| |
| |||||||
Log-Analyse und Auswertung: Rechner schaltet sich ohne Vorwarnung einfach ausWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
07.04.2011, 00:48
| #1 |
 |  Rechner schaltet sich ohne Vorwarnung einfach aus Heyho ich hoffe man kann mir hier weiter helfen. Ich hab das problem das mein Rechner zu den unterschiedlichsten Zeiten bei den unterschiedlichsten Aktionen, egal ob ich nur im Internet surfe oder Games zocke, einfach aus geht. Sobald ich ihn wieder starte wird mir weder ein Fehler noch irgend etwas anderes angezeigt er funktioniert einwandfrei ohne Probleme bis er wieder aus geht. Manchmal dauert es ein paar Tage, manchmal auch nur ein paar Stunden. Hab Malwarebytes durchlaufen lassen und das kam raus Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6291 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 07.04.2011 01:47:27 mbam-log-2011-04-07 (01-47-27).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 169489 Laufzeit: 2 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\.pox (Rogue.FixTool) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Wo koennte der Fehler liegen? |
|
07.04.2011, 11:48
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Rechner schaltet sich ohne Vorwarnung einfach aus Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
07.04.2011, 12:16
| #3 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus Nein gibt es nicht, hab mir Malwarebytes erst gestern runtergeladen und kurz durch laufen lassen.
__________________ |
|
07.04.2011, 12:20
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner schaltet sich ohne Vorwarnung einfach aus Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.04.2011, 14:22
| #5 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus So ich habs dann auch mal fertig.. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6291 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 07.04.2011 15:11:15 mbam-log-2011-04-07 (15-11-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 408404 Laufzeit: 1 Stunde(n), 4 Minute(n), 34 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Ich hoff ich hab das mit dem zip jetzt richtig hingekriegt |
|
07.04.2011, 14:45
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner schaltet sich ohne Vorwarnung einfach aus Was soll man mit diesen WPS-Dateien anfangen? Wieso kopierst du den Inhalt der für jedes System lesbaren TXT-Formate das extra um?! Das macht doch keinen Sinn!! Poste bitte die Logs OTL.txt und Extras.txt im Orignalzustand ohne Umformatierungsunsinn!! 
__________________ --> Rechner schaltet sich ohne Vorwarnung einfach aus |
|
07.04.2011, 14:59
| #7 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus Huch sry, habs so gemacht wie es in der Erklaerung stand aber gut ich schau mal was sich machen laesstOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 07.04.2011 14:15:07 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Puma\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 460,00 Gb Total Space | 295,12 Gb Free Space | 64,16% Space Free | Partition Type: NTFS
Drive D: | 459,79 Gb Total Space | 459,12 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: PUMA-PC | User Name: Puma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = BF F0 2A 43 3E 1C CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm:Enabled:GameExe2
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm:Enabled:GameExe2
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3950EBEC-5A1B-4B5D-9CE3-516EB4E2BBAE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5FAF56B7-4CCF-4C52-AA64-EF6A23FFFF4E}" = lport=49174 | protocol=6 | dir=in | name=akamai netsession interface |
"{6240CC14-9F3A-4AF2-89F4-19675E7B4B15}" = lport=49173 | protocol=6 | dir=in | name=akamai netsession interface |
"{6A5428A9-E814-4D38-BB32-BBA777D9F1AD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9452B668-8529-48C3-B2AA-F6B293ADDFA4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A571DFAC-5CDF-46B7-A8B7-8FD8CEEF7032}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001A53CA-346D-4459-9D05-3E63412E702D}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{088641C2-EAB6-4E71-ACDC-C49E2AF6F3C0}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{09D13F36-41A6-40FE-B3E7-9E8FDE08F0B3}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{100E2233-9966-411E-A0EF-AB3EEA5CA833}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{16B3D735-D7DC-45F7-83DC-AC4625F7A8B8}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{1C2071A1-9660-4EA8-AACE-15406927B7DB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{1C9FB18B-967D-430C-B169-14D1D93C58E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{20A5EC57-B14E-4A59-99D2-871FA0B1B762}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{22437F08-2996-4975-9EB1-C92F60E0FF91}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{24A76E72-55D5-4D6F-9A6E-FE0DBC7DB23D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{2A3E4533-2074-4213-A516-432BED64F5F7}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{3008E684-4C61-48CA-911E-74F4573AFD93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33793143-B004-4997-BB2A-8AB1C595ADF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{3FCBE840-EE3F-4D0B-87F4-E8DB5B97E1EA}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{413E094F-1BB0-40CC-8C9B-0435A7CE9B2F}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{443EDBB4-3E5B-49A1-8243-E8DADF92854F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{468C76AF-3C19-406E-A135-2D4B0030659F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat |
"{4A2B63C7-5866-4D76-8C34-7B5F0244C57C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4E2A1909-4A3F-4DB8-8BCD-D2CFEDF0FB8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{5333F88A-77DF-4DCE-A29A-F73D802BE100}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{59CD088C-E99C-46A5-A85F-B02B686A9CF7}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{5A1395C5-3374-4E95-AB87-93D0A811BBB1}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{64DA2708-E672-4F66-BFC4-1AE72E62D44F}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{71725025-0AA5-4AFD-AD83-C67DCB177A71}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{81851C5A-4EBA-4FEF-89AF-4B143B436010}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{823ECCDE-DC6C-464D-A1F7-AD8917EEBC49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{83A516F0-1C01-41E9-8059-F77C5CA1616E}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{86E0281D-9A12-48E3-AE14-41EAC4E604B9}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe |
"{94DC8346-82FC-430D-80CD-7733286916E1}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{964BDBA2-E853-4415-92FF-6D48AC1E9C2B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{97822478-F338-4449-88BB-E0B3606E86CD}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{97C4769B-4D7F-4CA2-95DD-C8FC76DE2E74}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{99C6D07D-6BC1-4B5A-8E14-A36229A0B0FA}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{9F89B37B-9723-4FCE-9C5F-111E4C8876B2}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{A18E5735-1D8F-429D-B8B5-A1A38067B50B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{A4306424-9E18-4F88-90AD-AA42557453FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{A6A68AB4-3CFB-4827-AD0A-2BA138A5CCFF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{A7CDF499-DC4C-478E-BEE4-825B195CA79E}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe |
"{A8B526D2-D6EF-46C7-8337-7B810F86ED60}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{A9C21870-24E7-4148-978E-67D0E415478D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{B09F36D6-199C-494B-B763-135E2097BCD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{B481F67E-B4B1-4AB5-8FE4-0D93E9BB8999}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{BA6BCCB7-6BAB-4C5C-88F4-4F93B891DFAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{BAD2C59F-C5F9-41DF-A769-5D58712BF15A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat |
"{C2A1B3D7-B75C-4B57-A045-8951C33615B2}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{C338D435-2B1C-4040-AF21-82D177B373BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C33D5982-21DA-422F-A786-74F79D4D58E6}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{CB2A1D15-711B-40E8-A403-E243D15B5230}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{D017103A-D984-42DA-9BB0-0C986EC79360}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{DC649DC1-89C5-49EA-AE0E-DF7959EF63DA}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{E504C940-8C19-4E86-B448-C2464B06615F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe |
"{E88369D8-33C2-482C-A57C-2D77658152E4}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{EBAE139E-7E48-47E0-9F40-B0B2902E9AE5}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{F258CAEF-A961-425D-B111-90B5D1645D6F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{F5A5CD4B-CD70-4B8A-9FA3-B557704E7195}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{F6DFBF62-2119-44C2-AE06-417D56AEC4F0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FE302A65-A019-49D0-A61E-A3E93FD9B1CA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{FFC4A5B1-BB1B-450A-AD6C-ABFE8BCD1B48}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"TCP Query User{03C1FE6E-AD55-4391-8683-A7FE9AB524E1}C:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=6 | dir=in | app=c:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe |
"TCP Query User{0C9343A6-723A-4ED8-96F5-73B34ECC0FFF}C:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe |
"TCP Query User{265A9198-DC09-413F-8FB2-69E58646DA89}C:\program files (x86)\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\runes of magic\client.exe |
"TCP Query User{348A8338-F280-4BFF-AD81-386D201886F0}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{46ADA9DF-8061-4333-A5A0-8F2AFBDB9C7B}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"TCP Query User{6CE8B1AD-3C79-4BA6-9132-61CC21969264}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{6F29CE30-155E-422E-9056-B27D6451D76F}C:\users\puma\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\puma\program files (x86)\dna\btdna.exe |
"TCP Query User{7977820E-95CC-4BAC-969D-070FF1B76685}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"TCP Query User{79F033C9-91EA-4CEE-BCE0-50A48FBD8AA3}C:\users\puma\downloads\maestia-downloader.exe" = protocol=6 | dir=in | app=c:\users\puma\downloads\maestia-downloader.exe |
"TCP Query User{7A635B04-1BD2-4826-90F2-4E2DABBE8029}C:\program files (x86)\jowood\dievölker\bin\dv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jowood\dievölker\bin\dv.exe |
"TCP Query User{820155AF-01AE-4618-8B28-8AE3AB205FFC}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe |
"TCP Query User{8BE06EBA-8A6D-4806-9A08-26DC132D5396}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"TCP Query User{9083492F-AF5E-4B2B-8143-134D734E544B}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"TCP Query User{9DC88E02-CD32-47CE-B0A8-C0E580B2D961}C:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat |
"TCP Query User{A00097A2-52C8-4858-85DF-9D2EE4D30E61}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe |
"TCP Query User{A00A5755-25BB-4A29-AA31-C9500F95662B}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{A7F3368A-9353-4611-AA4B-2524C6E91F8C}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe |
"TCP Query User{C26FA5AE-5B16-454E-90CE-6561657BAA86}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{C49D9DF4-84D3-4E45-BFA2-DB0235CF01B1}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"TCP Query User{CDC9D6A7-E396-4917-8270-0812A2AB663F}C:\aeriagames\rohan\rohanclient.exe" = protocol=6 | dir=in | app=c:\aeriagames\rohan\rohanclient.exe |
"TCP Query User{CE84D17F-4063-43A2-B611-00251831D0BB}C:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"UDP Query User{008E43FA-DF45-499A-8469-0E76DF02E10A}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe |
"UDP Query User{03B7528B-14C6-452C-BD8A-6C53E3889B53}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{0B8B2A62-14D9-4B41-ACB7-857B64340D9C}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"UDP Query User{0EAAFB7E-BED2-48D1-9ACE-D626D0F6C422}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"UDP Query User{0FCE9B73-46BF-4A28-9501-4DC831DBF412}C:\users\puma\downloads\maestia-downloader.exe" = protocol=17 | dir=in | app=c:\users\puma\downloads\maestia-downloader.exe |
