Trojaner-Board - Prozess csrss.exe läuft zwei mal

[Dritter Versuch zu antworten.. Die Nachricht scheint irgendwie zu lang zu sein]
Hallo, adwcleaner hat anscheinend die Apps von meinem Google Chrome gelöscht. Das waren aber alles Programme die ich brauchte. Was genau hat der adwCleaner noch gelöscht? Hier das OTL Log:

Code:

OTL logfile created on: 08.11.2012 15:11:29 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Torben\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,86 Gb Total Physical Memory | 5,76 Gb Available Physical Memory | 73,28% Memory free

15,73 Gb Paging File | 13,35 Gb Available in Paging File | 84,89% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 584,35 Gb Total Space | 186,94 Gb Free Space | 31,99% Space Free | Partition Type: NTFS

 

Computer Name: TORBEN-PC | User Name: Torben | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Torben\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)

PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()

PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG)

PRC - C:\Windows\PLFSetI.exe ()

PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)

PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()

PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll ()

MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()

MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()

MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll ()

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()

MOD - C:\Windows\PLFSetI.exe ()

MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()

MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()

MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)

SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)

SRV - (CLKMSVC10_DB37F995) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe (CyberLink)

SRV - (DevoloNetworkService) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG)

SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)

SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (BioWare)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)

SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)

SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)

SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()

SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)

SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agr64svc.exe (LSI Corporation)

SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)

DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)

DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)

DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)

DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)

DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)

DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)

DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)

DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)

DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (TIEHDUSB) -- C:\Windows\SysNative\drivers\tiehdusb.sys (Texas Instruments)

DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)

DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)

DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)

DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)

DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)

DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Windows (R) Codename Longhorn DDK provider)

DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider)

DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)

DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\nmwcdx64.sys (Nokia)

DRV:64bit: - (nmwcdcmx64) -- C:\Windows\SysNative\drivers\nmwcdcmx64.sys (Nokia)

DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys (OpenLibSys.org)

DRV - (NPF_devolo) -- C:\Windows\SysWOW64\drivers\npf_devolo.sys (CACE Technologies)

DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)

DRV - (Secdrv) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS ()

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\URLSearchHook:  - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Torben\Desktop

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.de/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE370

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{871C1DC4-6C58-4719-B685-77B3E4DE6564}: "URL" = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Torben\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Torben\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 12:48:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 12:48:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.10.31 12:48:32 | 000,000,000 | ---D | M]

 

[2012.10.29 23:24:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torben\AppData\Roaming\mozilla\Firefox\Profiles\956io89w.default\extensions

[2012.10.29 23:24:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torben\AppData\Roaming\mozilla\Firefox\Profiles\956io89w.default\extensions\ich@maltegoetz.de

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\

CHR - Extension: Virtuelle Tastatur = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\

CHR - Extension: Anti-Banner = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Torben\AppData\Roaming\Mozilla\Firefox\Profiles\3awf6g1l.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin64-0.94.dll File not found

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Torben\AppData\Roaming\Mozilla\Firefox\Profiles\3awf6g1l.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.94.dll File not found

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition_Download-Version\TrayServer.exe (MAGIX AG)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [Akamai NetSession Interface] "C:\Users\Torben\AppData\Local\Akamai\netsession_win.exe" File not found

O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found

O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()

O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Free YouTube Download - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()

O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )

O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: sony.com ([]* in Trusted sites)

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FF81FE2-0DF3-44C0-92A4-54D87E4A4F6F}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2A3F480-A982-40E4-807B-D345A657D6DB}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 0

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.11.08 14:10:56 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Roaming\logs

[2012.11.08 14:10:56 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Roaming\.techniclauncher

[2012.11.08 14:10:35 | 000,059,392 | ---- | C] (Technic) -- C:\Users\Torben\Desktop\TechnicLauncher.exe

[2012.11.08 12:11:20 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Torben\Desktop\tdsskiller.exe

[2012.11.08 12:00:10 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Torben\Desktop\aswMBR.exe

[2012.11.07 16:11:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Torben\Desktop\OTL.exe

[2012.11.04 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan

[2012.11.04 18:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager

[2012.11.04 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager

[2012.11.04 18:28:40 | 000,000,000 | ---D | C] -- C:\PCWELT

[2012.11.04 18:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TaskManager

[2012.10.31 20:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Buka

[2012.10.31 20:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buka

[2012.10.28 13:34:01 | 000,000,000 | ---D | C] -- C:\Users\Torben\Desktop\lol

[2012.10.27 20:28:00 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Local\PictureConverter

[2012.10.25 16:23:17 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Local\{427A6921-ACDF-4090-AAF3-2384EFF7A21C}

[2012.10.24 21:01:53 | 000,000,000 | ---D | C] -- C:\Users\Torben\Documents\CraftBukkit

[2012.10.24 17:11:38 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Roaming\.minecraft

[2012.10.21 10:03:03 | 000,000,000 | ---D | C] -- C:\Users\Torben\Desktop\Bitte löschen

[2012.10.19 22:57:35 | 000,000,000 | R--D | C] -- C:\Users\Torben\Desktop\Schule

[2009.11.05 04:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.11.08 15:12:49 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.11.08 15:12:49 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.11.08 15:11:48 | 001,541,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.11.08 15:11:48 | 000,669,706 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.11.08 15:11:48 | 000,629,152 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.11.08 15:11:48 | 000,137,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.11.08 15:11:48 | 000,112,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.11.08 15:05:49 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.11.08 15:04:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.11.08 15:04:40 | 2037,772,287 | -HS- | M] () -- C:\hiberfil.sys

[2012.11.08 14:58:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.11.08 14:57:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146755390-1899032672-475610802-1000UA.job

