s2gs.exe" = protocol=6 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | "TCP Query User{DE393865-45DF-4030-9C02-AD5E638B5452}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{ED1A8E11-D6BD-4482-8FF0-47706E1CA1CA}C:\users\ XXX \program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | "UDP Query User{1C0C575A-37A6-479F-ABC5-A7D7DA3BE17E}C:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe" = protocol=17 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe | "UDP Query User{2BF6B83D-E284-436C-A64C-7598B1F9FCAD}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "UDP Query User{3AE8CC50-F226-4271-87EF-7224824D1652}D:\quake 4\quake4.exe" = protocol=17 | dir=in | app=d:\quake 4\quake4.exe | "UDP Query User{3D00D305-3C76-4B9D-9C23-2D6070E9EA59}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{3EC9ACE9-564A-4E75-A97D-893C0020C24B}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | "UDP Query User{42BFC1B4-5CD8-42EF-A823-83805C15BEAC}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "UDP Query User{5AAB30CE-2529-412E-9899-89E1BA4E60CA}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=17 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | "UDP Query User{64FF5A5B-0496-4211-A954-7E5236B7C801}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=17 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | "UDP Query User{6A7E8A99-F480-4B1C-A06F-556775E6F205}C:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe" = protocol=17 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe | "UDP Query User{72016DAD-8BD6-4236-88D3-108C7FF9082D}D:\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=d:\tmunitedforever\tmforever.exe | "UDP Query User{77B4AF73-4F91-4D23-987E-5F226EC8536B}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=17 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | "UDP Query User{8317CE32-A827-49B3-98A7-AD9BCEF255B7}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{895E7EB1-F198-42BE-B4D6-8B3865896831}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | "UDP Query User{89A116FA-5105-4C67-8AC9-F5ADAF857467}C:\program files\microsoft games\halo\halo.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo\halo.exe | "UDP Query User{8ACF02F4-DBCB-41FA-BDAD-09FD522E19D2}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | "UDP Query User{953C7C75-C102-4374-AAF9-2D1251501C01}D:\scarface the world is yours\scarface.exe" = protocol=17 | dir=in | app=d:\scarface the world is yours\scarface.exe | "UDP Query User{9663DB0E-2C41-4611-B6D2-97192C5ECC52}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{A2915EDC-76B5-4C3A-A4D4-A45603637C6A}C:\program files\gamespy\comrade\comrade.exe" = protocol=17 | dir=in | app=c:\program files\gamespy\comrade\comrade.exe | "UDP Query User{A30712C1-1698-4D15-9EE6-A113A968F1E6}C:\users\ XXX \program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | "UDP Query User{A912767B-3132-4D2B-88E0-82E25A4CE0D0}C:\program files\play2p\play2p.exe" = protocol=17 | dir=in | app=c:\program files\play2p\play2p.exe | "UDP Query User{B1745D82-C061-4F19-BCD5-F6B7442C0255}C:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe" = protocol=17 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe | "UDP Query User{C57E25C9-67B9-40D3-9BA5-CBD11E7376AD}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | "UDP Query User{C9DD63EB-B0B6-4AA3-A006-D57EBA0819BF}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | "UDP Query User{DAE125B3-2A92-4290-8D30-22FC8C80286C}C:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | "UDP Query User{DD1ECB11-F4AC-4C0C-9215-E43271C6A7C1}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=17 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | "UDP Query User{E9FBBC1C-7DEC-4EF6-BB7D-2DAA84F9D192}D:\sacred 2 fallen angel\system\s2gs.exe" = protocol=17 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | "UDP Query User{EF35813F-E983-4A20-8097-5DAF6F98C26B}C:\users\ XXX \program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM) "{067FFF2F-0F1C-43DB-827B-F9BC4735F1BC}" = D2500 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies "{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2 "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management "{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM) "{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20 "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply "{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = Die Sims™ 2 Super Deluxe "{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete "{35095169-C59A-4571-A361-2117E04B7AFD}" = DJ_SF_03_D2500_ProductContext "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E5721E5-BA31-46AD-8B35-065924D38E91}" = D2500_Help "{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc "{4A7AE408-7846-4D13-81F7-D4447A994DBA}" = Calendar "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works "{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{59C6EFB0-7A6F-4FC2-98C5-31A9DB93014A}" = DJ_SF_03_D2500_Software "{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7085845F-CCD0-411B-BE24-CD49A870870B}" = ArcSoft Print Creations "{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone "{71310D9B-7555-44FE-914C-A1B55CB7BC5D}" = Scrapbook "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7236B969-6A18-42DD-ADE4-BBA2604F34C8}" = DJ_SF_03_D2500_Software_Min "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7641710F-A4AD-4EAE-889C-4958BE3F169C}" = C4580 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support "{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{91C82FED-477B-4AF1-88FB-F967BB0D7F10}" = Winbond CIR Device Drivers "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Societies "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management "{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext "{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8.3 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - ScrapBook "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6 "{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4 "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0 "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D10AB8DE-0ED1-4152-A247-FB89CF1435D5}" = HP Deskjet D2500 Printer Driver Software 11.0 Rel .3 "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D23E2520-0EAA-4AC3-A47E-A551C70D4FED}" = C4580_Help "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software "{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0 "{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI "{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5 "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DBFFA3C5-1169-4235-85C3-1CDDB92F82FE}" = Quake Live Mozilla Plugin "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer "{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Blood Omen 2" = Blood Omen 2 "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "Diablo II" = Diablo II "EA Download Manager" = EA Download Manager "Free Studio_is1" = Free Studio version 4.1 "Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16 "Free YouTube Download_is1" = Free YouTube Download 2.2 "Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1 "Google Desktop" = Google Desktop "Google Updater" = Google Updater "GridVista" = Acer GridVista "Halo" = Microsoft Halo "Hitman - Codename 47" = Hitman - Codename 47 "Hitman: Contracts" = Hitman: Contracts "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.0 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "HPOCR" = OCR Software by I.R.I.S. 11.0 "InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM) "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM) "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements "IsoBuster_is1" = IsoBuster 2.8 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10) "Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4) "NVIDIA Drivers" = NVIDIA Drivers "OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01 "PhotoFiltre" = PhotoFiltre "Picasa 3" = Picasa 3 "PremElem70" = Adobe Premiere Elements 7.0 "PremElem70Templates" = Adobe Premiere Elements 7.0 Templates "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11 "PunkBusterSvc" = PunkBuster Services "Shop for HP Supplies" = Shop for HP Supplies "Steam App 15620" = Warhammer 40,000: Dawn of War II "Steam App 220" = Half-Life 2 "Steam App 340" = Half-Life 2: Lost Coast "Steam App 380" = Half-Life 2: Episode One "Steam App 400" = Portal "Steam App 420" = Half-Life 2: Episode Two "Steam App 440" = Team Fortress 2 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TastaTour" = TastaTour "Tastaturschreiben" = Tastaturschreiben "TmNationsForever_is1" = TmNationsForever "Uninstall_is1" = Uninstall 1.0.0.1 "WinRAR archiver" = WinRAR "Zattoo" = Zattoo 3.3.4 Beta ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent DNA" = DNA "Diablo II" = Diablo II ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 02.07.2010 05:13:19 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 06:13:21 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 07:13:17 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 08:13:07 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 09:13:17 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 10:13:20 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 11:13:17 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 12:13:47 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 13:14:16 | Computer Name = XXX -PC | Source = Google Update | ID = 20 Description = Error - 02.07.2010 13:36:30 | Computer Name = XXX -PC | Source = WinMgmt | ID = 10 Description = [ OSession Events ] Error - 02.12.2008 08:26:05 | Computer Name = XXX -PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 77 seconds with 60 seconds of active time. This session ended with a crash. Error - 02.12.2008 08:27:20 | Computer Name = XXX -PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 70 seconds with 60 seconds of active time. This session ended with a crash. Error - 02.12.2008 08:28:00 | Computer Name = XXX -PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 04.07.2010 14:05:26 | Computer Name = XXX -PC | Source = Dhcp | ID = 1002 Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse 0017C441022E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error - 04.07.2010 14:05:39 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7000 Description = Error - 04.07.2010 14:07:15 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7022 Description = Error - 04.07.2010 14:10:25 | Computer Name = XXX -PC | Source = DCOM | ID = 10010 Description = Error - 04.07.2010 14:21:47 | Computer Name = XXX -PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 04.07.2010 14:22:03 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7000 Description = Error - 04.07.2010 14:23:38 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7022 Description = Error - 05.07.2010 02:57:31 | Computer Name = XXX -PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 05.07.2010 02:57:57 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7000 Description = Error - 05.07.2010 02:59:43 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7022 Description = [ TuneUp Events ] Error - 21.02.2009 08:58:38 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 19.03.2009 11:32:42 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 19.03.2009 12:47:42 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 20.03.2009 07:14:41 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 20.03.2009 11:23:03 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840 Description = < End of report > SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 07/06/2010 at 05:09 PM Application Version : 4.40.1002 Core Rules Database Version : 5160 Trace Rules Database Version: 2972 Scan type : Complete Scan Total Scan Time : 01:47:29 Memory items scanned : 783 Memory threats detected : 0 Registry items scanned : 9884 Registry threats detected : 0 File items scanned : 32578 File threats detected : 55 Adware.Tracking Cookie C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@cgm.adbureau[2].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@maxis.112.2o7[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@adtech[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@ad.zanox[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@eaeacom.112.2o7[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@atdmt[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@apmebf[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@youporn[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[8].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@adfarm1.adition[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@bs.serving-sys[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@tradedoubler[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@serving-sys[2].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@msnportal.112.2o7[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@mediaplex[2].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@popularscreensavers[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@doubleclick[1].txt bc.youporn.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] cdn1.eyewonder.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] content.oddcast.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] crackle.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] de.pornhub.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] googleads.g.doubleclick.net [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] imagesrv.adition.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] m1.emea.2mdn.net [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] media.ign.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] media.jambocast.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] media01.kyte.tv [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] stat.radioblogclub.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] vfsexb.gmx.net [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] www.naiadsystems.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] www.pornhub.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] www.ziporn.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] wwwstatic.megaporn.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ] C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[7].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[6].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[2].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[3].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[4].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@accounts.hellgatelondon[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@bs.serving-sys[2].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@doubleclick[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@eaeacom.112.2o7[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@maxis.112.2o7[1].txt C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@serving-sys[2].txt Adware.Flash Tracking Cookie C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\BC.YOUPORN.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\WWWSTATIC.MEGAPORN.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\MEDIA.IGN.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\CRACKLE.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\STAT.RADIOBLOGCLUB.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\CDN1.EYEWONDER.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\M1.EMEA.2MDN.NET C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\IMAGESRV.ADITION.COM C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\CONTENT.ODDCAST.COM |
Themen zu Laptop plötzlich sehr langsam |
0x00000001, alternate, antivir, antivir guard, autorun, avgntflt.sys, avira, bho, cdburnerxp, components, corp./icp, desktop, error, excel, firefox, format, google, gupdate, home premium, internet, internet explorer, intranet, langsam, launch, local\temp, location, malwarebytes' anti-malware, microsoft office word, mozilla, mozilla thunderbird, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, plug-in, popup, problem, programdata, realtek, registry, rundll, searchplugins, sehr langsam, senden, software, sptd.sys, system, vista, windows |