Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Laptop plötzlich sehr langsam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.07.2010, 18:32   #1
brownie
 
Laptop plötzlich sehr langsam - Standard

Laptop plötzlich sehr langsam



Hallo
Ich habe seit kurzem ein Problem mit meinem Laptop. Mein Laptop wurde plötzlich sehr langsam und ich habe keine Ahnung warum. Mitlerweile kann ich nicht einmal mehr Solitaire ruckelfrei spielen. Ich hoffe, dass mir jemand helfen kann.

Hier sind schon mal meine Logdateien.

Hijackthis Logdatei

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:33:12, on 05.07.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\XXX\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\ XXX \Downloads\HiJackThis204.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - D:\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c95c72a41d02ba) (gupdate1c95c72a41d02ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMSAccessU - Unknown owner - D:\CDBurnerXP\NMSAccessU.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Windows\
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 12108 bytes

Malwarebytes Logdatei

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4271

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

04.07.2010 16:19:03
Log Datei Malwarebytes

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 405984
Laufzeit: 4 Stunde(n), 38 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL Logdatei

OTL logfile created on: 05.07.2010 09:07:54 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\XXX\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 39.94 Gb Free Space | 35.84% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 135.70 Gb Free Space | 58.27% Space Free | Partition Type: NTFS
Drive E: | 111.44 Gb Total Space | 111.35 Gb Free Space | 99.92% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XXX -PC
Current User Name: XXX
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\ XXX \Downloads\HiJackThis204.exe (Trend Micro Inc.)
PRC - C:\Users\ XXX \Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Users\ XXX \AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - D:\CDBurnerXP\NMSAccessU.exe ()
PRC - D:\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - D:\Alcohol 120%\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)