"UDP Query User{15BA46C0-5C5D-4955-95A8-6DAE2056231A}C:\program files (x86)\jowood\dievölker\bin\dv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jowood\dievölker\bin\dv.exe |
"UDP Query User{1C0CABE3-94FF-4CC7-AAB4-9D32CDB59BD9}C:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=17 | dir=in | app=c:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe |
"UDP Query User{1FA029B8-E476-4CA9-B43E-B9AEEDD6CD4D}C:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe |
"UDP Query User{276CECD3-154C-4D1C-8884-7C485F212A9D}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"UDP Query User{31EC0575-326A-4C64-B720-23E0D592E496}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{33CA4478-A3D3-420C-83BB-3F1BEEA68109}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{692D07C6-CA55-42CD-94DF-854ACA10FC80}C:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"UDP Query User{82543FDC-37A3-4161-830E-F584885FB160}C:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat |
"UDP Query User{85F4FBDC-241E-4558-9381-5AFC80DCB342}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe |
"UDP Query User{9B291F56-9AC9-4208-ADCC-892940B52633}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"UDP Query User{9B3E9889-C1C9-4684-83D5-3DAA3E9FC877}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{A2C5C589-094B-4F4B-A13C-B9A7FFB8B27A}C:\aeriagames\rohan\rohanclient.exe" = protocol=17 | dir=in | app=c:\aeriagames\rohan\rohanclient.exe |
"UDP Query User{A853FB7F-9269-40FC-994C-20DCC4082FC9}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe |
"UDP Query User{B156BEA7-3B3F-46C1-BC35-F5660AD1067A}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{F101AD4D-69E7-4C39-A3A9-078765141C4A}C:\users\puma\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\puma\program files (x86)\dna\btdna.exe |
"UDP Query User{FED90EC5-B52C-42B7-8745-61082FE02B12}C:\program files (x86)\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\runes of magic\client.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{86732AE7-CB91-4f15-B091-FBA3D3926CD6}" = HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{A9513BBC-73B4-4856-BF83-0166523ABF09}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023FFB0A-C5DB-4930-B3E4-D48266C21738}" = Der Hobbit
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0915B10F-8597-4FE7-BC4D-EA3E2FDA646A}" = PS_AIO_03_C4400_Software_Min
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{276E3ECB-E9E9-494E-A3F9-173BAD7D9643}" = C4400
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CC59DA1-469B-49A5-9F6B-C4D26990294A}" = PS_AIO_03_C4400_ProductContext
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3FEF2D-0E14-412E-869C-421AB373EE43}" = C4400_Help
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}" = Wildlife Park Gold
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EAFDFA-C563-4B65-B6FA-92F1066E61EC}" = Wonderking
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ACECB7C-5EB2-42B3-A2E1-B91878B6C5D7}" = PS_AIO_03_C4400_Software
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
"AC3Filter_is1" = AC3Filter 1.63b
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"avast" = avast! Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CABAL Online_is1" = CABAL Online
"Cross Fire_is1" = Cross Fire En
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.5
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FRITZ!DSL" = AVM FRITZ!DSL
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{023FFB0A-C5DB-4930-B3E4-D48266C21738}" = DER HOBBIT
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LOCO" = LOCO EU
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MobMap_is1" = MobMap 4.04
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"PhotoScape" = PhotoScape
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Web Player Beta" = Veoh Web Player
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.03.2011 20:15:14 | Computer Name = Puma-PC | Source = Perflib | ID = 1008
Description =
Error - 30.03.2011 20:15:14 | Computer Name = Puma-PC | Source = Perflib | ID = 1005
Description =
Error - 30.03.2011 20:15:14 | Computer Name = Puma-PC | Source = Perflib | ID = 1018
Description =
Error - 30.03.2011 20:15:15 | Computer Name = Puma-PC | Source = Perflib | ID = 1008
Description =
Error - 30.03.2011 20:21:36 | Computer Name = Puma-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Puma\Downloads\SoftonicDownloader_fuer_tuneup-utilities-2011.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 30.03.2011 20:24:28 | Computer Name = Puma-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Puma\Downloads\SoftonicDownloader_fuer_nero-burning-rom.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 30.03.2011 20:24:28 | Computer Name = Puma-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Puma\Downloads\SoftonicDownloader_fuer_tuneup-utilities-2011.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 30.03.2011 20:29:13 | Computer Name = Puma-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung PCMMediaSharing.exe, Version 0.0.0.0, Zeitstempel
0x4663e046, fehlerhaftes Modul PCMMediaSharing.exe, Version 0.0.0.0, Zeitstempel
0x4663e046, Ausnahmecode 0xc0000005, Fehleroffset 0x00007f86, Prozess-ID 0x5c4,
Anwendungsstartzeit 01cbef3aa7026726.
Error - 30.03.2011 20:29:48 | Computer Name = Puma-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.03.2011 20:36:29 | Computer Name = Puma-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService64.exe, Version 10.0.4000.60,
Zeitstempel 0x4d80a995, fehlerhaftes Modul RPCRT4.dll, Version 6.0.6002.18024,
Zeitstempel 0x49f05e53, Ausnahmecode 0xc0000005, Fehleroffset 0x0000000000059360,
Prozess-ID
0xfe4, Anwendungsstartzeit 01cbef3aaee75686.
[ System Events ]
Error - 06.04.2011 07:28:10 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 07:28:10 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 16:58:18 | Computer Name = Puma-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 06.04.2011 um 22:56:24 unerwartet heruntergefahren.
Error - 06.04.2011 17:00:13 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 06.04.2011 17:35:06 | Computer Name = Puma-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 06.04.2011 um 23:34:12 unerwartet heruntergefahren.