[2012.11.08 14:48:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.11.08 14:11:01 | 000,579,274 | ---- | M] () -- C:\Users\Torben\AppData\Roaming\technic-launcher.jar

[2012.11.08 14:10:36 | 000,059,392 | ---- | M] (Technic) -- C:\Users\Torben\Desktop\TechnicLauncher.exe

[2012.11.08 13:59:20 | 000,541,569 | ---- | M] () -- C:\Users\Torben\Desktop\adwcleaner.exe

[2012.11.08 13:57:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146755390-1899032672-475610802-1000Core.job

[2012.11.08 12:11:27 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Torben\Desktop\tdsskiller.exe

[2012.11.08 12:00:44 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Torben\Desktop\aswMBR.exe

[2012.11.07 16:11:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Torben\Desktop\OTL.exe

[2012.11.03 16:31:09 | 001,341,859 | ---- | M] () -- C:\Users\Torben\AppData\Local\Tempmusic.ogg

[2012.11.01 20:54:38 | 1131,343,592 | ---- | M] () -- C:\Users\Torben\Desktop\javaw 2012-11-01 20-53-48-34.avi

[2012.10.31 12:48:31 | 000,637,272 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys

[2012.10.28 18:13:22 | 000,047,852 | ---- | M] () -- C:\Users\Torben\AppData\Local\recently-used.xbel

[2012.10.28 16:48:37 | 000,282,312 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2012.10.28 16:48:37 | 000,282,312 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.10.28 16:44:02 | 000,283,312 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2012.10.28 11:38:15 | 000,001,306 | ---- | M] () -- C:\Users\Torben\Desktop\Free YouTube Download.lnk

[2012.10.21 21:03:53 | 006,475,528 | ---- | M] () -- C:\Users\Torben\Desktop\Trololo Sing Along!.mp3

[2012.10.19 18:45:30 | 000,012,598 | ---- | M] () -- C:\Users\Torben\Desktop\Computer.lnk

[2012.10.19 18:43:35 | 000,432,704 | ---- | M] () -- C:\Users\Torben\Desktop\Desktop geil.jpg

[2012.10.13 21:42:07 | 001,071,091 | ---- | M] () -- C:\Users\Torben\Desktop\img004.jpg

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.11.08 14:10:56 | 000,579,274 | ---- | C] () -- C:\Users\Torben\AppData\Roaming\technic-launcher.jar

[2012.11.08 13:59:13 | 000,541,569 | ---- | C] () -- C:\Users\Torben\Desktop\adwcleaner.exe

[2012.11.02 13:13:34 | 001,341,859 | ---- | C] () -- C:\Users\Torben\AppData\Local\Tempmusic.ogg

[2012.11.01 20:53:48 | 1131,343,592 | ---- | C] () -- C:\Users\Torben\Desktop\javaw 2012-11-01 20-53-48-34.avi

[2012.10.28 18:13:22 | 000,047,852 | ---- | C] () -- C:\Users\Torben\AppData\Local\recently-used.xbel

[2012.10.28 11:38:15 | 000,001,306 | ---- | C] () -- C:\Users\Torben\Desktop\Free YouTube Download.lnk

[2012.10.21 21:03:37 | 006,475,528 | ---- | C] () -- C:\Users\Torben\Desktop\Trololo Sing Along!.mp3

[2012.10.19 18:45:13 | 000,012,598 | ---- | C] () -- C:\Users\Torben\Desktop\Computer.lnk

[2012.10.19 18:43:32 | 000,432,704 | ---- | C] () -- C:\Users\Torben\Desktop\Desktop geil.jpg

[2012.10.13 21:42:07 | 001,071,091 | ---- | C] () -- C:\Users\Torben\Desktop\img004.jpg

[2012.08.21 17:37:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2012.07.03 21:43:08 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2012.05.23 17:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll

[2012.05.23 17:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll

[2012.05.23 17:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

[2012.05.23 17:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

[2012.05.08 14:07:36 | 000,282,312 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.05.08 14:07:32 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2012.05.08 14:07:32 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2012.04.18 14:15:09 | 000,007,605 | ---- | C] () -- C:\Users\Torben\AppData\Local\Resmon.ResmonCfg

[2012.03.26 14:20:10 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin

[2012.02.11 19:25:17 | 000,000,680 | RHS- | C] () -- C:\Users\Torben\ntuser.pol

[2012.01.29 17:20:20 | 000,000,382 | ---- | C] () -- C:\Windows\wininit.ini

[2011.12.27 15:33:22 | 000,000,660 | ---- | C] () -- C:\Windows\eReg.dat

[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011.08.20 12:23:40 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2011.08.18 16:53:23 | 000,017,408 | ---- | C] () -- C:\Users\Torben\AppData\Local\WebpageIcons.db

[2011.08.18 16:35:18 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI

[2011.07.07 13:38:24 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll

[2011.04.04 20:18:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010.12.24 23:15:02 | 000,174,768 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2010.08.01 12:41:51 | 000,000,094 | ---- | C] () -- C:\Users\Torben\AppData\Local\fusioncache.dat

[2010.03.30 10:47:12 | 000,038,400 | ---- | C] () -- C:\Users\Torben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.03.20 11:22:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

 
 ========== ZeroAccess Check ==========

 

[2011.08.22 16:00:20 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-4146755390-1899032672-475610802-1000\$RPH3DVD.minecraft\saves\jae1000j's Minecraft Note Block Song World Save (02.21.2011)\World5\n

[2011.08.22 16:00:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-4146755390-1899032672-475610802-1000\$RPH3DVD.minecraft\saves\jae1000j's Minecraft Note Block Song World Save (02.21.2011)\World5\u

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.03.18 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\.minecraft