========== Modules (SafeList) ==========

MOD - C:\Users\ XXX \Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\powrprof.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (NMSAccessU) -- D:\CDBurnerXP\NMSAccessU.exe ()
SRV - (AdobeActiveFileMonitor7.0) -- D:\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (StarWindServiceAE) -- D:\Alcohol 120%\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (SSScsiSV) -- C:\Programme\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NuidFltr) -- C:\Windows\System32\drivers\nuidfltr.sys (Microsoft Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (Ltn_stk7070P) -- C:\Windows\System32\drivers\Ltn_stk7070P.sys (LiteOn)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (xnacc) -- C:\Windows\System32\drivers\xnacc.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (ASPI) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://de.intl.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = h**p://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = h**p://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&s=2&o=vp32&d=1208&m=aspire_7530g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = h**p://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {8e175e4c-dec2-4917-bd9a-d75e7cb33d61}:3.6.0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009.04.22 11:13:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.03 17:27:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.03 17:27:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.05.11 13:12:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010.05.11 13:12:58 | 000,000,000 | ---D | M] -- C:\Users\ XXX\AppData\Roaming\mozilla\Extensions
[2010.05.11 13:12:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ XXX\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.07.04 20:29:49 | 000,000,000 | ---D | M] -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions
[2010.07.04 20:29:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.04 20:29:16 | 000,000,000 | ---D | M] (XboxFox) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{8e175e4c-dec2-4917-bd9a-d75e7cb33d61}
[2009.01.24 19:24:37 | 000,000,000 | ---D | M] (Halloween) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859}
[2010.07.04 20:29:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ XXX\AppData\Roaming\mozilla\Firefox\Profiles\qmxou4hh.default\extensions\{8e175e4c-dec2-4917-bd9a-d75e7cb33d61}\chrome\mozapps\extensions
[2010.07.04 21:21:11 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.11 19:09:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.05.08 11:24:13 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.05.08 11:24:13 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.05.08 11:24:14 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.05.08 11:24:14 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.05.08 11:24:14 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ XXX \AppData\Roaming\Mozilla\Firefox\Desktop Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\ XXX \AppData\Roaming\Mozilla\Firefox\Desktop Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.07.04 20:18:48 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices
[2010.07.04 20:01:46 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010.07.04 20:01:44 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010.07.04 20:01:44 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010.07.04 20:00:52 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010.07.04 20:00:51 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010.07.04 20:00:49 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010.07.04 20:00:49 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010.07.04 20:00:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.07.04 20:00:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.07.04 20:00:48 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010.07.04 20:00:48 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010.07.04 20:00:48 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.07.04 20:00:48 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010.07.04 20:00:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010.07.04 20:00:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010.07.04 20:00:48 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010.07.04 20:00:47 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010.07.04 20:00:47 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010.07.04 20:00:47 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010.07.04 20:00:46 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010.07.04 20:00:46 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010.07.04 20:00:46 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010.07.04 20:00:46 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010.07.04 20:00:46 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010.07.04 20:00:46 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010.07.04 20:00:46 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010.07.04 20:00:45 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010.07.04 20:00:45 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010.07.04 19:59:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010.07.04 19:59:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010.07.04 19:59:51 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010.07.04 19:59:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2010.07.04 19:59:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2010.07.04 19:59:47 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010.07.04 19:59:47 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010.07.04 19:59:47 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010.07.04 19:59:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2010.07.04 19:59:47 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010.07.04 19:59:47 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010.07.04 19:59:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010.07.04 19:57:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010.07.04 19:57:35 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010.07.04 14:23:36 | 000,000,000 | R--D | C] -- C:\Users\ XXX \Pictures
[2010.07.03 17:12:10 | 000,000,000 | ---D | C] -- C:\Users\ XXX \Documents\DriverGenius
[2010.07.03 16:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2010.07.03 16:08:20 | 000,000,000 | ---D | C] -- C:\Users\ XXX \AppData\Roaming\Malwarebytes
[2010.07.03 16:07:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.03 16:07:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.03 16:07:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.03 16:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.02 21:00:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010.07.02 21:00:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010.07.02 21:00:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010.07.02 19:56:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010.06.30 19:26:23 | 000,000,000 | R--D | C] -- C:\Users\ XXX \Music
[2010.06.30 18:00:48 | 000,000,000 | ---D | C] -- C:\Users\ XXX \Documents\RCT3
[2010.06.30 18:00:48 | 000,000,000 | ---D | C] -- C:\Users\ XXX \AppData\Roaming\Atari
[2010.06.26 14:43:28 | 000,000,000 | ---D | C] -- C:\Users\ XXX \Documents\E-Books