Error - 06.04.2011 17:36:50 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 06.04.2011 17:36:59 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.04.2011 18:27:42 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 07.04.2011 07:06:22 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 07.04.2011 07:07:18 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7034
Description =
[ TuneUp Events ]
Error - 30.03.2011 20:58:28 | Computer Name = Puma-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.04.2011 14:15:07 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Puma\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 460,00 Gb Total Space | 295,12 Gb Free Space | 64,16% Space Free | Partition Type: NTFS Drive D: | 459,79 Gb Total Space | 459,12 Gb Free Space | 99,85% Space Free | Partition Type: NTFS Computer Name: PUMA-PC | User Name: Puma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Puma\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Users\Public\Games\World of Warcraft\WoW.exe (Blizzard Entertainment) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Puma\Downloads\OTL.exe (OldTimer Tools) MOD - c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.) MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_a35e6b9.dll () SRV - (0176611302174426mcinstcleanup) McAfee Application Installer Cleanup (0176611302174426) -- C:\Windows\Temp\0176611302174426mcinst.exe (McAfee, Inc.) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (McAfee SiteAdvisor Service) -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SiteAdvisor Service) -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe () SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe () SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe () SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (AVM IGD CTRL Service) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) SRV - (de_serv) -- C:\Program Files (x86)\Common Files\AVM\De_serv.exe (AVM Berlin) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys (LG Electronics Inc.) DRV:64bit: - (USBModem) -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys (LG Electronics Inc.) DRV:64bit: - (usbbus) -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys (LG Electronics Inc.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated) DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated) DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated) DRV:64bit: - (WSVD) -- C:\Windows\SysNative\drivers\WSVD.sys (Wasay) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof () DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Page Not Found, however check out this great site! IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Page Not Found, however check out this great site! IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Sichere Suche" FF - prefs.js..browser.search.selectedEngine: "Sichere Suche" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul" FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: OberonGameHost@OberonGames.com:1.0.5.1462 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.17 23:13:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.04.07 13:19:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.26 20:28:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.26 20:00:41 | 000,000,000 | ---D | M] [2010.06.30 21:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Puma\AppData\Roaming\mozilla\Extensions [2011.04.06 23:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Puma\AppData\Roaming\mozilla\Firefox\Profiles\xbpkww3o.default\extensions [2011.03.27 03:31:39 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Puma\AppData\Roaming\mozilla\Firefox\Profiles\xbpkww3o.default\extensions\engine@conduit.com [2011.03.31 23:06:29 | 000,000,168 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\icqplugin.gif [2011.03.31 23:06:29 | 000,000,618 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\icqplugin.src [2011.04.03 13:37:17 | 000,001,056 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\icqplugin.xml [2010.08.13 14:44:31 | 000,001,379 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\winamp-search.xml [2011.03.26 20:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.08.17 23:13:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.18 13:09:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.04 14:04:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.04 18:24:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.03.04 18:53:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2011.04.07 13:19:55 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR () (No name found) -- C:\USERS\PUMA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XBPKWW3O.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI () (No name found) -- C:\USERS\PUMA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XBPKWW3O.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2010.07.03 02:32:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.04.01 03:09:59 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\McSiteAdvisor.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe () O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe (Egis Incorporated) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe () O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [WMPNSCFG] File not found O4 - Startup: C:\Users\Puma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll () O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Puma\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Puma\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O27:64bit: - HKLM IFEO\eperformance.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\eragent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\esettings.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\eperformance.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\eragent.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\esettings.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\hpwucli.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.07 01:23:28 | 000,000,000 | ---D | C] -- C:\Users\Puma\AppData\Roaming\Malwarebytes [2011.04.07 01:23:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.04.07 01:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.07 01:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.07 01:23:14 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.04.07 01:23:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.03.31 23:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4 [2011.03.31 23:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.4 [2011.03.31 02:26:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.03.31 02:25:06 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011.03.31 02:25:05 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011.03.31 02:25:05 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011.03.31 02:25:05 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011.03.31 02:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011.03.31 02:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011 [2011.03.31 02:24:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2011.03.26 20:12:49 | 000,000,000 | ---D | C] -- C:\Users\Puma\AppData\Local\PackageAware [2011.03.14 01:16:51 | 000,505,176 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2010.06.29 17:34:57 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIMELIBRARY.DLL [2010.06.29 08:01:41 | 000,016,384 | ---- | C] ( ) -- C:\Windows\SysWow64\ClearEvent.exe [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.07 14:07:56 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk [2011.04.07 13:57:52 | 001,474,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.04.07 13:57:52 | 000,638,972 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.04.07 13:57:52 | 000,604,566 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.04.07 13:57:52 | 000,131,012 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.04.07 13:57:52 | 000,107,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.07 13:04:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.07 