Huch sry, habs so gemacht wie es in der Erklaerung stand aber gut ich schau mal was sich machen laesstOTL Logfile: Code:
OTL Extras logfile created on: 07.04.2011 14:15:07 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Puma\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 460,00 Gb Total Space | 295,12 Gb Free Space | 64,16% Space Free | Partition Type: NTFS
Drive D: | 459,79 Gb Total Space | 459,12 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: PUMA-PC | User Name: Puma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = BF F0 2A 43 3E 1C CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm:Enabled:GameExe2
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Launcher.atm:Enabled:GameExe2
"C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\Gameforge4D\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3950EBEC-5A1B-4B5D-9CE3-516EB4E2BBAE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5FAF56B7-4CCF-4C52-AA64-EF6A23FFFF4E}" = lport=49174 | protocol=6 | dir=in | name=akamai netsession interface |
"{6240CC14-9F3A-4AF2-89F4-19675E7B4B15}" = lport=49173 | protocol=6 | dir=in | name=akamai netsession interface |
"{6A5428A9-E814-4D38-BB32-BBA777D9F1AD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9452B668-8529-48C3-B2AA-F6B293ADDFA4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A571DFAC-5CDF-46B7-A8B7-8FD8CEEF7032}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001A53CA-346D-4459-9D05-3E63412E702D}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{088641C2-EAB6-4E71-ACDC-C49E2AF6F3C0}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{09D13F36-41A6-40FE-B3E7-9E8FDE08F0B3}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{100E2233-9966-411E-A0EF-AB3EEA5CA833}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{16B3D735-D7DC-45F7-83DC-AC4625F7A8B8}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{1C2071A1-9660-4EA8-AACE-15406927B7DB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{1C9FB18B-967D-430C-B169-14D1D93C58E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{20A5EC57-B14E-4A59-99D2-871FA0B1B762}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{22437F08-2996-4975-9EB1-C92F60E0FF91}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{24A76E72-55D5-4D6F-9A6E-FE0DBC7DB23D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{2A3E4533-2074-4213-A516-432BED64F5F7}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{3008E684-4C61-48CA-911E-74F4573AFD93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33793143-B004-4997-BB2A-8AB1C595ADF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{3FCBE840-EE3F-4D0B-87F4-E8DB5B97E1EA}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{413E094F-1BB0-40CC-8C9B-0435A7CE9B2F}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{443EDBB4-3E5B-49A1-8243-E8DADF92854F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{468C76AF-3C19-406E-A135-2D4B0030659F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat |
"{4A2B63C7-5866-4D76-8C34-7B5F0244C57C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4E2A1909-4A3F-4DB8-8BCD-D2CFEDF0FB8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{5333F88A-77DF-4DCE-A29A-F73D802BE100}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{59CD088C-E99C-46A5-A85F-B02B686A9CF7}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{5A1395C5-3374-4E95-AB87-93D0A811BBB1}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{64DA2708-E672-4F66-BFC4-1AE72E62D44F}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{71725025-0AA5-4AFD-AD83-C67DCB177A71}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{81851C5A-4EBA-4FEF-89AF-4B143B436010}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{823ECCDE-DC6C-464D-A1F7-AD8917EEBC49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{83A516F0-1C01-41E9-8059-F77C5CA1616E}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{86E0281D-9A12-48E3-AE14-41EAC4E604B9}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe |
"{94DC8346-82FC-430D-80CD-7733286916E1}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{964BDBA2-E853-4415-92FF-6D48AC1E9C2B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{97822478-F338-4449-88BB-E0B3606E86CD}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{97C4769B-4D7F-4CA2-95DD-C8FC76DE2E74}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{99C6D07D-6BC1-4B5A-8E14-A36229A0B0FA}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{9F89B37B-9723-4FCE-9C5F-111E4C8876B2}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{A18E5735-1D8F-429D-B8B5-A1A38067B50B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{A4306424-9E18-4F88-90AD-AA42557453FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{A6A68AB4-3CFB-4827-AD0A-2BA138A5CCFF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{A7CDF499-DC4C-478E-BEE4-825B195CA79E}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe |
"{A8B526D2-D6EF-46C7-8337-7B810F86ED60}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{A9C21870-24E7-4148-978E-67D0E415478D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{B09F36D6-199C-494B-B763-135E2097BCD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{B481F67E-B4B1-4AB5-8FE4-0D93E9BB8999}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{BA6BCCB7-6BAB-4C5C-88F4-4F93B891DFAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{BAD2C59F-C5F9-41DF-A769-5D58712BF15A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat |
"{C2A1B3D7-B75C-4B57-A045-8951C33615B2}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{C338D435-2B1C-4040-AF21-82D177B373BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C33D5982-21DA-422F-A786-74F79D4D58E6}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{CB2A1D15-711B-40E8-A403-E243D15B5230}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{D017103A-D984-42DA-9BB0-0C986EC79360}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{DC649DC1-89C5-49EA-AE0E-DF7959EF63DA}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{E504C940-8C19-4E86-B448-C2464B06615F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe |
"{E88369D8-33C2-482C-A57C-2D77658152E4}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{EBAE139E-7E48-47E0-9F40-B0B2902E9AE5}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{F258CAEF-A961-425D-B111-90B5D1645D6F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{F5A5CD4B-CD70-4B8A-9FA3-B557704E7195}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{F6DFBF62-2119-44C2-AE06-417D56AEC4F0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FE302A65-A019-49D0-A61E-A3E93FD9B1CA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{FFC4A5B1-BB1B-450A-AD6C-ABFE8BCD1B48}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"TCP Query User{03C1FE6E-AD55-4391-8683-A7FE9AB524E1}C:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=6 | dir=in | app=c:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe |
"TCP Query User{0C9343A6-723A-4ED8-96F5-73B34ECC0FFF}C:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe |
"TCP Query User{265A9198-DC09-413F-8FB2-69E58646DA89}C:\program files (x86)\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\runes of magic\client.exe |
"TCP Query User{348A8338-F280-4BFF-AD81-386D201886F0}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{46ADA9DF-8061-4333-A5A0-8F2AFBDB9C7B}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"TCP Query User{6CE8B1AD-3C79-4BA6-9132-61CC21969264}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{6F29CE30-155E-422E-9056-B27D6451D76F}C:\users\puma\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\puma\program files (x86)\dna\btdna.exe |
"TCP Query User{7977820E-95CC-4BAC-969D-070FF1B76685}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"TCP Query User{79F033C9-91EA-4CEE-BCE0-50A48FBD8AA3}C:\users\puma\downloads\maestia-downloader.exe" = protocol=6 | dir=in | app=c:\users\puma\downloads\maestia-downloader.exe |
"TCP Query User{7A635B04-1BD2-4826-90F2-4E2DABBE8029}C:\program files (x86)\jowood\dievölker\bin\dv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jowood\dievölker\bin\dv.exe |
"TCP Query User{820155AF-01AE-4618-8B28-8AE3AB205FFC}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe |
"TCP Query User{8BE06EBA-8A6D-4806-9A08-26DC132D5396}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"TCP Query User{9083492F-AF5E-4B2B-8143-134D734E544B}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"TCP Query User{9DC88E02-CD32-47CE-B0A8-C0E580B2D961}C:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat |
"TCP Query User{A00097A2-52C8-4858-85DF-9D2EE4D30E61}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe |
"TCP Query User{A00A5755-25BB-4A29-AA31-C9500F95662B}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{A7F3368A-9353-4611-AA4B-2524C6E91F8C}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe |
"TCP Query User{C26FA5AE-5B16-454E-90CE-6561657BAA86}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{C49D9DF4-84D3-4E45-BFA2-DB0235CF01B1}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"TCP Query User{CDC9D6A7-E396-4917-8270-0812A2AB663F}C:\aeriagames\rohan\rohanclient.exe" = protocol=6 | dir=in | app=c:\aeriagames\rohan\rohanclient.exe |
"TCP Query User{CE84D17F-4063-43A2-B611-00251831D0BB}C:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"UDP Query User{008E43FA-DF45-499A-8469-0E76DF02E10A}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe |
"UDP Query User{03B7528B-14C6-452C-BD8A-6C53E3889B53}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{0B8B2A62-14D9-4B41-ACB7-857B64340D9C}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"UDP Query User{0EAAFB7E-BED2-48D1-9ACE-D626D0F6C422}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"UDP Query User{0FCE9B73-46BF-4A28-9501-4DC831DBF412}C:\users\puma\downloads\maestia-downloader.exe" = protocol=17 | dir=in | app=c:\users\puma\downloads\maestia-downloader.exe |
"UDP Query User{15BA46C0-5C5D-4955-95A8-6DAE2056231A}C:\program files (x86)\jowood\dievölker\bin\dv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jowood\dievölker\bin\dv.exe |
"UDP Query User{1C0CABE3-94FF-4CC7-AAB4-9D32CDB59BD9}C:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=17 | dir=in | app=c:\users\puma\downloads\fogdownloader-rom_3_0_1_2153.exe |