[2010.06.24 21:17:19 | 000,000,000 | ---D | C] -- C:\Programme\Smart Projects
[2010.06.24 20:48:15 | 000,102,400 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2010.06.24 11:49:07 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 11:49:07 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 11:49:07 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 08:20:44 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.06.23 08:20:43 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.06.23 08:20:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.06.12 13:15:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.12 13:15:53 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.12 13:15:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.12 13:15:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.12 13:15:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.06.12 13:15:45 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.12 13:15:44 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.06.12 13:15:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.06.12 13:15:44 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.06.12 13:15:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.06.12 13:15:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.06.12 13:15:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.06.12 13:15:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.06.12 13:15:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.06.12 13:15:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.06.12 13:15:44 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.12 13:15:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.12 13:15:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.06.12 13:15:42 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.05 09:13:32 | 003,407,872 | -HS- | M] () -- C:\Users\ XXX \NTUSER.DAT
[2010.07.05 09:13:07 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.05 09:05:15 | 000,027,649 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.05 09:05:15 | 000,027,649 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.05 09:01:55 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.07.05 08:59:45 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.07.05 08:58:07 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.05 08:58:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.05 08:57:36 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.05 08:57:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.05 08:57:17 | 000,000,020 | -HS- | M] () -- C:\Users\ XXX \ntuser.ini
[2010.07.05 08:57:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.05 08:56:01 | 2682,621,952 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.04 21:29:48 | 000,524,288 | -HS- | M] () -- C:\Users\ XXX \NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.07.04 21:29:48 | 000,065,536 | -HS- | M] () -- C:\Users\ XXX \NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.07.04 21:29:09 | 001,990,948 | -H-- | M] () -- C:\Users\ XXX \AppData\Local\IconCache.db
[2010.07.04 20:48:08 | 000,120,154 | ---- | M] () -- C:\Users\ XXX \Documents\Früchte.docx
[2010.07.04 20:29:41 | 000,679,420 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.04 20:29:41 | 000,638,542 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.04 20:29:41 | 000,148,770 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.04 20:29:41 | 000,121,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.04 20:29:40 | 001,581,904 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.04 20:08:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010.07.04 20:07:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.07.04 19:54:34 | 000,010,135 | ---- | M] () -- C:\Users\ XXX\Documents\Netzwerkschlüssel.docx
[2010.07.04 19:20:53 | 000,012,322 | ---- | M] () -- C:\Users\ XXX \Documents\Systemscan mit OTL.docx
[2010.07.04 16:19:26 | 000,001,140 | ---- | M] () -- C:\Users\ XXX \Documents\Log Datei Malwarebytes
[2010.07.04 12:17:32 | 000,001,356 | ---- | M] () -- C:\Users\ XXX \AppData\Local\d3d9caps.dat
[2010.07.03 17:24:11 | 000,092,724 | ---- | M] () -- C:\Users\ XXX \Desktop\System_wird_immer_langsamer.pdf
[2010.07.02 21:07:25 | 000,394,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.01 10:40:01 | 000,106,496 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010.06.26 13:09:29 | 000,105,472 | ---- | M] () -- C:\Users\ XXX \AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.24 20:48:22 | 000,013,391 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2010.06.24 20:48:16 | 000,102,400 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2010.06.24 20:48:16 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
[2010.06.20 14:27:28 | 000,002,631 | ---- | M] () -- C:\Users\ XXX \Desktop\Microsoft Office Word 2007.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.05 08:57:17 | 000,000,020 | -HS- | C] () -- C:\Users\ XXX \ntuser.ini
[2010.07.04 20:47:56 | 000,120,154 | ---- | C] () -- C:\Users\ XXX \Documents\Früchte.docx
[2010.07.04 20:08:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010.07.04 20:07:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.07.04 19:54:31 | 000,010,135 | ---- | C] () -- C:\Users\ XXX\Documents\Netzwerkschlüssel.docx
[2010.07.04 19:20:48 | 000,012,322 | ---- | C] () -- C:\Users XXX\Documents\Systemscan mit OTL.docx
[2010.07.04 16:19:26 | 000,001,140 | ---- | C] () -- C:\Users\ XXX \Documents\Log Datei Malwarebytes
[2010.07.03 17:24:11 | 000,092,724 | ---- | C] () -- C:\Users\ XXX\Desktop\System_wird_immer_langsamer.pdf
[2010.06.24 20:48:22 | 000,013,391 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010.06.24 20:48:16 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.24 11:38:52 | 000,000,217 | ---- | C] () -- C:\Windows\AvDetected.ini
[2009.09.12 10:28:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.04 15:07:06 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.06.19 19:50:23 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009.05.22 13:22:26 | 000,000,292 | ---- | C] () -- C:\Windows\game.ini
[2009.05.03 10:11:10 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.02.21 14:58:53 | 000,165,376 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.02.21 14:58:40 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.01.20 18:20:55 | 000,000,540 | ---- | C] () -- C:\Windows\WinInit.Ini
[2009.01.07 16:35:26 | 000,138,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.12.22 14:57:50 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2008.12.02 19:43:07 | 000,000,060 | ---- | C] () -- C:\Windows\GDINST.INI
[2008.12.02 19:28:31 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2008.12.02 13:10:48 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.12.02 13:10:48 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.05.16 04:24:58 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.04.01 10:39:14 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.04.01 10:39:14 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.04.01 10:14:24 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.04.01 10:09:50 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.04.01 09:59:39 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B606BA34
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:1D32EC29
< End of report >