[2012.03.10 21:29:46 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\AnvSoft

[2012.03.03 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Epson

[2012.03.18 13:32:51 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Orbit

[2012.03.03 21:39:50 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\ProgSense

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885

@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D20FFA63
 

< End of report >

EXTRAS

Code:

OTL Extras logfile created on: 08.11.2012 15:11:29 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Torben\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,86 Gb Total Physical Memory | 5,76 Gb Available Physical Memory | 73,28% Memory free

15,73 Gb Paging File | 13,35 Gb Available in Paging File | 84,89% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 584,35 Gb Total Space | 186,94 Gb Free Space | 31,99% Space Free | Partition Type: NTFS

 

Computer Name: TORBEN-PC | User Name: Torben | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00F81EE5-0306-46DE-BAFC-4BDB1B89EE13}" = lport=6985 | protocol=6 | dir=in | name=league of legends launcher | 

"{0475DCCA-8866-4270-AB1B-1FC2EA36FA97}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | 

"{0494A6FA-28D6-4A26-9D11-02D91C25D678}" = lport=6934 | protocol=17 | dir=in | name=league of legends launcher | 

"{0572FC80-6BE5-4A52-A7EB-C7556488C952}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher | 

"{0711612F-A75F-48D1-869A-BBE7161EBFA6}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | 

"{09920223-DC28-45FA-AEA4-9E0941CAF4ED}" = lport=6982 | protocol=17 | dir=in | name=league of legends launcher | 

"{1086B795-C7F2-431A-B4D4-62DDE35D535C}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{113E79CF-15F6-4D16-9213-AF875C540CFC}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 

"{12D3592D-1330-4C58-BCBD-A14B93B07552}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | 

"{13BC555D-FE27-4F5F-BDDD-B929FF4F1160}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher | 

"{170B4A7B-C450-4EAC-BB03-2DCDC614FC51}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{194EC8A4-8226-4F6D-B4CB-67898F408D05}" = lport=6963 | protocol=6 | dir=in | name=league of legends launcher | 

"{2B3F4259-BE53-408C-98FB-39308247BEC5}" = rport=139 | protocol=6 | dir=out | app=system | 

"{36B94C92-0C9B-4D9E-9E60-A91075C5CD28}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{36E67F46-4C95-45D9-B283-56E24A01F5D5}" = lport=6961 | protocol=6 | dir=in | name=league of legends launcher | 

"{370CA181-7A35-427F-B3A9-B00B2204AF8F}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher | 

"{384C139D-05A9-4A68-BAD3-948BA8AA9E0F}" = lport=6985 | protocol=17 | dir=in | name=league of legends launcher | 

"{3ED93D33-63BB-4536-AC02-38C0200DEDDD}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | 

"{3FD8C513-4C1A-4CBD-81D8-C3C967E24687}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 

"{41CE62D0-0598-428C-9DE3-69F37A438F20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{47FABDB8-15B4-476E-B13C-DBD8CFEC7362}" = lport=6963 | protocol=17 | dir=in | name=league of legends launcher | 

"{4F908997-8EC3-4F4F-ADF4-6BEE12E61983}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher | 

"{5162926A-F190-4749-9F2D-A69757722887}" = lport=6934 | protocol=6 | dir=in | name=league of legends launcher | 

"{51C8AE57-D7C9-4648-AA46-31228DC557FB}" = lport=6982 | protocol=6 | dir=in | name=league of legends launcher | 

"{53ADC085-EDE4-40D4-A324-E7E34D8C99DB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{5530A52D-8056-41A7-A491-3FB43CE46853}" = lport=6911 | protocol=6 | dir=in | name=league of legends launcher | 

"{55F0FF83-A8C0-4E82-B866-97D1C2C13BA1}" = lport=6911 | protocol=17 | dir=in | name=league of legends launcher | 

"{562B6ECF-C5A3-48C1-8F79-E6345D832276}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{56D6CBA2-4681-418C-88CC-FDBA62752F25}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 

"{57C23CE8-4107-4351-A388-D938E7D4F2C7}" = lport=6919 | protocol=6 | dir=in | name=league of legends launcher | 

"{58D8140F-8DFA-4088-AEF5-19FF9607A5CA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{5E3B83A8-EB39-4F9E-AC60-F12F6B642939}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{62BC52A5-EFDB-4A12-9330-F91DBCECD9D8}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | 

"{66891AC5-4B62-49E9-BD0D-083B7850E2ED}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 

"{705399DB-047A-4243-BB6F-7ED0BB63CE07}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{72BAA241-2CBF-4A68-8587-314397B745CA}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | 

"{7368DCFB-163C-47F0-A848-77EB2C9C62EB}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | 

"{75DE4B4F-C827-49EA-9DC5-D34DD4EB8BDF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{798017FD-412F-4852-8566-131EE9B75B23}" = lport=6902 | protocol=17 | dir=in | name=league of legends launcher | 

"{7A748C61-33B6-47EF-B7DB-34BFF34FD2B9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7CF7D652-1331-4148-A48A-743DE38766B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{802652E9-0148-43B0-A02D-EA94508C6D76}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{802C3225-93AF-4A1A-B236-A1EF5059993B}" = rport=445 | protocol=6 | dir=out | app=system | 

"{8086B93C-6BEA-49E7-BFDE-75EFB2DB4370}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | 

"{82EE1501-6465-4830-9375-58077A5CA6DE}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher | 

"{85351885-5208-4108-BC31-7F79A6F6E4CE}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 

"{87C99802-A59F-4717-8E60-B371592D3DCA}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 

"{88E056F2-CD43-4D59-8DBD-39B807C912A9}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher | 

"{8D99A945-9D6F-4F7A-BC76-4D33EED6BFE4}" = lport=6944 | protocol=6 | dir=in | name=league of legends launcher | 