13:04:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.07 13:04:31 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2011.04.07 01:49:13 | 000,011,354 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\wklnhst.dat [2011.04.07 01:23:18 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.06 22:22:53 | 000,001,038 | ---- | M] () -- C:\Users\Puma\Desktop\DVDVideoSoft Free Studio.lnk [2011.04.06 22:22:41 | 000,001,197 | ---- | M] () -- C:\Users\Puma\Desktop\Free YouTube to MP3 Converter.lnk [2011.04.01 03:20:56 | 000,000,049 | ---- | M] () -- C:\Windows\wekacommon.ini [2011.03.31 13:19:14 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.0.lnk [2011.03.31 02:33:14 | 000,000,693 | ---- | M] () -- C:\Users\Puma\Desktop\WinRAR.lnk [2011.03.31 02:26:42 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.03.31 02:26:42 | 000,001,883 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.03.26 20:28:14 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.03.22 14:06:25 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.03.16 14:15:14 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011.03.16 14:10:40 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011.03.16 14:10:38 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011.03.16 14:10:34 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011.03.16 14:10:30 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011.03.16 13:38:29 | 000,007,052 | ---- | M] () -- C:\Users\Puma\AppData\Local\d3d9caps.dat [2011.03.15 01:35:59 | 000,002,477 | ---- | M] () -- C:\Users\Public\Desktop\Wonderking.lnk [2011.03.14 01:16:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.07 01:23:18 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.06 22:22:41 | 000,001,197 | ---- | C] () -- C:\Users\Puma\Desktop\Free YouTube to MP3 Converter.lnk [2011.04.01 03:20:56 | 000,000,049 | ---- | C] () -- C:\Windows\wekacommon.ini [2011.03.31 02:25:04 | 000,001,895 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011.03.31 02:25:04 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.03.31 02:25:04 | 000,001,883 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.03.26 20:28:14 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.03.26 20:28:14 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.12.13 19:19:09 | 000,000,092 | ---- | C] () -- C:\Users\Puma\AppData\Local\fusioncache.dat [2010.12.13 19:17:53 | 001,502,086 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.06 02:15:12 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.10.19 00:17:09 | 000,023,604 | ---- | C] () -- C:\Users\Puma\AppData\Roaming\UserTile.png [2010.10.18 13:23:23 | 000,001,022 | ---- | C] () -- C:\Windows\eReg.dat [2010.08.28 20:35:58 | 000,000,174 | ---- | C] () -- C:\Windows\DieVölker.ini [2010.08.18 01:20:45 | 000,007,052 | ---- | C] () -- C:\Users\Puma\AppData\Local\d3d9caps.dat [2010.08.18 01:15:53 | 000,078,239 | ---- | C] () -- C:\Windows\hpqins05.dat [2010.08.18 00:52:08 | 000,023,687 | ---- | C] () -- C:\Windows\hpqins15.dat.temp [2010.08.17 23:35:00 | 000,157,487 | ---- | C] () -- C:\Windows\hpoins29.dat.temp [2010.08.17 23:35:00 | 000,000,986 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp [2010.08.09 20:05:24 | 000,003,584 | ---- | C] () -- C:\Users\Puma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.26 13:28:52 | 000,023,325 | ---- | C] () -- C:\Windows\hpqins15.dat [2010.07.06 21:45:15 | 000,188,482 | ---- | C] () -- C:\Windows\hpoins29.dat [2010.07.06 21:45:15 | 000,000,799 | ---- | C] () -- C:\Windows\hpomdl29.dat [2010.07.06 21:14:40 | 000,011,354 | ---- | C] () -- C:\Users\Puma\AppData\Roaming\wklnhst.dat [2010.07.03 12:18:45 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010.07.03 12:18:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010.07.03 12:17:06 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010.07.02 04:08:43 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010.07.01 22:10:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.06.30 21:13:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.29 08:22:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.06.29 08:05:40 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2010.06.29 08:05:40 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2010.06.29 08:01:53 | 000,000,069 | ---- | C] () -- C:\Windows\eAPLauncher.ini [2010.06.29 08:01:41 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\LauncheRyAgentUser.exe [2009.10.26 21:06:06 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2008.08.13 10:05:55 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN4.dll [2008.08.13 08:06:32 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini [2008.08.13 08:06:32 | 000,000,136 | ---- | C] () -- C:\Windows\Alaunch.ini [2008.08.13 00:20:54 | 000,015,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\int15_64.sys [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006.11.02 17:37:05 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll [2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll [2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll [2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2010.10.19 00:16:31 | 000,000,000 | -HSD | M] -- C:\Users\Puma\AppData\Roaming\.# [2008.08.12 23:59:20 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Acer GameZone Console [2011.01.25 01:03:19 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Ashampoo [2010.10.06 13:42:05 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\BlamGames [2011.02.28 15:20:18 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\DeepBurner [2011.03.04 22:43:57 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\DVDVideoSoft [2011.02.25 01:15:13 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers [2010.07.01 02:05:10 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\eSobi [2010.08.10 19:35:41 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\FOG Downloader [2010.08.05 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\FRITZ! [2010.08.13 12:51:42 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\GamesCafe [2010.10.26 23:09:30 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\GetRightToGo [2010.07.23 20:16:55 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Gutscheinmieze [2011.04.05 00:46:22 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\ICQ [2010.09.13 19:58:23 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\IrfanView [2010.07.19 14:24:35 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\LG Electronics [2010.08.11 21:59:31 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2011.02.20 01:04:34 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\MobMapUpdater [2010.08.05 19:06:43 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\OCS [2010.08.05 19:06:45 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Opera [2010.10.19 00:17:09 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\PeerNetworking [2010.08.19 16:25:23 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\PhotoScape [2010.10.06 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\PlayFirst [2010.08.14 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\QIP [2010.07.01 16:30:33 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Raptr [2010.07.01 21:36:31 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\TeamViewer [2010.07.06 21:14:42 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Template [2010.07.01 14:02:32 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\The Hobbit [2011.02.28 15:20:19 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\TS3Client [2011.03.31 03:02:10 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\TuneUp Software [2010.08.17 22:24:09 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Ulead Systems [2010.10.06 13:43:21 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Zylom [2011.04.07 02:55:18 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D1B5B4F1 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FF8F1AE3 @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CE2C623F @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54 < End of report > So besser? Sry bin leider einer der vielen Menschen die so garkeine ahnung von soetwas haben. |
|