Alt 06.07.2010, 18:34   #2
brownie
 
Laptop plötzlich sehr langsam - Standard

Laptop plötzlich sehr langsam



Und hier sind noch die OTL-Extra-datei und die SUPERAntiSpyware Logdatei:



OTL Extra Logdatei

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 05.07.2010 09:07:55 - Run 2
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\ XXX \Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928) 
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 39.94 Gb Free Space | 35.84% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 135.70 Gb Free Space | 58.27% Space Free | Partition Type: NTFS
Drive E: | 111.44 Gb Total Space | 111.35 Gb Free Space | 99.92% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: XXX -PC
Current User Name: XXX
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CB9B39E-B345-4998-B1BC-66EB855C001F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5068E7B2-7B66-4DEC-AFCB-63840BDE1BBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5F122869-DFC0-4FF8-BBC0-0E7E3087DE46}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{83C751FF-A7B1-48D5-990D-C526CCAF7237}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{88A8B1EF-3771-4850-A43E-A966AB024A12}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{9310F68E-DA2A-4796-AA90-05F4EE3A9EA5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E29A94B1-5739-4A0E-853E-A6E1CCE633A6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E5CBA887-DA72-40C5-A359-0BBFA5CBB9C3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F0A9FB3C-1912-443F-B2D6-2C4456ABDBB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FF31AE14-E55D-4356-97BF-C423808C2496}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A8468F-E573-4EFF-8FB0-69E83DB802A5}" = protocol=6 | dir=out | app=system | 
"{00B18D5D-AD72-4988-B6FE-9112E4BB534A}" = dir=in | app=f:\setup\hpznui01.exe | 
"{050F0811-72C1-4E5B-9D3C-D4DC827AEC73}" = protocol=17 | dir=in | app=d:\ein quantum trost\jb_liveengine_s.exe | 
"{06955779-FF10-4A17-984A-3FBBC9B73DA0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{0B0F34CD-EAE4-4D9E-88A4-515CD5E5E7CC}" = protocol=6 | dir=in | app=f:\dwizard615.exe | 
"{109AE322-97E4-412F-A61B-2BFB1927D5E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{10FE6C18-E636-4720-8CA9-D082C568398F}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | 
"{11EC9F63-BE3F-4512-8C50-0FA3CA0B4550}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | 
"{17F72182-D0DF-42EC-AE65-1602C13F97DB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{1903D7B9-F581-49FD-9F30-FA980A468A85}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | 
"{230B3936-A5F0-41D5-95B2-7D8E8A08ACEF}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{29F88FC7-CDFA-46A7-8132-E2EAD45E18E9}" = protocol=17 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | 
"{2C62952C-8B3D-4859-AEC3-C772A20069DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | 
"{365D9EDC-862C-49AE-9D2A-7A3B6FFA8755}" = protocol=17 | dir=in | app=d:\call of duty 5 world at war\codwawmp.exe | 
"{36F996C0-77C6-44BE-8104-45B15C61613A}" = protocol=17 | dir=in | app=f:\dwizard615.exe | 
"{36FC5D70-62FB-4A88-978E-3E17A21AF9BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{3DA3E72B-AB4B-4014-B77D-44AD948C8593}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{3EF0F3CB-ACAC-4A27-AA34-2C694D2F23A8}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 
"{4113D8DE-0620-4DBB-B356-F3BFD112E8F0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{4275722E-5B93-4A7E-A00E-311A097B127F}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | 
"{460E324B-CDBF-4205-B469-5436463D1CF0}" = protocol=6 | dir=in | app=f:\libneap.dll | 
"{48F9D505-F29A-4F40-86B3-7E08704167F0}" = protocol=17 | dir=in | app=d:\far cry 2\bin\fc2editor.exe | 
"{4982D4B2-DB87-485B-831D-7D12F5D6BE21}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{4B8AFF84-CEB1-42B6-83C0-700E4D0129D6}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | 
"{4D39F704-DED6-4736-9DB8-894C8DC2271D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4EEC5371-F593-469A-8254-7203E4A4198F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{4F4DE206-AD56-4A85-9239-536212E248CB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dawn of war 2\dow2.exe | 
"{536CCE94-0911-42D3-8230-867CF9EF8E1D}" = protocol=17 | dir=in | app=f:\libneap.dll | 
"{556C08DC-BFDA-4CB7-A428-A5FCC5AD4B27}" = protocol=6 | dir=in | app=d:\call of duty 5 world at war\codwaw.exe | 
"{55CA9118-79BD-44B7-9D12-EA1D6D407E36}" = protocol=17 | dir=in | app=d:\gta iv\rockstar games social club\rgsclauncher.exe | 
"{5724CF4B-B631-428B-9912-4D57E7437B17}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{57DB125C-7429-48CD-8C71-5C62C1C62E68}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{5CD77B3C-B264-4D54-BACC-2404DF959540}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{60B7C901-2328-4A36-ABB6-590F4152C0D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{610FE03B-E93C-47FF-8411-F5325B518BAC}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe | 
"{61DC26FA-854A-4B55-B317-269E81E42095}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{62B6CBA0-13B6-4332-9B76-6FC9D287A9F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{64C3E8EB-74C1-4B4A-A626-ECF2EC88CE35}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | 
"{6836F22A-A650-41F0-B309-5C243C0ACF6C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{69300C9F-FB94-437F-8325-F1D33AA239E9}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | 