"UDP Query User{1FA029B8-E476-4CA9-B43E-B9AEEDD6CD4D}C:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.001\cf_downloader.exe |
"UDP Query User{276CECD3-154C-4D1C-8884-7C485F212A9D}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"UDP Query User{31EC0575-326A-4C64-B720-23E0D592E496}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{33CA4478-A3D3-420C-83BB-3F1BEEA68109}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{692D07C6-CA55-42CD-94DF-854ACA10FC80}C:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\puma\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"UDP Query User{82543FDC-37A3-4161-830E-F584885FB160}C:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\patchget.dat |
"UDP Query User{85F4FBDC-241E-4558-9381-5AFC80DCB342}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe |
"UDP Query User{9B291F56-9AC9-4208-ADCC-892940B52633}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"UDP Query User{9B3E9889-C1C9-4684-83D5-3DAA3E9FC877}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{A2C5C589-094B-4F4B-A13C-B9A7FFB8B27A}C:\aeriagames\rohan\rohanclient.exe" = protocol=17 | dir=in | app=c:\aeriagames\rohan\rohanclient.exe |
"UDP Query User{A853FB7F-9269-40FC-994C-20DCC4082FC9}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe |
"UDP Query User{B156BEA7-3B3F-46C1-BC35-F5660AD1067A}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{F101AD4D-69E7-4C39-A3A9-078765141C4A}C:\users\puma\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\puma\program files (x86)\dna\btdna.exe |
"UDP Query User{FED90EC5-B52C-42B7-8745-61082FE02B12}C:\program files (x86)\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\runes of magic\client.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{86732AE7-CB91-4f15-B091-FBA3D3926CD6}" = HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{A9513BBC-73B4-4856-BF83-0166523ABF09}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023FFB0A-C5DB-4930-B3E4-D48266C21738}" = Der Hobbit
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0915B10F-8597-4FE7-BC4D-EA3E2FDA646A}" = PS_AIO_03_C4400_Software_Min
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{276E3ECB-E9E9-494E-A3F9-173BAD7D9643}" = C4400
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CC59DA1-469B-49A5-9F6B-C4D26990294A}" = PS_AIO_03_C4400_ProductContext
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3FEF2D-0E14-412E-869C-421AB373EE43}" = C4400_Help
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}" = Wildlife Park Gold
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EAFDFA-C563-4B65-B6FA-92F1066E61EC}" = Wonderking
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ACECB7C-5EB2-42B3-A2E1-B91878B6C5D7}" = PS_AIO_03_C4400_Software
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
"AC3Filter_is1" = AC3Filter 1.63b
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"avast" = avast! Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CABAL Online_is1" = CABAL Online
"Cross Fire_is1" = Cross Fire En
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.5
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FRITZ!DSL" = AVM FRITZ!DSL
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{023FFB0A-C5DB-4930-B3E4-D48266C21738}" = DER HOBBIT
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LOCO" = LOCO EU
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MobMap_is1" = MobMap 4.04
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"PhotoScape" = PhotoScape
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Web Player Beta" = Veoh Web Player
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.03.2011 20:15:14 | Computer Name = Puma-PC | Source = Perflib | ID = 1008
Description =
Error - 30.03.2011 20:15:14 | Computer Name = Puma-PC | Source = Perflib | ID = 1005
Description =
Error - 30.03.2011 20:15:14 | Computer Name = Puma-PC | Source = Perflib | ID = 1018
Description =
Error - 30.03.2011 20:15:15 | Computer Name = Puma-PC | Source = Perflib | ID = 1008
Description =
Error - 30.03.2011 20:21:36 | Computer Name = Puma-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Puma\Downloads\SoftonicDownloader_fuer_tuneup-utilities-2011.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 30.03.2011 20:24:28 | Computer Name = Puma-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Puma\Downloads\SoftonicDownloader_fuer_nero-burning-rom.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 30.03.2011 20:24:28 | Computer Name = Puma-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Puma\Downloads\SoftonicDownloader_fuer_tuneup-utilities-2011.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 30.03.2011 20:29:13 | Computer Name = Puma-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung PCMMediaSharing.exe, Version 0.0.0.0, Zeitstempel
0x4663e046, fehlerhaftes Modul PCMMediaSharing.exe, Version 0.0.0.0, Zeitstempel
0x4663e046, Ausnahmecode 0xc0000005, Fehleroffset 0x00007f86, Prozess-ID 0x5c4,
Anwendungsstartzeit 01cbef3aa7026726.
