Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   GVU-Virus, Rechner als Standardnutzer nicht mehr nutzbar, Rechner funktioniert nur als Admin oder im Abgesicherten Modus als Standardnutzer (https://www.trojaner-board.de/129498-gvu-virus-rechner-standardnutzer-mehr-nutzbar-rechner-funktioniert-nur-admin-abgesicherten-modus-standardnutzer.html)

ratz9 16.01.2013 15:58
Hallo cosinus,

hier der Inhalt der Datei AdwCleaner[R1].txt:

Code:
# AdwCleaner v2.105 - Datei am 16/01/2013 um 15:54:20 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
# Benutzer : Administrator - R-LAPTOP02
# Bootmodus : Abgesicherter Modus mit Netzwerkunterstützung
# Ausgeführt unter : C:\Users\R\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Administrator\AppData\Local\funmoods-speeddial.crx
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.funmoods.com/?f=2&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\uaqx2lxu.default-1356147421866\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ovmgs244.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2507 octets] - [16/01/2013 15:54:20]

########## EOF - \AdwCleaner[R1].txt - [2567 octets] ##########

cosinus 17.01.2013 00:56
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

ratz9 17.01.2013 07:56
Code:
# AdwCleaner v2.105 - Datei am 17/01/2013 um 07:20:16 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
# Benutzer : Administrator - R-LAPTOP02
# Bootmodus : Abgesicherter Modus mit Netzwerkunterstützung
# Ausgeführt unter : C:\Users\R\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Administrator\AppData\Local\funmoods-speeddial.crx
Gelöscht mit Neustart : C:\Program Files (x86)\ICQ6Toolbar
Gelöscht mit Neustart : C:\ProgramData\boost_interprocess
Gelöscht mit Neustart : C:\ProgramData\ICQ\ICQToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.funmoods.com/?f=2&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=835934769 --> hxxp://www.google.com

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\uaqx2lxu.default-1356147421866\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ovmgs244.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2630 octets] - [16/01/2013 15:54:20]
AdwCleaner[S1].txt - [2626 octets] - [17/01/2013 07:20:16]

########## EOF - \AdwCleaner[S1].txt - [2686 octets] ##########
Code:
OTL Extras logfile created on: 17.01.2013 07:32:05 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\R\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 3,06 Gb Available Physical Memory | 76,68% Memory free
8,15 Gb Paging File | 7,32 Gb Available in Paging File | 89,91% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,29 Gb Total Space | 35,98 Gb Free Space | 30,16% Space Free | Partition Type: NTFS
Drive D: | 119,18 Gb Total Space | 40,03 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
Drive E: | 465,69 Gb Total Space | 30,78 Gb Free Space | 6,61% Space Free | Partition Type: NTFS
Drive F: | 465,69 Gb Total Space | 114,68 Gb Free Space | 24,63% Space Free | Partition Type: NTFS
 