"{6A5988FF-D3F5-43BA-897A-2CBCDC9D65CB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{6E8686FB-EEFC-4A81-B905-E25356C6E25F}" = protocol=6 | dir=in | app=d:\itunes\itunes.exe | 
"{7043B60B-FDD9-46CA-9286-9D6464359AFA}" = protocol=17 | dir=in | app=d:\far cry 2\bin\farcry2.exe | 
"{704CD558-3AA5-443F-B573-C3CC46B4653E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{70564204-5C2B-4722-9CCD-0E6AA0901DD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{71989C70-CE24-4303-AD18-5E904EF6C703}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{72D2972E-DD70-4F6A-8D2D-2C2EA26E5ED8}" = protocol=6 | dir=in | app=d:\ein quantum trost\jb_liveengine_s.exe | 
"{732D98B5-658B-45BD-BDE2-65345664786E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{7594D2BD-736A-4A81-B5A8-84E9D4D3318D}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe | 
"{7632999A-7EC2-4CF7-8203-AE68F5230E85}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | 
"{779D1631-DBFB-411A-85E8-E5B0A5790724}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe | 
"{781C2052-321E-481A-B6D7-8578ED79F48F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{79908454-FCC9-4D02-8290-CC78382A7C25}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{7C82D757-9C61-4883-B588-DB19D1767B84}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 
"{7F99041F-5832-452D-B39A-35DEB85B575E}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | 
"{80CA228D-5FD3-4458-8106-141F1D762B38}" = protocol=17 | dir=in | app=d:\call of duty 4 modern warfare\iw3mp.exe | 
"{8508037C-ABA3-478C-8EE9-FDDDD52358F0}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{854B91A2-3F31-45F0-A3C1-B3DB9481AD6F}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe | 
"{8596C4CE-F084-43B1-9368-C7FD9FD7E9CC}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | 
"{86F0B8FD-47C6-4C83-BE6C-4470EDB7E190}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{8717589A-BCCB-4DB1-B19B-686E58D816EC}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{8D7511F1-63C4-4C08-BBD2-701229850AD6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | 
"{8E49CC00-0B1B-40CB-B2AC-218127121AF7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{8EB87AFF-A2E6-405A-BEF3-71E0BC54AA38}" = protocol=6 | dir=in | app=d:\far cry 2\bin\fc2launcher.exe | 
"{90817642-E5C1-4225-BC7D-94DBC69EC6A2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{90CDEEF9-05AD-4A80-A585-6541B3DD8436}" = protocol=17 | dir=in | app=d:\sacred 2 fallen angel\system\sacred2.exe | 
"{9333852D-341C-445E-9A4A-D9D87080F235}" = protocol=6 | dir=in | app=d:\gta iv\rockstar games social club\rgsclauncher.exe | 
"{9429A128-8A7D-44AD-91DB-98660C580190}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B6C04F6-7104-4921-B15E-26BE48C124AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9F0D1376-B123-4E47-9156-D9F7E7094CD4}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | 
"{9F58E589-D9C6-4954-B465-5D12CA1BE021}" = protocol=6 | dir=in | app=d:\sacred 2 fallen angel\system\sacred2.exe | 
"{A0F39B49-AC13-4FCD-90FB-ECFDFF349C49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A0FAD3A6-2A72-4F76-A7B8-25C2C0C4CC9C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dawn of war 2\dow2.exe | 
"{A81F2463-21F2-4257-88BA-4061426E374A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | 
"{AE3F4D98-2511-4486-9DDA-0EBE51D81DE0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{AFFA9177-F4A7-4204-A2B9-D05FF4C98505}" = protocol=6 | dir=in | app=d:\far cry 2\bin\fc2editor.exe | 
"{B1414B4C-27C9-4031-88DE-AB193B59D963}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{B2940878-D770-4DE1-89A2-D21254699CE9}" = protocol=6 | dir=in | app=d:\call of duty 5 world at war\codwawmp.exe | 
"{B2E07B66-652C-495F-8183-B9EDC7FBDEB1}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{B4BEC0BE-912B-444C-9A7E-BFA1B0D0B9E2}" = protocol=6 | dir=in | app=d:\call of duty 4 modern warfare\iw3mp.exe | 
"{BA9580E8-A2D9-4332-A278-58E0186E09D5}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | 
"{C0167C73-06A6-4B1F-9968-0E1BC76D1876}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{C0FB55F1-F475-4E83-A316-6AB99E85006C}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | 
"{C7A2B4E3-873E-41A8-B952-1AAB3B705E83}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | 
"{CC8F1DA4-9A50-4F91-B095-D18787D5B7E7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{CEA6B1A3-2B7B-4928-BBA9-6D69DA314636}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{D5B2D380-F5BF-457A-BDE5-68BA9E439194}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D98861E1-7A13-4FFE-B4EC-F1E0CE8D184A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{DB77520B-3808-4915-906D-0F9C90987BA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DD3CCF32-645E-4C02-838A-3BF7010EE102}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{DDB11C1A-2848-4F03-A18C-1A56FC8AD13D}" = protocol=6 | dir=in | app=d:\far cry 2\bin\farcry2.exe | 
"{DE42ADBB-3A32-4807-AF2B-8CA39C860966}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | 
"{E14E1F54-E9E0-4E53-8142-AD79EF21FDB1}" = protocol=17 | dir=in | app=d:\call of duty 5 world at war\codwaw.exe | 
"{E1C9D9CB-0270-4651-B029-ED95774A7AFA}" = protocol=6 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | 
"{E1ECC78B-292B-41AC-A174-384A90CEDF3B}" = protocol=17 | dir=in | app=d:\far cry 2\bin\fc2launcher.exe | 
"{E38424D5-D701-42EF-B320-4998F55025B4}" = protocol=17 | dir=in | app=d:\itunes\itunes.exe | 
"{E534AAE7-7FF9-457E-9B73-71CF5947D3EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E6F59923-B8B2-4817-8B1F-31DB6A983562}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | 