Error - 30.03.2011 20:29:48 | Computer Name = Puma-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.03.2011 20:36:29 | Computer Name = Puma-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService64.exe, Version 10.0.4000.60,
Zeitstempel 0x4d80a995, fehlerhaftes Modul RPCRT4.dll, Version 6.0.6002.18024,
Zeitstempel 0x49f05e53, Ausnahmecode 0xc0000005, Fehleroffset 0x0000000000059360,
Prozess-ID
0xfe4, Anwendungsstartzeit 01cbef3aaee75686.
[ System Events ]
Error - 06.04.2011 07:28:10 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 07:28:10 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 16:58:18 | Computer Name = Puma-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 06.04.2011 um 22:56:24 unerwartet heruntergefahren.
Error - 06.04.2011 17:00:13 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 06.04.2011 17:35:06 | Computer Name = Puma-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 06.04.2011 um 23:34:12 unerwartet heruntergefahren.
Error - 06.04.2011 17:36:50 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 06.04.2011 17:36:59 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.04.2011 18:27:42 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 07.04.2011 07:06:22 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 07.04.2011 07:07:18 | Computer Name = Puma-PC | Source = Service Control Manager | ID = 7034
Description =
[ TuneUp Events ]
Error - 30.03.2011 20:58:28 | Computer Name = Puma-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 07.04.2011 14:15:07 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Puma\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 460,00 Gb Total Space | 295,12 Gb Free Space | 64,16% Space Free | Partition Type: NTFS
Drive D: | 459,79 Gb Total Space | 459,12 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: PUMA-PC | User Name: Puma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Puma\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Users\Public\Games\World of Warcraft\WoW.exe (Blizzard Entertainment)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
========== Modules (SafeList) ==========
MOD - C:\Users\Puma\Downloads\OTL.exe (OldTimer Tools)
MOD - c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_a35e6b9.dll ()
SRV - (0176611302174426mcinstcleanup) McAfee Application Installer Cleanup (0176611302174426) -- C:\Windows\Temp\0176611302174426mcinst.exe (McAfee, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SiteAdvisor Service) -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (AVM IGD CTRL Service) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
SRV - (de_serv) -- C:\Program Files (x86)\Common Files\AVM\De_serv.exe (AVM Berlin)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV:64bit: - (WSVD) -- C:\Windows\SysNative\drivers\WSVD.sys (Wasay)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Page Not Found, however check out this great site!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Page Not Found, however check out this great site!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.selectedEngine: "Sichere Suche"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: OberonGameHost@OberonGames.com:1.0.5.1462
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.17 23:13:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.04.07 13:19:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.26 20:28:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.26 20:00:41 | 000,000,000 | ---D | M]
[2010.06.30 21:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Puma\AppData\Roaming\mozilla\Extensions
[2011.04.06 23:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Puma\AppData\Roaming\mozilla\Firefox\Profiles\xbpkww3o.default\extensions
[2011.03.27 03:31:39 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Puma\AppData\Roaming\mozilla\Firefox\Profiles\xbpkww3o.default\extensions\engine@conduit.com
[2011.03.31 23:06:29 | 000,000,168 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\icqplugin.gif
[2011.03.31 23:06:29 | 000,000,618 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\icqplugin.src
[2011.04.03 13:37:17 | 000,001,056 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\icqplugin.xml
[2010.08.13 14:44:31 | 000,001,379 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\Mozilla\Firefox\Profiles\xbpkww3o.default\searchplugins\winamp-search.xml
[2011.03.26 20:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.17 23:13:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.18 13:09:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.04 14:04:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.04 18:24:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.04 18:53:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011.04.07 13:19:55 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
() (No name found) -- C:\USERS\PUMA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XBPKWW3O.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
() (No name found) -- C:\USERS\PUMA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XBPKWW3O.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010.07.03 02:32:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.04.01 03:09:59 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] File not found