Computer Name: R-LAPTOP02 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01  [binary data]
"VistaSp2" = C2 5E 86 26 A1 8F CA 01  [binary data]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004AB794-F8E9-4AAB-8B97-35C3A14F097E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{04126AAF-91EE-4010-95A0-90F631986FCB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{047F1E3E-EE7E-41BC-9396-A15EC30A51D9}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0521E506-192C-458B-AF1B-6667EBD3E4C8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{08C26E95-7CEA-408A-A9B9-BE87F810C83C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0BE92E92-4D9E-4123-88CF-56AB1F24C74C}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{166ED1C2-872F-42AC-B961-59AE21387DE4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18C08F8A-02CA-47BF-9BC3-DAD8C2D523C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24268A7C-519F-4AB9-846B-7B97497132CA}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{24E8650D-79E8-4E54-802B-D9458D69622A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31CE7EEF-8682-48EE-8D48-2E1AD3DF8F18}" = rport=138 | protocol=17 | dir=out | app=system |
"{37227A37-5752-4DFA-B6CA-CE3B931B721E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{3D8C1889-C585-4398-BBC5-11050228AE8B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AF6B861-35CE-4278-89B7-824A578B672D}" = lport=139 | protocol=6 | dir=in | app=system |
"{512ED9E5-84C6-41CE-8B53-4B3F6F8572D3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5757AB46-0F42-4492-856C-DDA67094D60C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{59B4C024-4F63-4120-8B4F-324D954E47F3}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C491A72-243F-44C8-B0C3-B5476C340D02}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5CEB26A6-E7D0-4BD8-8999-96E5D3625AC1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5D3A01AD-5C38-40D9-93BD-17232EF2C22C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5DA145B7-C056-452A-BF45-DA669A633078}" = rport=445 | protocol=6 | dir=out | app=system |
"{607F81B9-891B-4849-901C-9B92FBD2AF1E}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{633839B5-F419-4093-9A6D-611A268093C6}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{6D8AAAA8-95F8-432B-87BE-0582651E312A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7889D493-C310-44F2-8B62-EBFEFEC9D35A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{815E43CD-9660-4A2C-85D5-BC3F3DCA5BDB}" = lport=445 | protocol=6 | dir=in | app=system |
"{8279D5F3-F4D2-403E-B774-9DCE8BAFBF81}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{932D1FB5-93D6-4D69-8E53-302B06ECC4A7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9938D337-74C1-42E3-9529-8764302CBBD8}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF5D60D2-B578-4438-9F18-C1A1E534B07D}" = lport=138 | protocol=17 | dir=in | app=system |
"{B62D4EAE-57A4-4CD6-9F87-A0BCF5866410}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B7D637A9-7064-4AAB-9AEE-E11462F8D986}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B9E9B3E7-238D-4D24-A340-5D82F9779A58}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BB0D48EC-A03E-4A83-A98E-C84ADEF67146}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BFF39277-4F23-42FE-BA43-C2893A1DF780}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C67598F1-A7A0-42E2-8B24-23CA282835DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF018C33-F138-407C-91C2-8809D3A44421}" = lport=137 | protocol=17 | dir=in | app=system |
"{EAA7234A-CEB3-4B4A-B0A4-0647B96F2648}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EBCD8012-EDFF-4772-AEDD-C1F35859D152}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1DAB002-FB09-4471-96C9-D6E16A40FE0E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F364A4CD-FE46-4F1E-B406-767273E251DD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02EFDA34-51E3-435C-B256-9E2A09856712}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{03C8063B-944B-41E3-99CB-CEA6407F98EC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{085A2682-E90A-4ED2-8F0C-40E220FAD01D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{087898C0-02A1-464F-908B-D9DC05E6E7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"{0AFA640F-0C73-47D4-B4D6-4D2742E8B3CE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0D005777-5B81-4F80-B094-2D3774026857}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{0DF16DA4-ABBE-4CB9-8298-832FAAA01FB7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{10C2289D-7A33-4355-B832-39C30DE63F4D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{155AD8BF-963F-48B5-BAB2-91BC30434F5C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{17FE4F11-C98A-41AD-9652-DA70F35A0524}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"{1B71991F-1AF6-44A7-B81D-9C28C728D5A4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{1FF409BA-B636-4852-8D9F-B86DCF666F46}" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{2246F11E-021D-495C-ADE1-7DC7AA5E0390}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{26285B89-4895-43D0-AC44-74DCE22F80C8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{2A36BA5C-B879-44BF-844E-E7E815A35EF3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{2AE037D0-55A6-4CCC-8604-8EBD263604FC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30958F18-EF7F-4A13-81C6-2C21ECAF2D90}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3209F2EC-60B5-485B-82BF-499FB531F7BB}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{326A816C-F39A-4420-B6F1-199401824C6C}" = protocol=17 | dir=in | app=c:\users\r\appdata\local\apps\2.0\cnjphykb.7q5\lle3peln.w1c\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{3298E8BB-8C84-42F2-8AED-062D08A4D586}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{351D93DD-17DF-409C-9AEC-39E195ED2B79}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{3643249D-34C8-463C-BCE4-B9C1DB629F2C}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{3ABC9B81-3EEC-472C-9040-9F2A4528A774}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3AD20172-D481-40E5-AB74-0561350BF930}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3E6889C1-0EF0-4509-B0EB-0DB38C7F5264}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{40353085-2744-4239-A29A-D2A742D9DDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{4C5DC25A-C668-424E-B2B1-F8326FD9868F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4DC7054C-8DF2-41B8-B13B-15FE3FE3FFBB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{591C0DB5-CAFA-4829-B17F-49871B6258F4}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{5C4B847A-BD61-4063-A10F-08E53199D182}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{5CD21628-0A32-4F3A-8AD2-39888D42C744}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{5DBAF38A-9C23-4174-87F2-25DA64C8BCF0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{60C921EA-5DB7-4170-BE54-FD56096F5725}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{61A305ED-2261-4CE2-B4A6-BEC96C063DA1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63C887B4-1C14-45AD-80E1-527506A16035}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{66265A86-188D-48E2-9703-4CB444BE0798}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{6D0BF4EF-A7DA-4B1F-B443-9697EEAD5D02}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{6F3CA072-E5A2-460D-B8DB-6D65DEFA4A55}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6F996556-100C-41F9-A934-C8FA8DF3102D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{718249AB-6A20-4C15-A835-67C6158FED96}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{733825D8-605E-4CFF-AB50-EB36C9A59B69}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{73D6C0D3-7650-4BBA-89EB-8449AB392E56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{73F5F9DF-1506-4970-892F-463FD32F7A50}" = protocol=6 | dir=in | app=c:\users\r\appdata\local\temp\{5ed8315d-3e87-4622-967c-3234a017efa0}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe |
"{743C974D-19EA-41CF-B214-99452621447F}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7841BE0C-155F-4146-8696-CB567ACE6900}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{7B958CAD-DFA4-4727-827F-D143D0129E9A}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{7CD321F7-C197-40AF-9CDC-4339720FF702}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7E7E645E-175A-4140-BA49-82744155120B}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{814C3C81-F911-40CC-91AE-C8A2A8E10DB7}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{819696DE-A2A0-44D7-AB46-5BE14AF30770}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8586A832-089B-4B46-BD3E-051079499086}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{870E4E06-E546-4F3E-881B-15E696C515E0}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{87B98076-E0BF-4967-B96C-F89292FB6E2B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8A7324A4-D4AF-4D54-84FA-D4DF0288230C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8CE52618-D161-4B36-AC59-3352998F6BB3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{8D1CA9CB-DF48-48A6-A9DB-052922DA50A7}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{8DEAA701-4875-4F18-B65F-3F349BC29C0E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8E69E61D-75BE-4800-B757-810803546628}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{93645458-5796-41F8-B3A3-53E12C08B104}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{94403B60-C306-462C-8007-CCAF839EC9A9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{97976F18-12C7-4142-AE52-402DCA6E9A83}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{9A3CBFE2-DCA6-4A06-86FE-B934B598365A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9AC7665D-8979-42BB-9284-171E64E593F9}" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{9C6FAF94-0259-488F-BEB0-A9C6955BCF43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9CF29FA5-A78B-4CD0-964C-249DEA10D674}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{9D283717-87D7-4AC5-B7BA-207CBD1A31F7}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{9DB47AA2-CDC6-401E-9568-CE746F7DD0D1}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{A1B79FB2-F57E-4D30-9EBF-24CE296EA503}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A4B577E0-126C-407F-8BA6-3D01DF75CCC5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A8618E98-F4F6-44F4-9C9C-DE25D35842E4}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A9904