"{EA967A30-750F-4C84-BA0E-82F8694E0EF5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{EB7055D9-760A-4317-B3D5-2C9475F2B6F3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{F44854D7-A1CB-4440-AA0A-E04B541761C6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FBE81F06-5BAA-4C65-BA8F-B642CC859389}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"TCP Query User{03E3861B-F962-440E-8E88-6BA536323058}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{0874E1F4-26D9-4752-84AD-951B464FC98D}C:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe" = protocol=6 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe | 
"TCP Query User{217FDE4A-F4E0-4045-A7FA-8A8381565607}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{2C7BE825-1B65-4C51-A296-B4FD673B44C9}C:\program files\microsoft games\halo\halo.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo\halo.exe | 
"TCP Query User{2E17C6C2-8352-4353-8454-FE15B1FEE515}C:\program files\play2p\play2p.exe" = protocol=6 | dir=in | app=c:\program files\play2p\play2p.exe | 
"TCP Query User{37DD6645-000C-4708-B069-DB01DB0EEB41}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"TCP Query User{4267349C-774B-4D47-9FD2-6558B5EE8BF8}C:\program files\gamespy\comrade\comrade.exe" = protocol=6 | dir=in | app=c:\program files\gamespy\comrade\comrade.exe | 
"TCP Query User{42DF938A-CF0C-438C-A362-634396FF8051}C:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe" = protocol=6 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe | 
"TCP Query User{5C6AED03-1B82-42A8-8224-243635EC084B}D:\scarface the world is yours\scarface.exe" = protocol=6 | dir=in | app=d:\scarface the world is yours\scarface.exe | 
"TCP Query User{74AD3098-3167-4BE1-86E5-24A4BBB9E648}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | 
"TCP Query User{7BD3215A-9F27-4941-97BD-499C09310BA5}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=6 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | 
"TCP Query User{7DADD748-8E97-4487-9800-B8D517874D50}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | 
"TCP Query User{7E297E55-C48A-41C8-833B-B81AD315FAD8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{A1B7D707-DE51-4C51-881A-82C4B49187B6}C:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe" = protocol=6 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe | 
"TCP Query User{B970A3F9-622A-49F7-968F-3760AAF37940}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"TCP Query User{C5156FE1-21DF-411A-947A-44084C3A48A3}D:\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=d:\tmunitedforever\tmforever.exe | 
"TCP Query User{C52DD437-B752-4760-8B91-33EB374C817C}C:\users\ XXX \program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | 
"TCP Query User{C67BB4D0-695A-45F4-BC7D-B396AAA62299}C:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"TCP Query User{CA65D444-21B9-46C9-BD04-74D46E77B3AA}D:\quake 4\quake4.exe" = protocol=6 | dir=in | app=d:\quake 4\quake4.exe | 
"TCP Query User{CC3C5014-4EA0-4A90-99E7-DB861B0E7498}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=6 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | 
"TCP Query User{CCD597C4-0FE6-42C9-AA9E-2F7F537DF81F}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | 
"TCP Query User{CECF4D29-394F-4932-8C21-CADF01D73F9D}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | 
"TCP Query User{D1EDDF6D-67B9-4DC8-BD9F-482EAE539971}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=6 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | 
"TCP Query User{D4DB6749-39D1-44F2-91C2-8F45E2036D97}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=6 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | 
"TCP Query User{DD8D52DC-2554-47A7-B4AA-5D20C5E4BAE4}D:\sacred 2 fallen angel\system\s2gs.exe" = protocol=6 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | 
"TCP Query User{DE393865-45DF-4030-9C02-AD5E638B5452}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{ED1A8E11-D6BD-4482-8FF0-47706E1CA1CA}C:\users\ XXX \program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | 
"UDP Query User{1C0C575A-37A6-479F-ABC5-A7D7DA3BE17E}C:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe" = protocol=17 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex02.465\volley.exe | 
"UDP Query User{2BF6B83D-E284-436C-A64C-7598B1F9FCAD}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | 
"UDP Query User{3AE8CC50-F226-4271-87EF-7224824D1652}D:\quake 4\quake4.exe" = protocol=17 | dir=in | app=d:\quake 4\quake4.exe | 
"UDP Query User{3D00D305-3C76-4B9D-9C23-2D6070E9EA59}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{3EC9ACE9-564A-4E75-A97D-893C0020C24B}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | 
"UDP Query User{42BFC1B4-5CD8-42EF-A823-83805C15BEAC}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | 
"UDP Query User{5AAB30CE-2529-412E-9899-89E1BA4E60CA}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=17 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | 
"UDP Query User{64FF5A5B-0496-4211-A954-7E5236B7C801}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=17 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | 
"UDP Query User{6A7E8A99-F480-4B1C-A06F-556775E6F205}C:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe" = protocol=17 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex00.966\volley.exe | 
"UDP Query User{72016DAD-8BD6-4236-88D3-108C7FF9082D}D:\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=d:\tmunitedforever\tmforever.exe | 