"{8EA00350-1538-4211-A160-ACA75A42C754}" = lport=6961 | protocol=17 | dir=in | name=league of legends launcher | 

"{944F949C-54FD-48A3-8529-A32568972843}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | 

"{9595C365-84EE-449D-999E-C8C9586522D0}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher | 

"{9659F4D8-E026-4427-AD69-BEEA86AAA25E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{9BD0056D-9873-40D7-98AC-116A48ABC305}" = rport=138 | protocol=17 | dir=out | app=system | 

"{A3813B63-B9BC-4FEE-87FE-DB6E9D5C25CC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{A41EB07F-D442-4B08-9846-54E0CD9394BD}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher | 

"{A72BBC25-A4A2-4FE6-BF52-3D63D7C9D782}" = rport=137 | protocol=17 | dir=out | app=system | 

"{A9D9EBE1-6985-4187-8FDE-A0039C487BED}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher | 

"{AFF79188-F52D-4584-B6F7-4DF680505601}" = lport=138 | protocol=17 | dir=in | app=system | 

"{B182A9F4-EE73-4F73-8192-489D7409F49D}" = lport=6983 | protocol=17 | dir=in | name=league of legends launcher | 

"{B1C216F1-2181-40FB-A270-807C785B0C4A}" = lport=6919 | protocol=17 | dir=in | name=league of legends launcher | 

"{B550B3E8-312E-4DF7-984F-0421907A0423}" = lport=139 | protocol=6 | dir=in | app=system | 

"{BC6608AF-F68E-4075-ABB1-8E526E8FEA8D}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | 

"{C253CD20-6D79-441D-81C5-A6952D2C0F4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 

"{C3E03E13-59C3-42DD-AEE1-6D9B47D35579}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{C440D906-F9CF-45CD-AEE0-D850C858F6C3}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{C8DF8069-594C-4C76-9B44-CE64CAC60DC9}" = lport=6902 | protocol=6 | dir=in | name=league of legends launcher | 

"{CF5F1886-61C4-4187-A9F6-26B37E8E2A54}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 

"{D3161E26-F0E5-468F-A4C4-A4096B4187AB}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 

"{D9CADBB0-8C62-49EA-9B10-E3BC088474E8}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 

"{DDBC4981-83AF-4ED6-B5B8-7943CFEFA9F2}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher | 

"{E1C75A9E-933F-4D4A-A356-05EC48E44A24}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 

"{E2758237-3CE1-41FD-A0E9-63F0351ED026}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher | 

"{E2F690AE-A517-4F45-A046-446A7FF9E9A1}" = lport=445 | protocol=6 | dir=in | app=system | 

"{E592BF62-841C-4661-AF3D-510C87B31FAB}" = lport=6944 | protocol=17 | dir=in | name=league of legends launcher | 

"{E62F4F50-2461-40BC-A95C-A333689E6221}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 

"{EBF48773-2BE8-4386-9B9A-40A4725F1D49}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{EE91A145-696F-47D4-AC8B-114562F62441}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 

"{F30BCE3B-38D4-40EE-9972-6A642D149F27}" = lport=137 | protocol=17 | dir=in | app=system | 

"{F31C165D-B12D-4DED-835E-F4ADF0F1A4FD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{F9873599-AB96-4239-AA50-C580CA949F1D}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher | 

"{FF7DD0FA-EE0C-4215-A733-47750901003C}" = lport=6983 | protocol=6 | dir=in | name=league of legends launcher | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{01CE9F62-8F21-477C-8DD9-2F13076C7E89}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe | 

"{0501B4BE-D0B7-4B12-B894-3784D6624047}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{050DFEF8-DE65-4F08-82F7-0EA870CBA7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\launchpad.exe | 

"{05DA680E-D6CD-4A49-820C-320A99B7D5FC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{0795292B-9D03-4C30-A11C-528724910F5C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 

"{0D68B11C-C8A2-4A1A-941A-DD4772E0352B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{104D575B-E16F-4A49-863A-4267E674154A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 

"{1060964F-A81E-45FF-A4DE-D7A49CB5603E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{11E7CF78-0D76-4267-9A7E-93CC8D2FAC19}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 

"{1784E630-BC49-4A9A-AC2F-079BC3FE378E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{1939B3CC-6B20-441F-B449-12EC56F93BFD}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{1ABA5C6B-9016-45E9-8B68-4A55256B6AAC}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 

"{1B89B5F2-EC6B-45E7-B78A-7AF4FB0910E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 

"{1BAAC1FA-50E4-49A0-90BC-1514F4E3B64B}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe | 

"{1C3A1180-6858-4013-9A63-B62B92D4D746}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\launchpad.exe | 

"{1FF7950D-2F60-4BD6-9A92-D5CFE3C5B06A}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe | 

"{242A0055-1DFA-4203-BBEA-793F92395C7C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 

"{24797358-A6A4-495D-94DB-AA5C4F3EA8FC}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 

"{25B65603-FBF5-4A2F-B365-F0A528F63F91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{27ED5A51-9735-4F94-9133-510B27755ABE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{28963599-C5D6-42A9-8BE2-A31E062F8C89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{2BD1C1E5-2200-48FE-BDAD-1A5D9DD2AD75}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | 

"{315B66BC-2C47-48EC-B8EB-46BDBD3C8423}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 

"{31A389AA-F1A4-4767-8B1E-BA40D045172B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{33F1602A-F726-4836-97A9-FE026D119B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | 

"{3497AD8B-B89E-4524-A365-95F7EF7DB961}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat | 