O4 - Startup: C:\Users\Puma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Puma\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Puma\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O27:64bit: - HKLM IFEO\eperformance.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\eragent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\esettings.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\eperformance.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software)
O27 - HKLM IFEO\eragent.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software)
O27 - HKLM IFEO\esettings.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.07 01:23:28 | 000,000,000 | ---D | C] -- C:\Users\Puma\AppData\Roaming\Malwarebytes
[2011.04.07 01:23:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.04.07 01:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.07 01:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.07 01:23:14 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.04.07 01:23:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.03.31 23:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011.03.31 23:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.4
[2011.03.31 02:26:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.03.31 02:25:06 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.03.31 02:25:05 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.03.31 02:25:05 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.03.31 02:25:05 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.03.31 02:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.03.31 02:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011.03.31 02:24:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.03.26 20:12:49 | 000,000,000 | ---D | C] -- C:\Users\Puma\AppData\Local\PackageAware
[2011.03.14 01:16:51 | 000,505,176 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2010.06.29 17:34:57 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
[2010.06.29 08:01:41 | 000,016,384 | ---- | C] ( ) -- C:\Windows\SysWow64\ClearEvent.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.07 14:07:56 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.04.07 13:57:52 | 001,474,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.07 13:57:52 | 000,638,972 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.07 13:57:52 | 000,604,566 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.07 13:57:52 | 000,131,012 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.07 13:57:52 | 000,107,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.07 13:04:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.07 13:04:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.07 13:04:31 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2011.04.07 01:49:13 | 000,011,354 | ---- | M] () -- C:\Users\Puma\AppData\Roaming\wklnhst.dat
[2011.04.07 01:23:18 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.06 22:22:53 | 000,001,038 | ---- | M] () -- C:\Users\Puma\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.06 22:22:41 | 000,001,197 | ---- | M] () -- C:\Users\Puma\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.01 03:20:56 | 000,000,049 | ---- | M] () -- C:\Windows\wekacommon.ini
[2011.03.31 13:19:14 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.0.lnk
[2011.03.31 02:33:14 | 000,000,693 | ---- | M] () -- C:\Users\Puma\Desktop\WinRAR.lnk
[2011.03.31 02:26:42 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.03.31 02:26:42 | 000,001,883 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011.03.26 20:28:14 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.03.22 14:06:25 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.03.16 14:15:14 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.03.16 14:10:40 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.03.16 14:10:38 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.03.16 14:10:34 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.03.16 14:10:30 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.03.16 13:38:29 | 000,007,052 | ---- | M] () -- C:\Users\Puma\AppData\Local\d3d9caps.dat
[2011.03.15 01:35:59 | 000,002,477 | ---- | M] () -- C:\Users\Public\Desktop\Wonderking.lnk
[2011.03.14 01:16:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.07 01:23:18 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.06 22:22:41 | 000,001,197 | ---- | C] () -- C:\Users\Puma\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.01 03:20:56 | 000,000,049 | ---- | C] () -- C:\Windows\wekacommon.ini
[2011.03.31 02:25:04 | 000,001,895 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.03.31 02:25:04 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.03.31 02:25:04 | 000,001,883 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011.03.26 20:28:14 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.03.26 20:28:14 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.13 19:19:09 | 000,000,092 | ---- | C] () -- C:\Users\Puma\AppData\Local\fusioncache.dat
[2010.12.13 19:17:53 | 001,502,086 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.06 02:15:12 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.10.19 00:17:09 | 000,023,604 | ---- | C] () -- C:\Users\Puma\AppData\Roaming\UserTile.png
[2010.10.18 13:23:23 | 000,001,022 | ---- | C] () -- C:\Windows\eReg.dat