"UDP Query User{77B4AF73-4F91-4D23-987E-5F226EC8536B}D:\brothers in arms hell's highway\binaries\biahh.exe" = protocol=17 | dir=in | app=d:\brothers in arms hell's highway\binaries\biahh.exe | 
"UDP Query User{8317CE32-A827-49B3-98A7-AD9BCEF255B7}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{895E7EB1-F198-42BE-B4D6-8B3865896831}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{89A116FA-5105-4C67-8AC9-F5ADAF857467}C:\program files\microsoft games\halo\halo.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo\halo.exe | 
"UDP Query User{8ACF02F4-DBCB-41FA-BDAD-09FD522E19D2}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"UDP Query User{953C7C75-C102-4374-AAF9-2D1251501C01}D:\scarface the world is yours\scarface.exe" = protocol=17 | dir=in | app=d:\scarface the world is yours\scarface.exe | 
"UDP Query User{9663DB0E-2C41-4611-B6D2-97192C5ECC52}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{A2915EDC-76B5-4C3A-A4D4-A45603637C6A}C:\program files\gamespy\comrade\comrade.exe" = protocol=17 | dir=in | app=c:\program files\gamespy\comrade\comrade.exe | 
"UDP Query User{A30712C1-1698-4D15-9EE6-A113A968F1E6}C:\users\ XXX \program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | 
"UDP Query User{A912767B-3132-4D2B-88E0-82E25A4CE0D0}C:\program files\play2p\play2p.exe" = protocol=17 | dir=in | app=c:\program files\play2p\play2p.exe | 
"UDP Query User{B1745D82-C061-4F19-BCD5-F6B7442C0255}C:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe" = protocol=17 | dir=in | app=c:\users\ XXX\appdata\local\temp\rar$ex05.530\volley.exe | 
"UDP Query User{C57E25C9-67B9-40D3-9BA5-CBD11E7376AD}C:\program files\bethesda softworks\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\bethesda softworks\fallout 3\fallout3.exe | 
"UDP Query User{C9DD63EB-B0B6-4AA3-A006-D57EBA0819BF}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{DAE125B3-2A92-4290-8D30-22FC8C80286C}C:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"UDP Query User{DD1ECB11-F4AC-4C0C-9215-E43271C6A7C1}D:\parabellum beta\binaries\parabellumthegame.exe" = protocol=17 | dir=in | app=d:\parabellum beta\binaries\parabellumthegame.exe | 
"UDP Query User{E9FBBC1C-7DEC-4EF6-BB7D-2DAA84F9D192}D:\sacred 2 fallen angel\system\s2gs.exe" = protocol=17 | dir=in | app=d:\sacred 2 fallen angel\system\s2gs.exe | 
"UDP Query User{EF35813F-E983-4A20-8097-5DAF6F98C26B}C:\users\ XXX \program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ XXX \program files\dna\btdna.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
"{067FFF2F-0F1C-43DB-827B-F9BC4735F1BC}" = D2500
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = Die Sims™ 2 Super Deluxe
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{35095169-C59A-4571-A361-2117E04B7AFD}" = DJ_SF_03_D2500_ProductContext
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E5721E5-BA31-46AD-8B35-065924D38E91}" = D2500_Help
"{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A7AE408-7846-4D13-81F7-D4447A994DBA}" = Calendar
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{59C6EFB0-7A6F-4FC2-98C5-31A9DB93014A}" = DJ_SF_03_D2500_Software
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7085845F-CCD0-411B-BE24-CD49A870870B}" = ArcSoft Print Creations
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{71310D9B-7555-44FE-914C-A1B55CB7BC5D}" = Scrapbook
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7236B969-6A18-42DD-ADE4-BBA2604F34C8}" = DJ_SF_03_D2500_Software_Min
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7641710F-A4AD-4EAE-889C-4958BE3F169C}" = C4580
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91C82FED-477B-4AF1-88FB-F967BB0D7F10}" = Winbond CIR Device Drivers
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Societies
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8.3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - ScrapBook
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D10AB8DE-0ED1-4152-A247-FB89CF1435D5}" = HP Deskjet D2500 Printer Driver Software 11.0 Rel .3
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D23E2520-0EAA-4AC3-A47E-A551C70D4FED}" = C4580_Help
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DBFFA3C5-1169-4235-85C3-1CDDB92F82FE}" = Quake Live Mozilla Plugin
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Blood Omen 2" = Blood Omen 2
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Diablo II" = Diablo II
"EA Download Manager" = EA Download Manager
"Free Studio_is1" = Free Studio version 4.1
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"Halo" = Microsoft Halo
"Hitman - Codename 47" = Hitman - Codename 47
"Hitman: Contracts" = Hitman: Contracts
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"IsoBuster_is1" = IsoBuster 2.8
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"PhotoFiltre" = PhotoFiltre
"Picasa 3" = Picasa 3
"PremElem70" = Adobe Premiere Elements 7.0
"PremElem70Templates" = Adobe Premiere Elements 7.0 Templates
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"Steam App 220" = Half-Life 2
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TastaTour" = TastaTour
"Tastaturschreiben" = Tastaturschreiben
"TmNationsForever_is1" = TmNationsForever
"Uninstall_is1" = Uninstall 1.0.0.1
"WinRAR archiver" = WinRAR
"Zattoo" = Zattoo 3.3.4 Beta
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Diablo II" = Diablo II
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2010 05:13:19 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description = 
  