"{36CB8E5B-AA35-4659-A508-F4F1F814AF75}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{3855313D-A5E1-49E2-BEDD-71A6B430D5B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{3C761C60-2383-44AC-8395-4AAA272F1FDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{3D543720-D068-454C-BCCD-691044483A33}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{3D7EFC27-A062-411B-AF94-354E8A6CC057}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat | 

"{40C5AFE2-492E-48A1-A1E9-BE71FE079AE7}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 

"{49E773CE-59CF-4DD7-A1D2-DD52182C263B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 2142 deluxe edition\bf2142.exe | 

"{4A6EDC29-DE54-42EE-8B92-ECEED0D98B2B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{4EFEFDA6-02E6-4F64-A9BF-9215F6AF17F4}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 

"{4F27898D-F96F-48FF-BB99-7C9872F9B3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | 

"{4FE6A47A-7399-4E9C-BCA3-F58E361EAE7E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 

"{52164FC6-CBE3-427F-B4F8-FBF0608386C3}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 

"{57393DA3-FE53-491F-B234-3311699FF39E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{57926FE9-BA39-498D-B4B2-08C44B1CF92A}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe | 

"{597B8CD7-64A4-43C9-8E67-9BB0EF0C2855}" = protocol=17 | dir=in | app=c:\users\torben\appdata\local\temp\dsoclient\dlcache\app.n3app | 

"{597F0474-BA20-41D2-8A62-F5D7F6B83040}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 

"{5A80A6CF-E995-4157-9053-1748062EB420}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | 

"{63133D4D-5CC3-4D37-BEC7-7413B0507FC6}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 

"{64E5E696-2A58-4013-A4CC-90C38AC21EB5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{68789345-4319-4203-99BF-59635931A7AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{6889F153-5516-4764-B227-1C85B3C3E83C}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe | 

"{68BF4AA2-1E6E-4A34-88CA-7A46C502241F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{696549A3-88D7-40A7-8DCD-09846FD82CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 

"{6AC2E378-9AA1-4888-8CD0-715F175400FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 

"{70ED8950-62DE-4D31-9FB6-74C521FA8D23}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | 

"{7161B04F-D5F8-4FC6-AF1F-7C09190DF2DF}" = protocol=6 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 

"{718A8C92-1919-4D51-B86A-D3C85706A491}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{73CD368C-4B76-4447-84B9-AE5114629BE9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{74BF69AA-73E8-48C8-AA70-055B4AF769C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{753BD24F-2EFC-48DF-A379-AFC742AB10CE}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | 

"{7547687C-4451-421B-90C1-F05BACA0A480}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{773C7D17-8012-41A2-B765-00C421BDFD9B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{7854D711-79CB-45B2-B9EC-92C4BF00B5EF}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat | 

"{7DA3E4D5-A551-4F57-8917-DCF7C78026F9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{805A44F7-3CE2-49FE-929A-F8710968D515}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe | 

"{80616713-BDDB-4EF3-B6FF-81D6CE40FCBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 

"{8247C900-2345-4947-B2AB-44A3A0E43EEF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 

"{83D64BC9-0D51-4FF1-AEB2-EE2E9166827E}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 

"{8697C832-640C-4633-AE47-BFFED310FB25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 

"{86EF19E6-E150-4071-A769-0E9A44375BD2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{8AACD64C-F619-440D-A7F3-018241EBD3E3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{8BB0EC09-BE9D-4511-B8A4-888A19F6965F}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 

"{8DFE1010-0A44-40D6-87AF-C793350968B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | 

"{8FFBED1B-8D61-4D08-9D42-C5897D2E21DC}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe | 

"{9277E971-CB42-4908-A5B0-E52EDB4F6310}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | 

"{956030B7-A514-488F-9767-593A03006E22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{9750FD30-92A1-495C-8027-83048CEDE7F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{9DCF6BE8-6473-4AAF-B742-B7BD2A51F62A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{A6F7608A-5CF8-413D-92A9-0A7C25AE1D84}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe | 

"{A9B8B711-5E0C-4EB0-B9C3-15625C1948A4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | 

"{AD55CAC3-AF5E-4C1C-BB4E-B133B1AFFEF0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | 

"{B2656BF4-7156-470F-9361-A844FF651B93}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe | 

"{B30DDDDD-CC9D-45E5-8672-0D7B70E87BAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{B396C143-DDA3-4C72-AB5E-97B7880FF0CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{B605EF6D-1012-4621-905E-9EE7C721BD98}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat | 

"{B779DEB5-DEAC-4613-8F4E-B4F0BAA48F14}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | 

"{BAC55FA5-4DAC-4F38-AC9F-5A036D9E4C19}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{BC4CC9D6-90FF-4EB6-A679-604FF0B0A7E6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{BDB59922-D653-4384-B0E1-CA8FA7EDC2AC}" = protocol=6 | dir=out | app=system | 

"{C1B8ED49-E4B6-4289-852E-A0E2E6310859}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{C5608C48-99B3-49F1-9D31-24EEC0BEAF7E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{C80AB867-A94A-45A1-AF73-C4099C08A10C}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe | 

"{C8CD2CD2-0F58-4A45-AFDB-30EB26737894}" = protocol=17 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 

"{C9488741-7C88-4F78-9565-61F82ECE6690}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | 

"{C9B83DD1-CF06-445B-9903-18091D3A631E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 

"{C9D88F28-B063-464C-8767-89249131CA13}" = protocol=17 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe | 

"{CA0FAEDE-3530-4F8D-BD90-7C9D945FA55E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{CD48E4D2-21DC-4B1C-92F3-BF399FEDA924}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 