A47-CC06-4BA2-BEE3-9B9781AAE79E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ACE1F1C5-97CC-446C-9C46-5D8F9F4C3038}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B054E907-DE09-4905-94A3-73BCE57D1C35}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{B2A7CC22-665B-4F7E-AA32-097D2D2688A5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B628B788-E2C1-4F3A-B5BC-9DD1853AF651}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{B657B423-85CD-42E8-AB19-264CB3FA8B2D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{B7F3FE4C-F2D6-4B16-92A1-E3D3FA29E886}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{B9307BFE-746B-415F-A76E-9D36C9B84D25}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{BB699662-56C5-4786-8172-A92294FF5C3B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{BF886810-2C18-4420-A41A-892A7835326F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{C1851709-F356-42F3-92CB-7BFCA52088FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C1D6117C-7861-4F64-98AF-F03B5B545EB4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C270F552-4FA2-461E-8C7E-EA29C523C26F}" = protocol=6 | dir=in | app=f:\dummie\solutoinstaller.exe |
"{C4C32767-0577-4533-83CC-6DF8DA1BF367}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{C708B084-338F-49EE-846E-4D9127489F31}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{CCC05EBB-D6D7-4451-A6EA-5E7190886405}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{D28C396E-55DE-439C-AA52-4ABCBA2D636B}" = protocol=6 | dir=in | app=c:\users\r\appdata\local\apps\2.0\cnjphykb.7q5\lle3peln.w1c\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{D3ED3147-4A6A-4341-80AE-3BDE64F3381F}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{DA6E6CD7-E335-4669-B149-D7637E1EF988}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{DAAE65BE-6159-40AD-9F50-78EBB62E9A32}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{DADBBA94-29D7-4B52-9936-9BB4C56843F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{E7761B1F-5EA8-4501-9FE5-BF1B96FCE511}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{E910AF4C-AE2F-4818-8715-00D38A1D58E7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EA4D3C34-F80B-495D-B5EE-7A4FEC45524A}" = protocol=17 | dir=in | app=f:\dummie\solutoinstaller.exe |
"{EA632EE9-E206-4AD4-83B3-FFB8BC586A6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EC95EC23-D7A6-4DD9-B3F5-B9B219221766}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{F1977FEF-88C3-4734-8FEF-BBD669D52FE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F1A843A7-E47D-4301-9D47-C0B16B0038D9}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{F3366ACE-BA77-4652-A755-B8EA7715C073}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{F36EF739-0BE7-4F29-A530-7CB969565E24}" = protocol=17 | dir=in | app=c:\users\r\appdata\local\temp\{5ed8315d-3e87-4622-967c-3234a017efa0}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe |
"{F40FFE66-3094-4534-B11C-CB653B32EB36}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F7671D30-9CF2-4862-B4AC-3F718FB2F083}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F8ADE1F3-7CD5-4DDF-AAD9-94897858C5E7}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{FB5A84CD-6DEB-46B9-93CA-4422D46D0DE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FF620D17-B817-4392-84D2-B6C285D0B219}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"TCP Query User{01ED3EA8-9B8A-47B0-BB3E-D3621E5A1CC1}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{03178976-5CC9-44D6-A200-159C26AFAC9A}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{0B99D92A-919B-4EA7-9C44-D56D97D785A9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{0D7A08CD-CDE0-4F59-AAF5-4CEB16183875}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{12D81733-D86D-4464-B31E-706BA4B6D78A}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{15E150DA-43C3-4F01-9418-92AE2E11027F}C:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"TCP Query User{18BC1E09-0A7F-4B0F-85D1-1DC841528CBD}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{1AF47DF9-73B3-407B-86E2-BB40F47BBE8A}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{1DF3300B-43E1-4760-A823-F1382599EE73}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{2518BD93-A4EF-4996-911F-39358109F53A}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{27F500A9-8BE9-46F4-B6DB-0DDC79342375}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"TCP Query User{46D0ED4E-4BE6-4B3B-B6D0-58F1ECF9A1AF}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{4B1F6EB3-58B2-4151-AD91-C4A65F7E24A9}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"TCP Query User{5456FF82-75BD-4091-B66E-E6A0F91A91C7}C:\windows\syswow64\dllhost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"TCP Query User{58C7AEC3-C572-400E-945F-350818A701FC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{5AD8EC2B-BC8E-4483-956C-B100C2CEB1F5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{5E7A5CDA-4EA7-4C4F-8202-DCC2CB6824C8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{630D0EB8-D412-4056-9FAF-A09A314349BE}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{68E50DDE-851A-4055-975B-6373FB3FE583}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{69B2B139-4B2D-43A2-81FC-5F68C7F57FE5}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{70DCACC0-625A-4C7A-BB01-37DAAD7A49A7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{82933F9C-09FD-4C56-8E49-356772A838AC}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{8BE6F9FB-577F-421B-A76E-AEEC8432DFD9}C:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"TCP