07.04.2011, 15:22
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner schaltet sich ohne Vorwarnung einfach aus Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FF8F1AE3
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CE2C623F
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54
[2010.10.19 00:16:31 | 000,000,000 | -HSD | M] -- C:\Users\Puma\AppData\Roaming\.#
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.04.2011, 16:05
| #9 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus Da wurde kein Logfile geöffnet, kann ich das irgend wo finden? |
|
07.04.2011, 18:45
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner schaltet sich ohne Vorwarnung einfach aus Schau in C:\_OTL nach
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.04.2011, 19:24
| #11 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus Da ist niergends ein ordner mit OTL im Namen Geändert von Kadriya (07.04.2011 um 19:32 Uhr) |
|
07.04.2011, 19:36
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner schaltet sich ohne Vorwarnung einfach aus Dann wiederhol den Fix bitte.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.04.2011, 19:49
| #13 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus So nun hab ichs All processes killed ========== OTL ========== ADS C:\ProgramData\TEMP  1B5B4F1 deleted successfully.ADS C:\ProgramData\TEMP:FF8F1AE3 deleted successfully. ADS C:\ProgramData\TEMP:CE2C623F deleted successfully. ADS C:\ProgramData\TEMP:4CF61E54 deleted successfully. C:\Users\Puma\AppData\Roaming\.# folder moved successfully. ========== COMMANDS ========== File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Puma ->Temp folder emptied: 60159286 bytes ->Temporary Internet Files folder emptied: 1226140 bytes ->Java cache emptied: 86064194 bytes ->FireFox cache emptied: 71382691 bytes ->Flash cache emptied: 90392 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2391512 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 2130243527 bytes Total Files Cleaned = 2.243,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04072011_203905 Files\Folders moved on Reboot... File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\uxt68B2.tmp scheduled to be moved on reboot. File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot. File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot. Registry entries deleted on Reboot... |
|
07.04.2011, 19:55
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner schaltet sich ohne Vorwarnung einfach aus Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.04.2011, 20:29
| #15 |
| | Rechner schaltet sich ohne Vorwarnung einfach aus Hier ist es 2011/04/07 21:26:27.0008 4252 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/07 21:26:27.0445 4252 ================================================================================ 2011/04/07 21:26:27.0445 4252 SystemInfo: 2011/04/07 21:26:27.0445 4252 2011/04/07 21:26:27.0445 4252 OS Version: 6.0.6002 ServicePack: 2.0 2011/04/07 21:26:27.0445 4252 Product type: Workstation 2011/04/07 21:26:27.0445 4252 ComputerName: PUMA-PC 2011/04/07 21:26:27.0445 4252 UserName: Puma 2011/04/07 21:26:27.0445 4252 Windows directory: C:\Windows 2011/04/07 21:26:27.0445 4252 System windows directory: C:\Windows 2011/04/07 21:26:27.0445 4252 Running under WOW64 2011/04/07 21:26:27.0445 4252 Processor architecture: Intel x64 2011/04/07 21:26:27.0445 4252 Number of processors: 4 2011/04/07 21:26:27.0445 4252 Page size: 0x1000 2011/04/07 21:26:27.0445 4252 Boot type: Normal boot 2011/04/07 21:26:27.0445 4252 ================================================================================ 2011/04/07 21:26:27.0866 4252 Initialize success 2011/04/07 21:26:36.0711 4284 ================================================================================ 2011/04/07 21:26:36.0711 4284 Scan started 2011/04/07 21:26:36.0711 4284 Mode: Manual; 2011/04/07 21:26:36.0711 4284 ================================================================================ 2011/04/07 21:26:38.0006 4284 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 2011/04/07 21:26:38.0240 4284 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 2011/04/07 21:26:38.0287 4284 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 2011/04/07 21:26:38.0302 4284 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 2011/04/07 21:26:38.0318 4284 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 2011/04/07 21:26:38.0396 4284 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys 2011/04/07 21:26:38.0412 4284 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 2011/04/07 21:26:38.0443 4284 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 2011/04/07 21:26:38.0458 4284 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 2011/04/07 21:26:38.0490 4284 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 2011/04/07 21:26:38.0505 4284 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 2011/04/07 21:26:38.0880 4284 amdkmdag (1147f8816d4ddc9fc43a40df52f40500) C:\Windows\system32\DRIVERS\atipmdag.sys 2011/04/07 21:26:39.0020 4284 amdkmdap (ebc963d8f5b04c98f5ef597aae79cddd) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/04/07 21:26:39.0051 4284 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 2011/04/07 21:26:39.0067 4284 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 2011/04/07 21:26:39.0129 4284 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\Windows\system32\drivers\aswFsBlk.sys 2011/04/07 21:26:39.0145 4284 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\Windows\system32\drivers\aswMonFlt.sys 2011/04/07 21:26:39.0160 4284 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\Windows\system32\drivers\aswRdr.sys 2011/04/07 21:26:39.0207 4284 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\Windows\system32\drivers\aswSnx.sys 2011/04/07 21:26:39.0223 4284 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\Windows\system32\drivers\aswSP.sys 2011/04/07 21:26:39.0254 4284 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\Windows\system32\drivers\aswTdi.sys 2011/04/07 21:26:39.0285 4284 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/07 21:26:39.0316 4284 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 2011/04/07 21:26:39.0332 4284 AtiHdmiService (19aaa5fa3a9804b8722f7b95649fb6c9) C:\Windows\system32\drivers\AtiHdmi.sys 2011/04/07 21:26:39.0394 4284 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 2011/04/07 21:26:39.0426 4284 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/07 21:26:39.0457 4284 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 2011/04/07 21:26:39.0472 4284 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 2011/04/07 21:26:39.0504 4284 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 2011/04/07 21:26:39.0519 4284 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 2011/04/07 21:26:39.0535 4284 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 2011/04/07 21:26:39.0550 4284 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 2011/04/07 21:26:39.0566 4284 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 2011/04/07 21:26:39.0613 4284 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/07 21:26:39.0628 4284 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/07 21:26:39.0660 4284 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 2011/04/07 21:26:39.0691 4284 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 2011/04/07 21:26:39.0722 4284 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 2011/04/07 21:26:39.0738 4284 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 2011/04/07 21:26:39.0753 4284 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 2011/04/07 21:26:39.0800 4284 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys 2011/04/07 21:26:39.0847 4284 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 2011/04/07 21:26:39.0894 4284 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys 2011/04/07 21:26:39.0909 4284 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/04/07 21:26:39.0940 4284 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/04/07 21:26:39.0956 4284 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 2011/04/07 21:26:40.0096 4284 