"{D21F1DE8-8C88-4158-BB38-E211389EBDB8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{D2E80A6F-84B3-4875-8E87-F38C6A817103}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{D50DE0FA-5629-4990-8342-6F7E471123BE}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{D79E15BC-C53B-43F4-9F36-5504F51973B5}" = protocol=17 | dir=in | app=c:\users\torben\desktop\neuer ordner (3)\crossfire0212downloader.exe | 

"{D7C52228-2583-43FF-A4EC-9876E772AB2F}" = protocol=6 | dir=in | app=c:\users\torben\appdata\local\temp\dsoclient\dlcache\app.n3app | 

"{D88ABBEE-533B-40A2-8D06-47A14780DDE6}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 

"{DA780C7C-45A9-42AB-AEE2-11FFEE60B7A4}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 

"{DCFD0158-AECB-45AE-BCFB-BFE78E3A3237}" = protocol=6 | dir=in | app=c:\users\torben\desktop\neuer ordner (3)\crossfire0212downloader.exe | 

"{DDCEBF27-3A3A-4C46-9C05-5A9CD089924B}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 

"{DF0AFC34-3122-4BB4-88E4-A770A7757978}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe | 

"{E0A51E6D-D0A5-4296-84D4-006A1421CD4E}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{E4844C78-6ADB-44F4-A4E1-193066203B86}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 2142 deluxe edition\bf2142.exe | 

"{E6DC6377-8A18-439B-8566-EC034D5A7736}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | 

"{E9B4BF86-F737-4AC9-982A-C2B0006B091C}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe | 

"{EA713467-DB4B-4E49-BA1B-5B5130E05525}" = protocol=6 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe | 

"{EA9C0D59-0F85-4B08-B035-E71D32EDFDD1}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 

"{EC3EE6EC-212E-490E-A644-0C855D89604B}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe | 

"{EE8C36DF-0DD5-43FC-AAAE-23B234E68AD3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{F00CC597-B528-436E-BAD5-EFF52D34F12E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{F0B159E1-6461-407D-B41D-3774E57C26AE}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 

"{F575D914-635F-4506-94F2-ED0ADBDA9F5B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{FC29932C-C447-49BA-A83A-9C6E90245DEF}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe | 

"{FD1CEC41-06FF-4E57-91CF-A9669A6742BC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{FE224720-8A63-47F3-AA00-B2BE267D27EC}" = protocol=58 | dir=in | app=system | 

"TCP Query User{013BD469-296C-4999-A301-18F674E14B6C}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 

"TCP Query User{071BDCE3-897E-430E-B740-88AFCF52EF66}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"TCP Query User{12F77557-9780-4CC8-A598-1C826669F7C0}C:\users\torben\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 

"TCP Query User{1C6355E4-CC74-486D-A057-4CAF6E8FBD65}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 

"TCP Query User{215715ED-32EF-4FE6-B9EA-BE0FADCC3502}C:\program files (x86)\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 

"TCP Query User{32B9916E-B8DD-4776-A214-1C6C2B37CB6C}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 

"TCP Query User{439BFE98-04EC-498E-9BC4-BE3D738567BF}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe | 

"TCP Query User{48F7BE26-A1BE-49C6-9794-CF07E89F4420}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"TCP Query User{4926DE7A-83A2-41AC-B4BF-64A3266BD5FD}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 

"TCP Query User{60360D32-A0B9-4133-B394-E5D977108424}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 

"TCP Query User{7508825E-8D3D-41E9-8612-422E3449EB00}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 

"TCP Query User{80230FDF-ABB6-461A-B32E-852B09AF53DA}C:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe | 

"TCP Query User{8780FD61-871D-450E-BCE5-8099F55E4D1E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"TCP Query User{9EA9BD35-2C27-44C3-9819-76B3DDB7E545}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe | 

"TCP Query User{A086B318-49BB-4941-8C5E-B92A9A4388CA}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 

"TCP Query User{ACF70296-80B8-49C2-A586-C19CFDF1104E}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 

"TCP Query User{B957EF92-F9BE-477F-9613-9BF49BEFB616}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | 

"TCP Query User{E4592E34-F26C-46CE-9E83-C2794C5C1572}C:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe | 

"TCP Query User{F692D229-C9CB-4F6D-BCC7-4D33B9350862}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.icd | 

"UDP Query User{00B94BF5-2078-4572-AC35-E48658676CAE}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.icd | 

"UDP Query User{0326ED2D-EFCC-44F3-8ABE-4B0CA991D817}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 

"UDP Query User{0648C508-40C9-4872-A169-189E8F8AAFC1}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 

"UDP Query User{26EF5361-E150-4DEF-BA08-D91E66097120}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 

"UDP Query User{315BAA19-9EBC-48EC-9711-30CC3725DF2E}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 

"UDP Query User{3C2CBD05-0EEF-417F-9B27-241441CBD82D}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 

"UDP Query User{3D9587C8-757C-45AB-8C2D-285D1B942184}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"UDP Query User{5B0746FF-9A97-4036-97D0-3A40D14E2BA5}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 

"UDP Query User{6A6713CC-EBB7-4797-8220-1876E2630B6C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"UDP Query User{7036E19B-3AD6-4679-9AF5-9C5CD0544908}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | 

"UDP Query User{735F0758-9319-4E86-8347-27DDF780ABBE}C:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe | 

"UDP Query User{8AF6851F-C798-4599-8F33-2AB4AC046053}C:\program files (x86)\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 

"UDP Query User{9411B73D-C08A-463A-A82E-746B6FFC9ADD}C:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe | 

"UDP Query User{9D9B1490-44EE-4667-A65F-2FBB6D04DA68}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe | 

"UDP Query User{9EAFFFF2-255F-4B25-A811-5219E9C3CCF7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 

"UDP Query User{BC66C354-15B3-4582-9EC5-B84E067EFB90}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"UDP Query User{CD091CAC-2AC8-4088-AF93-5880F39F3C0E}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe | 