[2010.08.28 20:35:58 | 000,000,174 | ---- | C] () -- C:\Windows\DieVölker.ini
[2010.08.18 01:20:45 | 000,007,052 | ---- | C] () -- C:\Users\Puma\AppData\Local\d3d9caps.dat
[2010.08.18 01:15:53 | 000,078,239 | ---- | C] () -- C:\Windows\hpqins05.dat
[2010.08.18 00:52:08 | 000,023,687 | ---- | C] () -- C:\Windows\hpqins15.dat.temp
[2010.08.17 23:35:00 | 000,157,487 | ---- | C] () -- C:\Windows\hpoins29.dat.temp
[2010.08.17 23:35:00 | 000,000,986 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp
[2010.08.09 20:05:24 | 000,003,584 | ---- | C] () -- C:\Users\Puma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.26 13:28:52 | 000,023,325 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010.07.06 21:45:15 | 000,188,482 | ---- | C] () -- C:\Windows\hpoins29.dat
[2010.07.06 21:45:15 | 000,000,799 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2010.07.06 21:14:40 | 000,011,354 | ---- | C] () -- C:\Users\Puma\AppData\Roaming\wklnhst.dat
[2010.07.03 12:18:45 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010.07.03 12:18:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010.07.03 12:17:06 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010.07.02 04:08:43 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010.07.01 22:10:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.06.30 21:13:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.29 08:22:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.29 08:05:40 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2010.06.29 08:05:40 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2010.06.29 08:01:53 | 000,000,069 | ---- | C] () -- C:\Windows\eAPLauncher.ini
[2010.06.29 08:01:41 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\LauncheRyAgentUser.exe
[2009.10.26 21:06:06 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2008.08.13 10:05:55 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN4.dll
[2008.08.13 08:06:32 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
[2008.08.13 08:06:32 | 000,000,136 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008.08.13 00:20:54 | 000,015,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\int15_64.sys
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 17:37:05 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2010.10.19 00:16:31 | 000,000,000 | -HSD | M] -- C:\Users\Puma\AppData\Roaming\.#
[2008.08.12 23:59:20 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Acer GameZone Console
[2011.01.25 01:03:19 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Ashampoo
[2010.10.06 13:42:05 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\BlamGames
[2011.02.28 15:20:18 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\DeepBurner
[2011.03.04 22:43:57 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\DVDVideoSoft
[2011.02.25 01:15:13 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.01 02:05:10 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\eSobi
[2010.08.10 19:35:41 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\FOG Downloader
[2010.08.05 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\FRITZ!
[2010.08.13 12:51:42 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\GamesCafe
[2010.10.26 23:09:30 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\GetRightToGo
[2010.07.23 20:16:55 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Gutscheinmieze
[2011.04.05 00:46:22 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\ICQ
[2010.09.13 19:58:23 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\IrfanView
[2010.07.19 14:24:35 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\LG Electronics
[2010.08.11 21:59:31 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2011.02.20 01:04:34 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\MobMapUpdater
[2010.08.05 19:06:43 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\OCS
[2010.08.05 19:06:45 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Opera
[2010.10.19 00:17:09 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\PeerNetworking
[2010.08.19 16:25:23 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\PhotoScape
[2010.10.06 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\PlayFirst
[2010.08.14 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\QIP
[2010.07.01 16:30:33 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Raptr
[2010.07.01 21:36:31 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\TeamViewer
[2010.07.06 21:14:42 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Template
[2010.07.01 14:02:32 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\The Hobbit
[2011.02.28 15:20:19 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\TS3Client
[2011.03.31 03:02:10 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\TuneUp Software
[2010.08.17 22:24:09 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Ulead Systems
[2010.10.06 13:43:21 | 000,000,000 | ---D | M] -- C:\Users\Puma\AppData\Roaming\Zylom
[2011.04.07 02:55:18 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FF8F1AE3
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CE2C623F
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54
< End of report > --- --- ---
So besser? Sry bin leider einer der vielen Menschen die so garkeine ahnung von soetwas haben. |