Error - 02.07.2010 06:13:21 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description = 
  
Error - 02.07.2010 07:13:17 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 08:13:07 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 09:13:17 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 10:13:20 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 11:13:17 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 12:13:47 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 13:14:16 | Computer Name = XXX -PC | Source = Google Update | ID = 20
Description =  
 
Error - 02.07.2010 13:36:30 | Computer Name = XXX -PC | Source = WinMgmt | ID = 10
Description =  
 
[ OSession Events ]
Error - 02.12.2008 08:26:05 | Computer Name = XXX -PC | Source = Microsoft Office 12 Sessions | ID = 7001 
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 77 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 02.12.2008 08:27:20 | Computer Name = XXX -PC | Source = Microsoft Office 12 Sessions | ID = 7001 
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 70 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 02.12.2008 08:28:00 | Computer Name = XXX -PC | Source = Microsoft Office 12 Sessions | ID = 7001 
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 04.07.2010 14:05:26 | Computer Name = XXX -PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse
 0017C441022E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
 eine DHCPNACK-Meldung gesendet).
 
Error - 04.07.2010 14:05:39 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7000 
Description = 
 
Error - 04.07.2010 14:07:15 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 04.07.2010 14:10:25 | Computer Name = XXX -PC | Source = DCOM | ID = 10010
Description =  
 
Error - 04.07.2010 14:21:47 | Computer Name = XXX -PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 
Description = 
 
Error - 04.07.2010 14:22:03 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 04.07.2010 14:23:38 | Computer Name = XXX -PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 05.07.2010 02:57:31 | Computer Name = XXX -PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 05.07.2010 02:57:57 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 05.07.2010 02:59:43 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7022
Description = 
 
[ TuneUp Events ]
Error - 21.02.2009 08:58:38 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840
Description = 
 
Error - 19.03.2009 11:32:42 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840
Description = 
 
Error - 19.03.2009 12:47:42 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840
Description = 
 
Error - 20.03.2009 07:14:41 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840
Description = 
 
Error - 20.03.2009 11:23:03 | Computer Name = XXX-PC | Source = TuneUp Program Statistics | ID = 131840
Description = 
 
 
< End of report >
         
--- --- ---

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/06/2010 at 05:09 PM

Application Version : 4.40.1002

Core Rules Database Version : 5160
Trace Rules Database Version: 2972

Scan type : Complete Scan
Total Scan Time : 01:47:29

Memory items scanned : 783
Memory threats detected : 0
Registry items scanned : 9884
Registry threats detected : 0
File items scanned : 32578
File threats detected : 55

Adware.Tracking Cookie
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@cgm.adbureau[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@maxis.112.2o7[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@adtech[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@ad.zanox[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@eaeacom.112.2o7[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@atdmt[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@apmebf[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@youporn[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[8].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@adfarm1.adition[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@bs.serving-sys[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@tradedoubler[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@serving-sys[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@msnportal.112.2o7[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@mediaplex[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@popularscreensavers[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@doubleclick[1].txt
bc.youporn.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
cdn1.eyewonder.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
content.oddcast.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
crackle.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
de.pornhub.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
googleads.g.doubleclick.net [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
imagesrv.adition.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
m1.emea.2mdn.net [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
media.ign.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
media.jambocast.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
media01.kyte.tv [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
stat.radioblogclub.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
vfsexb.gmx.net [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
www.naiadsystems.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
www.pornhub.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
www.ziporn.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
wwwstatic.megaporn.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL7WMXV8 ]
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[7].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[6].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[3].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\XXX@media.warrock[4].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@accounts.hellgatelondon[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@bs.serving-sys[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@doubleclick[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@eaeacom.112.2o7[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@maxis.112.2o7[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@serving-sys[2].txt

Adware.Flash Tracking Cookie
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\BC.YOUPORN.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\WWWSTATIC.MEGAPORN.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\MEDIA.IGN.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\CRACKLE.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\STAT.RADIOBLOGCLUB.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\CDN1.EYEWONDER.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\M1.EMEA.2MDN.NET
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\IMAGESRV.ADITION.COM
C:\Users\XXX\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VL7WMXV8\CONTENT.ODDCAST.COM
__________________


Antwort

Themen zu Laptop plötzlich sehr langsam
0x00000001, alternate, antivir, antivir guard, autorun, avgntflt.sys, avira, bho, cdburnerxp, components, corp./icp, desktop, error, excel, firefox, format, google, gupdate, home premium, internet, internet explorer, intranet, langsam, launch, local\temp, location, malwarebytes' anti-malware, microsoft office word, mozilla, mozilla thunderbird, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, popup, problem, programdata, realtek, registry, rundll, searchplugins, sehr langsam, senden, software, sptd.sys, system, vista, windows



Ähnliche Themen: Laptop plötzlich sehr langsam


  1. Computer plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 28.10.2015 (10)
  2. Pc plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 10.04.2015 (14)
  3. Win 8.1 : Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 09.01.2015 (12)
  4. Internet und PC plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (11)
  5. Laptop sehr langsam / sehr wahrscheinlich verseucht / Anti Viren Programme updaten nicht mehr
    Log-Analyse und Auswertung - 05.02.2013 (9)
  6. Computer plötzlich sehr langsam
    Log-Analyse und Auswertung - 05.02.2012 (1)
  7. Internetgeschwindigkeit plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 29.01.2012 (6)
  8. Laptop plötzlich sehr langsam, vor allem Video Streams, MBAW meldet broken.opencommand
    Log-Analyse und Auswertung - 24.11.2011 (25)
  9. PC plötzlich sehr, sehr langsam - evtl. neues update Adobe Flashplayer? kein Virus gefunden...
    Log-Analyse und Auswertung - 05.10.2011 (15)
  10. Internet plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 27.06.2011 (7)
  11. computer ist plötzlich sehr langsam
    Log-Analyse und Auswertung - 19.03.2010 (1)
  12. WLAN plötzlich sehr langsam
    Netzwerk und Hardware - 10.11.2009 (3)
  13. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 16.06.2009 (0)
  14. System plötzlich sehr langsam
    Log-Analyse und Auswertung - 06.04.2009 (0)
  15. Laptop plötzlich sehr sehr langsam
    Log-Analyse und Auswertung - 24.09.2008 (1)
  16. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 28.08.2008 (0)
  17. Internet ist plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 19.07.2008 (2)

Zum Thema Laptop plötzlich sehr langsam - Hallo Ich habe seit kurzem ein Problem mit meinem Laptop. Mein Laptop wurde plötzlich sehr langsam und ich habe keine Ahnung warum. Mitlerweile kann ich nicht einmal mehr Solitaire ruckelfrei - Laptop plötzlich sehr langsam...
Archiv
Du betrachtest: Laptop plötzlich sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.