"UDP Query User{CE7C713C-EC7E-4008-8F50-E4AA875CB2DD}C:\users\torben\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 

"UDP Query User{FF9CB116-D5A5-4AFC-B609-94A52FD9B301}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver

"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver

"{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D237D67F-E77C-4D9E-AA66-8B7A821C215F}" = MFC RunTime files x64

"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"EPSON BX525WD Series" = EPSON BX525WD Series Printer Uninstall

"GIMP-2_is1" = GIMP 2.8.0

"LSI Soft Modem" = LSI HDA Modem

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)

"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager

"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = HALO 2 FÜR WINDOWS VISTA

"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{14D6085A-9A42-C0B5-823E-8C9619AC1026}" = Catalyst Control Center Graphics Full New

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1E9ADAB4-74DE-4362-8DB9-E2E86176C73B}_is1" = Mod Installer 1.1 Risugami ohen beta Kanten Version 1.1

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FF19BBD-554D-733C-3BDF-B55C99349198}" = Catalyst Control Center Core Implementation

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager

"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{346D6B7A-4AD8-5C2C-E249-34CA3CD7D34B}" = CCC Help Polish

"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding

"{357C0C30-051F-FE77-4709-025786123FB1}" = ccc-core-static

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print

"{41BC23C5-157F-77A0-6662-17A5096E7946}" = Catalyst Control Center Graphics Previews Vista

"{4507185D-FAB8-B77D-4546-2CF31DA906AD}" = Catalyst Control Center Graphics Full Existing

"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012

"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR

"{4967ADB1-27A6-635F-A217-754BD9A05E2E}" = CCC Help Czech

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{525E2229-6693-40E6-8FBE-FF4E5F8D7AF7}_is1" = Modinstaller für Minecraft 1.3.2 Version 2.0

"{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor

"{54DFD48E-0E0D-5D0C-BD93-CE3DF090EC1C}" = CCC Help Japanese

"{5528C69D-4018-C4BD-7D00-67F90623EB33}" = CCC Help Italian

"{5582C24D-5597-42D2-537E-BA329164D78D}" = CCC Help Thai

"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works

"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{722AF0E9-9BAB-4556-9AA6-B5240D46E4B3}" = Global Agenda Launcher

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic

"{765AD336-1219-478F-97E8-2D23FBE70981}" = MAGIX Video deluxe 16 Plus Sonderedition Download-Version

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{785F975B-50FB-C523-5E58-C6EFE9E62424}" = CCC Help Portuguese

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7D62622F-78B7-91B0-5B75-4082DDFAC775}" = CCC Help Swedish

"{7DE2B39B-97F0-EC01-06D6-E25C6D4164DF}" = CCC Help German

"{7E079E23-77CB-4AA4-A335-5D6DF9143720}" = FireArc Arcade

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies

"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit

"{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1" = Minecraft Note Block Studio version 3.1.3

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{878789F8-276E-4D98-20E6-78DCBD77AD7D}" = CCC Help Turkish

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console

"{8F2AE892-C036-C2F8-0D45-0ED891440D68}" = CCC Help French

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007

"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007

"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007

"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{95D40BD8-2EA7-C51E-A218-B2F863481573}" = CCC Help Chinese Standard

"{98A7C691-304F-31DC-A21C-3675E1D68501}" = CCC Help Chinese Traditional

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack

"{A074DE55-29EB-459C-99C9-3F26C5669ECB}" = Ontrack EasyRecovery DataRecovery Trial

"{A33B56D0-F273-F6C2-C335-50AE0C83C85C}" = CCC Help Finnish

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A8CB3994-B273-D81E-315C-CA3A8376415E}" = Catalyst Control Center Localization All

"{A8D450FB-F8F7-4250-7CE3-A3C24CDE5722}" = CCC Help Hungarian

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB82BA59-B05B-70DC-992B-D2D7A2AF4EE5}" = CCC Help Korean

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)

"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi

"{BFB59706-4FEC-37A8-96CD-C7F6932AD6DD}" = CCC Help Norwegian

"{C09EECFB-8925-5E54-1580-3FAEB6A78856}" = Catalyst Control Center Graphics Light

"{C0ED2557-8BCC-71B6-253C-BDFE26A9B37D}" = CCC Help Spanish

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC62C6C8-0D7F-3F0D-9BD6-49CB16029A6A}" = CCC Help Greek

"{CC6D2A70-B152-E250-ABEA-5D7D681469F8}" = CCC Help English

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome

"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver

"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX

"{DAC69A3A-89E6-4B70-B486-B974C2C95BE9}" = HD Writer AE 4.0

"{DAFFBC42-ABA2-882C-68CB-593B9CF9ACF5}" = CCC Help Russian

"{DB318841-F512-49DF-999B-2A6AEDA9E13A}" = Samorost 2

"{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DFF2D0B9-1706-6AA8-85CD-A70DF44AE3F8}" = CCC Help Danish

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E6AAFC37-EB31-768D-A9A5-AA8A84612615}" = CCC Help Dutch

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 Deluxe Edition

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"5513-1208-7298-9440" = JDownloader 0.9

"AbiWord2" = AbiWord 2.9.2

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe Acrobat 5.0" = Adobe Acrobat 5.0

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Age of Empires 2.0" = Microsoft Age of Empires II

"Any Video Converter_is1" = Any Video Converter 3.2.7

"Audacity_is1" = Audacity 2.0

"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit

"dlancockpit" = devolo dLAN Cockpit

"dlanconf" = devolo dLAN-Konfigurationsassistent

"Drakensang Online" = Drakensang Online

"dslmon" = devolo Informer

"EPSON BX525WD Series Network Guide" = EPSON BX525WD Series Netzwerk-Handbuch

"Finale 2011 Demo" = Finale 2011 Demo

"FL Studio 10" = FL Studio 10

"Fraps" = Fraps (remove only)