Query User{933908A2-C868-4B73-9361-704E57198723}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"TCP Query User{A736F789-7A90-44E0-822F-F96413ABA171}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A825E474-D263-448F-BDC6-9A9512BCCAAA}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{B1F99871-7056-4447-8648-9A180D2F9466}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B5FDDFB1-F5B5-4DC1-B7BA-D78FE3C54521}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{BF825E28-6954-4A8D-ADCC-FA06E110DD57}C:\windows\syswow64\dllhost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"TCP Query User{C94EA6AC-0BB8-4C5F-B006-438227B316AC}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{CB6C5993-C813-4585-B8D6-7A0C0043BAAD}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{D6C957E0-9652-4924-8ADC-0DE9327E70B8}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{DDC577DD-A79D-41D6-B03C-77B98F48915F}C:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{EC8AA220-6E06-4BC1-922E-22DB33275D39}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{F71D3BEE-B3BB-4E00-BA3E-46CBC408191B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{04708614-D000-4BE3-8F24-AA236B5B1793}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{131FF0D6-DC35-494D-82F4-D29F14C2CD1F}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"UDP Query User{299D3748-C8B5-4C8B-B381-E97960A43FF3}C:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"UDP Query User{29DF9CAC-45AD-43F0-8D85-B077B9425A59}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{2FDC4ACC-F1FF-4CED-A4B1-CBCB019A9353}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{3A09AC9B-F6FE-4DC0-926D-A88F2E751FC1}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{3C628545-3AD4-464D-B8CB-476B8CB37993}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{41644C6B-D48A-4D2C-9D02-B1FA6F90E6F2}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{47D95A4D-5CC9-4FCA-A03D-720363217297}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{4BB5B14E-AD1F-4D3B-8334-9931084E1377}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{53CFC851-FCE6-475D-A67B-6BE65BE3DD7F}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{5BAC89A2-85D3-4DB4-9651-05D11EE9FEB3}C:\windows\syswow64\dllhost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"UDP Query User{6D0CB095-3DB3-406A-BD92-9F2E14583DC9}C:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"UDP Query User{6F8BE57D-F25F-400E-8A86-097D3F5B851D}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"UDP Query User{72AEBF62-F255-4745-A64D-9AB348E6A65C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{74A7F2DD-0EFF-4DD3-8E1B-C1F677B9B7D1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{788F8B31-B94E-43F9-B9BA-566BFF9A7970}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{78C33F25-D5C1-4B22-8609-C8C473BA1A44}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{7EA9D499-C76C-4895-8FD5-6F099D0B141D}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{7F7F7E47-9AA7-4B2B-AFAB-143056C7B6D6}C:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{8C40F6A7-5344-4818-A983-96364A062AEA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{9A50A13D-C530-4600-99E9-2DA546199E42}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{9F2A2FC3-0098-4ED4-8F9C-C4995DF7B4B8}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{A1A1EFF4-F03D-4A2C-B144-74B6DF48904E}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{A2F34F26-D41A-4A20-82CA-CC95DBC49CB4}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{AEBA58E5-42C2-4FAA-AF46-166D4468A76C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{B73CC98E-24BE-4D4E-A5DF-A907C1C67F4E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C07CA024-925B-45B2-B9EF-D967254A3D94}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C573D57A-1276-496E-A236-22C61530BEDB}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D0F3612F-BBE7-4DD4-8C6F-A974B47CFC1B}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{DADD4AD6-BB93-4755-A11F-6BBDB373E525}C:\windows\syswow64\dllhost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"UDP Query User{F1C1711F-E529-4E89-BC09-6E5924B5DA78}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{F1C19121-1A1F-49F5-8D36-2F5F9EFF5219}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{F81612F5-FF60-4D90-8033-308DBA0C3A09}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{FEEB672A-BA9B-421D-962B-876147C69183}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{167F594F-8A62-48A9-B6EC-97B853464808}" = Dell ControlPoint System Manager
"{16B452B6-828D-4E93-A97E-B92C76E8E0DD}" = SO64MMWrapper
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{27753668-8F35-4FEE-BE5D-ADCD615D334A}" = Dell ControlPoint Connection Manager 64
"{2B7F5983-7076-4D6E-9207-D9D05722502F}" = Smart Technology Programming Software 7.0.2.7