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/07 21:26:40.0159 4284 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 2011/04/07 21:26:40.0190 4284 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 2011/04/07 21:26:40.0237 4284 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 2011/04/07 21:26:40.0268 4284 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 2011/04/07 21:26:40.0330 4284 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 2011/04/07 21:26:40.0362 4284 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 2011/04/07 21:26:40.0377 4284 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/07 21:26:40.0408 4284 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 2011/04/07 21:26:40.0424 4284 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 2011/04/07 21:26:40.0440 4284 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/07 21:26:40.0471 4284 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 2011/04/07 21:26:40.0502 4284 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/07 21:26:40.0518 4284 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 2011/04/07 21:26:40.0549 4284 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/04/07 21:26:40.0580 4284 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 2011/04/07 21:26:40.0611 4284 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 2011/04/07 21:26:40.0658 4284 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/07 21:26:40.0689 4284 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 2011/04/07 21:26:40.0705 4284 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 2011/04/07 21:26:40.0736 4284 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/07 21:26:40.0752 4284 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 2011/04/07 21:26:40.0814 4284 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 2011/04/07 21:26:40.0830 4284 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 2011/04/07 21:26:40.0876 4284 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/07 21:26:40.0908 4284 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 2011/04/07 21:26:40.0923 4284 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 2011/04/07 21:26:41.0001 4284 int15 (91b61589bb2915e81d436efe07548507) C:\Acer\Empowering Technology\eRecovery\int15.sys 2011/04/07 21:26:41.0079 4284 IntcAzAudAddService (2c62599e693372a9221c262b8040e3ac) C:\Windows\system32\drivers\RTKVHD64.sys 2011/04/07 21:26:41.0110 4284 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 2011/04/07 21:26:41.0142 4284 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/07 21:26:41.0173 4284 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/07 21:26:41.0204 4284 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 2011/04/07 21:26:41.0235 4284 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 2011/04/07 21:26:41.0251 4284 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 2011/04/07 21:26:41.0266 4284 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 2011/04/07 21:26:41.0329 4284 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/07 21:26:41.0344 4284 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 2011/04/07 21:26:41.0360 4284 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 2011/04/07 21:26:41.0391 4284 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/07 21:26:41.0407 4284 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/07 21:26:41.0454 4284 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/07 21:26:41.0469 4284 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 2011/04/07 21:26:41.0516 4284 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/07 21:26:41.0547 4284 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 2011/04/07 21:26:41.0563 4284 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 2011/04/07 21:26:41.0578 4284 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 2011/04/07 21:26:41.0594 4284 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 2011/04/07 21:26:41.0625 4284 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 2011/04/07 21:26:41.0656 4284 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 2011/04/07 21:26:41.0703 4284 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 2011/04/07 21:26:41.0719 4284 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/07 21:26:41.0750 4284 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/07 21:26:41.0766 4284 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/07 21:26:41.0781 4284 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 2011/04/07 21:26:41.0797 4284 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 2011/04/07 21:26:41.0828 4284 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/07 21:26:41.0844 4284 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 2011/04/07 21:26:41.0890 4284 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 2011/04/07 21:26:41.0922 4284 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/07 21:26:41.0953 4284 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/07 21:26:41.0968 4284 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/07 21:26:41.0984 4284 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 2011/04/07 21:26:42.0015 4284 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 2011/04/07 21:26:42.0062 4284 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 2011/04/07 21:26:42.0078 4284 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 2011/04/07 21:26:42.0109 4284 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/07 21:26:42.0124 4284 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/07 21:26:42.0140 4284 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 2011/04/07 21:26:42.0187 4284 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 2011/04/07 21:26:42.0218 4284 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/07 21:26:42.0234 4284 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 2011/04/07 21:26:42.0265 4284 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 2011/04/07 21:26:42.0312 4284 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/07 21:26:42.0358 4284 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 2011/04/07 21:26:42.0390 4284 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/07 21:26:42.0405 4284 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/07 21:26:42.0452 4284 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/07 21:26:42.0468 4284 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 2011/04/07 21:26:42.0514 4284 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/07 21:26:42.0546 4284 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/07 21:26:42.0592 4284 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 2011/04/07 21:26:42.0608 4284 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 2011/04/07 21:26:42.0670 4284 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/07 21:26:42.0702 4284 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 2011/04/07 21:26:42.0748 4284 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 2011/04/07 21:26:42.0780 4284 NVENETFD (99ed33f7fe39026a477893d92aea5ef0) C:\Windows\system32\DRIVERS\nvmfdx64.sys 2011/04/07 21:26:42.0826 4284 NVHDA (87a7e98a682b0b20820be781c7758b94) C:\Windows\system32\drivers\nvhda64v.sys 2011/04/07 21:26:43.0045 4284 nvlddmkm (15c9645fbc3ca28bd44eb1ec5418a8fc) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/04/07 21:26:43.0185 4284 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 2011/04/07 21:26:43.0201 4284 nvrd64 (081601b398ded2fbc6ff62ae2042c38a) C:\Windows\system32\drivers\nvrd64.sys 2011/04/07 21:26:43.0216 4284 nvsmu (f6c6d8298dd85507f680437ec2e6899c) C:\Windows\system32\DRIVERS\nvsmu.sys 2011/04/07 21:26:43.0248 4284 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 2011/04/07 21:26:43.0279 4284 nvstor64 (1f27f53013b40565c8bd1d787ea5ec6a) C:\Windows\system32\drivers\nvstor64.sys 2011/04/07 21:26:43.0310 4284 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 2011/04/07 21:26:43.0388 4284 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/07 21:26:43.0419 4284 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 2011/04/07 21:26:43.0450 4284 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 