"Free Audio Converter_is1" = Free Audio Converter version 5.0.4.1228

"Free YouTube Download_is1" = Free YouTube Download version 3.1.39.1015

"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.32.918

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918

"Game Booster_is1" = Game Booster 3

"Google Chrome" = Google Chrome

"GridVista" = Acer GridVista

"Halo 2" = HALO 2 FÜR WINDOWS VISTA

"Hard Truck Apocalypse_is1" = Hard Truck Apocalypse

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Identity Card" = Identity Card

"IL Download Manager" = IL Download Manager

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"InstallShield_{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor

"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager

"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters

"InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader

"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012

"League of Legends_is1" = League of Legends

"LManager" = Launch Manager

"LogMeIn Hamachi" = LogMeIn Hamachi

"MAGIX_MSI_Videodeluxe16_plus" = MAGIX Video deluxe 16 Plus Sonderedition Download-Version

"MediaCoder" = MediaCoder 0.7.5.4720

"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch

"Postal 2_is1" = Portal 2

"PunkBusterSvc" = PunkBuster Services

"RocketDock_is1" = RocketDock 1.3.5

"Security Task Manager" = Security Task Manager 1.8d

"Steam App 17050" = Global Agenda - Demo

"Steam App 211880" = Bullet Run

"Steam App 400" = Portal

"Steam App 72850" = The Elder Scrolls V: Skyrim

"Uninstall_is1" = Uninstall 1.0.0.1

"Usenet.nl_is1" = Usenet.nl

"uTorrent" = µTorrent

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"TeamSpeak 3 Client" = TeamSpeak 3 Client

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 16.09.2011 09:37:47 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=

 mDNS_reentrancy (0)

 

Error - 16.09.2011 09:37:47 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) 

!= mDNS_reentrancy (0)

 

Error - 16.09.2011 13:05:46 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=

 mDNS_reentrancy (0)

 

Error - 16.09.2011 13:05:46 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) 

!= mDNS_reentrancy (0)

 

Error - 17.09.2011 08:59:36 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=

 mDNS_reentrancy (0)

 

Error - 17.09.2011 08:59:36 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) 

!= mDNS_reentrancy (0)

 

Error - 17.09.2011 09:43:05 | Computer Name = Torben-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,

 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,

 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0033a5e8  ID des fehlerhaften

 Prozesses: 0x1bd0  Startzeit der fehlerhaften Anwendung: 0x01cc753a6e9339ee  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Berichtskennung:

 f81aa74e-e132-11e0-a401-00262d8796ce

 

Error - 17.09.2011 09:43:09 | Computer Name = Torben-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,

 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,

 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0033a5e8  ID des fehlerhaften

 Prozesses: 0x1bd0  Startzeit der fehlerhaften Anwendung: 0x01cc753a6e9339ee  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Berichtskennung:

 fa87dfd7-e132-11e0-a401-00262d8796ce

 

Error - 17.09.2011 13:48:11 | Computer Name = Torben-PC | Source = Application Hang | ID = 1002

Description = Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter

 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 

in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem

 zu suchen.    Prozess-ID: 1e00    Startzeit: 01cc7561f104f95f    Endzeit: 0    Anwendungspfad: 

C:\Windows\system32\NOTEPAD.EXE    Berichts-ID: 332c46fa-e155-11e0-a401-00262d8796ce
 

 

Error - 17.09.2011 13:48:37 | Computer Name = Torben-PC | Source = Application Hang | ID = 1002

Description = Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter

 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 

in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem

 zu suchen.    Prozess-ID: 1194    Startzeit: 01cc7562006ac85a    Endzeit: 10    Anwendungspfad:

 C:\Windows\system32\NOTEPAD.EXE    Berichts-ID: 4387c0b2-e155-11e0-a401-00262d8796ce
 

 

[ Media Center Events ]

Error - 21.04.2012 11:53:55 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 17:53:55 - Fehler beim Herstellen der Internetverbindung.  17:53:55 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 21.04.2012 11:54:14 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 17:54:01 - Fehler beim Herstellen der Internetverbindung.  17:54:01 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 21.04.2012 12:54:21 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 18:54:21 - Fehler beim Herstellen der Internetverbindung.  18:54:21 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 21.04.2012 12:54:27 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 18:54:27 - Fehler beim Herstellen der Internetverbindung.  18:54:27 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 24.04.2012 09:41:31 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 15:41:31 - Fehler beim Herstellen der Internetverbindung.  15:41:31 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 24.04.2012 09:41:54 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 15:41:36 - Fehler beim Herstellen der Internetverbindung.  15:41:36 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 16.05.2012 09:10:05 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 15:10:05 - Fehler beim Herstellen der Internetverbindung.  15:10:05 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 16.05.2012 09:10:16 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 15:10:11 - Fehler beim Herstellen der Internetverbindung.  15:10:11 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 17.05.2012 09:02:38 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 15:02:38 - Fehler beim Herstellen der Internetverbindung.  15:02:38 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 17.05.2012 09:03:31 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0

Description = 15:03:25 - Fehler beim Herstellen der Internetverbindung.  15:03:25 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 08.11.2012 08:33:29 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 08:43:29 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 08:53:29 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 09:11:59 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 09:21:59 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 09:31:59 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 09:41:59 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 09:51:59 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 10:01:59 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.11.2012 10:06:08 | Computer Name = Torben-PC | Source = DCOM | ID = 10016

Description = 

 

 

< End of report >

EDIT: Google Chrome ist wiederhergestellt