"{2C3393DE-8A93-43A0-9983-ACE9CB9EDCBA}" = BS64MMWrapper
"{3110A3AD-9890-42DF-8CE5-FBFE4E633ED2}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5783F2D7-9007-0407-0102-0060B0CE6BBA}" = AutoCAD Electrical 2011
"{5783F2D7-9007-0407-1102-0060B0CE6BBA}" = AutoCAD Electrical 2011 Language Pack - Deutsch
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{76D6189D-1564-0400-0000-DFC2EE337EAC}" = Autodesk Inventor View 2011
"{76D6189D-1564-0400-0001-DFC2EE337EAC}" = Autodesk Inventor View 2011 Language Pack - Deutsch
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87508272-99AC-47AA-9F65-5F8C09930CA6}" = Dell Control Point 64
"{8F79E264-B252-464F-979B-181903811220}" = Aastra - OpenCom1000 Service Tools (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{ACF9459F-3585-487A-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client)
"{ACF9459F-3585-487F-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client) German Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{C3B66206-54AC-4A76-8CCF-7FE5670C3581}" = DCP64MMWrapper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{F161E795-1A75-4DBD-AFAE-4980BA7EABDB}" = Dell ControlVault Host Components Installer 64Bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDA5AFC5-DAE3-4DB0-810F-B5FA858E5233}" = Soluto
"{FEF64966-7F5E-48A6-8A87-C12533BEE519}" = ATMinInstall64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)
"7C3B20D7A6E59F324247FCFEDEFA94CB3339BA1C" = Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows-Treiberpaket - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5)
"AutoCAD Electrical 2011" = AutoCAD Electrical 2011
"Autodesk Inventor View 2011" = Autodesk Inventor View 2011 Deutsch
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
"DWG TrueView 2011" = DWG TrueView 2011
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Autodesk AutoCAD 2009 Performance Driver" = NVIDIA Performance Driver for Autodesk AutoCAD 2009
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Dell Touchpad
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview
"{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}" = Google Earth
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{434D083E-A4CC-401A-9E74-621000038101}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038102}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038103}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038104}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038105}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038106}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038107}" = OF: Red River
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
"{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}" = DIAL Communication Framework
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5BA43E5C-66FD-48D2-AB40-B807D457EF83}" = ElsterFormular 2007/2008
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FCCD531-1B38-4A94-924C-127F722F1031}" = Nero 8
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AE25201-3E12-4FA2-9E65-67CD475D9263}" = ACDSee 9 Foto-Manager
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A06F5ACB-AF59-4DC0-B22E-1F6F47FC7004}" = Microsoft Reader Text-to-Speech deutsch
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A79408B0-345D-42E8-8EB6-00597320B9E0}" = FRITZ!Box-Fernzugang einrichten
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5E7BF75-007E-44AD-8962-627ED44CB63B}" = NaturalReaderFree
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.2.5
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFC0BA9B-F472-4559-B655-9C47281F9483}" = WD Security
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"001FFFFFFF12FF00FF0201F05F02F000-R1" = ArchiCAD 12 GER
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"AVAPLAN Studio 2010_is1" = AVAPLAN Studio 2010 Version 3.5.0
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"Cinergy HTC USB XS" = Cinergy HTC USB XS V5.09.1202.00
"ClearProg" = ClearProg 1.6.0 Final
"DIALux" = DIALux 4.10
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free DVD Decrypter_is1" = Free DVD Decrypter version 1.5
"FreePDF_XP" = FreePDF (Remove only)
"Google Calendar Sync" = Google Calendar Sync
"GPL Ghostscript 9.04" = GPL Ghostscript
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"jdownloader2" = JDownloader 2.0
"KaloMa_is1" = KaloMa 4.9
"MKVToolNix" = MKVToolNix 5.9.0
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NAVIGON Sync" = NAVIGON Sync 2.0.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenFietsMap (BNL)" = OpenFietsMap
"OpenFietsMap(Germany)" = OpenFietsMap(Germany)
"RealPlayer 12.0" = RealPlayer
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"Simple Sudoku_is1" = Simple Sudoku 4.2
"SpeedFan" = SpeedFan (remove only)
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"The Elder Scrolls V - Skyrim_is1" = The Elder Scrolls V - Skyrim
"TVgenial" = TVgenial 5.00
"VAG-COM311_DE" = VAG-COM 311 Deutsch
"VLC media player" = VLC media player 2.0.4
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.3
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.01.2013 02:22:06 | Computer Name = R-Laptop02 | Source = EventSystem | ID = 4609
Description =
 