2011/04/07 21:26:43.0466 4284 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 2011/04/07 21:26:43.0497 4284 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys 2011/04/07 21:26:43.0513 4284 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 2011/04/07 21:26:43.0544 4284 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 2011/04/07 21:26:43.0653 4284 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/07 21:26:43.0684 4284 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 2011/04/07 21:26:43.0731 4284 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/07 21:26:43.0747 4284 PSDFilter (e4f35efd9962a3c80365e029e5acbc92) C:\Windows\system32\DRIVERS\psdfilter.sys 2011/04/07 21:26:43.0762 4284 PSDNServ (41031289856ab4c99a49218e6c4e9f46) C:\Windows\system32\DRIVERS\PSDNServ.sys 2011/04/07 21:26:43.0794 4284 psdvdisk (c33fb61864c5096b0bf4b9dbc01bb5a9) C:\Windows\system32\DRIVERS\PSDVdisk.sys 2011/04/07 21:26:43.0825 4284 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 2011/04/07 21:26:43.0872 4284 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 2011/04/07 21:26:43.0918 4284 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/07 21:26:43.0934 4284 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/07 21:26:43.0965 4284 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/07 21:26:43.0996 4284 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/07 21:26:44.0028 4284 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/07 21:26:44.0074 4284 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/07 21:26:44.0090 4284 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/07 21:26:44.0121 4284 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 2011/04/07 21:26:44.0152 4284 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/07 21:26:44.0199 4284 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys 2011/04/07 21:26:44.0246 4284 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/07 21:26:44.0277 4284 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 2011/04/07 21:26:44.0308 4284 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/04/07 21:26:44.0340 4284 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys 2011/04/07 21:26:44.0355 4284 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys 2011/04/07 21:26:44.0386 4284 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 2011/04/07 21:26:44.0418 4284 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 2011/04/07 21:26:44.0433 4284 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 2011/04/07 21:26:44.0449 4284 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 2011/04/07 21:26:44.0480 4284 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 2011/04/07 21:26:44.0496 4284 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 2011/04/07 21:26:44.0527 4284 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 2011/04/07 21:26:44.0574 4284 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 2011/04/07 21:26:44.0605 4284 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 2011/04/07 21:26:44.0667 4284 srv (8cd33a47ca02c79038b669f31f95bdac) C:\Windows\system32\DRIVERS\srv.sys 2011/04/07 21:26:44.0698 4284 srv2 (1bedf533096c56e70f87e3e3ee02caf5) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/07 21:26:44.0714 4284 srvnet (2b8c340f830c465f514d966f7e6a822f) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/07 21:26:44.0745 4284 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/07 21:26:44.0792 4284 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 2011/04/07 21:26:44.0823 4284 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 2011/04/07 21:26:44.0839 4284 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 2011/04/07 21:26:44.0995 4284 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys 2011/04/07 21:26:45.0088 4284 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/07 21:26:45.0135 4284 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/07 21:26:45.0151 4284 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 2011/04/07 21:26:45.0166 4284 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 2011/04/07 21:26:45.0213 4284 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/07 21:26:45.0260 4284 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/07 21:26:45.0322 4284 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/07 21:26:45.0510 4284 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys 2011/04/07 21:26:45.0556 4284 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 2011/04/07 21:26:45.0588 4284 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/07 21:26:45.0619 4284 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 2011/04/07 21:26:45.0650 4284 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/07 21:26:45.0697 4284 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 2011/04/07 21:26:45.0728 4284 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 2011/04/07 21:26:45.0744 4284 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 2011/04/07 21:26:45.0775 4284 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 2011/04/07 21:26:45.0806 4284 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/07 21:26:45.0853 4284 usbbus (58b3891ea8a2396d69d1f52924598bdb) C:\Windows\system32\DRIVERS\lgx64bus.sys 2011/04/07 21:26:45.0884 4284 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/07 21:26:45.0900 4284 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 2011/04/07 21:26:45.0931 4284 UsbDiag (ef3bcebbfdd4d37ec6b6a3d182004b7e) C:\Windows\system32\DRIVERS\lgx64diag.sys 2011/04/07 21:26:46.0040 4284 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/07 21:26:46.0087 4284 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/07 21:26:46.0118 4284 USBModem (dec50411e7aa8da12c8675f36d961f29) C:\Windows\system32\DRIVERS\lgx64modem.sys 2011/04/07 21:26:46.0149 4284 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys 2011/04/07 21:26:46.0165 4284 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/07 21:26:46.0212 4284 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 2011/04/07 21:26:46.0274 4284 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/07 21:26:46.0305 4284 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/07 21:26:46.0336 4284 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/07 21:26:46.0383 4284 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 2011/04/07 21:26:46.0399 4284 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 2011/04/07 21:26:46.0446 4284 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 2011/04/07 21:26:46.0477 4284 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 2011/04/07 21:26:46.0508 4284 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 2011/04/07 21:26:46.0539 4284 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 2011/04/07 21:26:46.0570 4284 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 2011/04/07 21:26:46.0586 4284 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/07 21:26:46.0617 4284 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/07 21:26:46.0648 4284 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 2011/04/07 21:26:46.0695 4284 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/07 21:26:46.0789 4284 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/04/07 21:26:46.0867 4284 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/04/07 21:26:46.0960 4284 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/07 21:26:47.0007 4284 WSVD (339d31047af8bdf960142d88a30d0b29) C:\Windows\system32\drivers\WSVD.sys 2011/04/07 21:26:47.0038 4284 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/07 21:26:47.0272 4284 ================================================================================ 2011/04/07 21:26:47.0272 4284 Scan finished 2011/04/07 21:26:47.0272 4284 ================================================================================ |
|
| Themen zu Rechner schaltet sich ohne Vorwarnung einfach aus |
| anderes, angezeigt, anti-malware, bösartige, dateien, dauert, einfach, explorer, fehler, funktioniert, games, hoffe, interne, internet, malwarebytes, minute, problem, probleme, rechner, schaltet, service, starte, version, zeiten |
Linear-Darstellung