Error - 17.01.2013 02:22:06 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 02:27:34 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 02:27:34 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 02:27:37 | Computer Name = R-Laptop02 | Source = EventSystem | ID = 4609
Description =
 
Error - 17.01.2013 02:27:37 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 02:29:20 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 02:29:20 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = EventSystem | ID = 4609
Description =
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
[ OSession Events ]
Error - 15.04.2010 16:50:12 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1005
 seconds with 840 seconds of active time.  This session ended with a crash.
 
Error - 25.04.2010 12:59:37 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4399
 seconds with 4020 seconds of active time.  This session ended with a crash.
 
Error - 04.02.2011 08:47:58 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.07.2011 07:39:56 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 03.01.2013 14:51:26 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 25
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 17.01.2013 02:27:38 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7001
Description =
 
Error - 17.01.2013 02:27:38 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7026
Description =
 
Error - 17.01.2013 02:28:41 | Computer Name = R-Laptop02 | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 17.01.2013 02:29:00 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 02:29:17 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7001
Description =
 
Error - 17.01.2013 02:29:23 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >

ratz9 17.01.2013 07:58
Code:
OTL logfile created on: 17.01.2013 07:32:05 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\R\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 3,06 Gb Available Physical Memory | 76,68% Memory free
8,15 Gb Paging File | 7,32 Gb Available in Paging File | 89,91% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,29 Gb Total Space | 35,98 Gb Free Space | 30,16% Space Free | Partition Type: NTFS
Drive D: | 119,18 Gb Total Space | 40,03 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
Drive E: | 465,69 Gb Total Space | 30,78 Gb Free Space | 6,61% Space Free | Partition Type: NTFS
Drive F: | 465,69 Gb Total Space | 114,68 Gb Free Space | 24,63% Space Free | Partition Type: NTFS
 
Computer Name: R-LAPTOP02 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\R\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SAVAdminService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Limited)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SolutoLauncherService) -- C:\Programme\Soluto\SolutoLauncherService.exe (Soluto)
SRV - (SolutoService) -- C:\Programme\Soluto\SolutoService.exe (Soluto)
SRV - (SolutoRemoteService) -- C:\Programme\Soluto\SolutoRemoteService.exe (Soluto)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited)
SRV - (Sophos Web Control Service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Sophos Limited)
SRV - (SAVService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited)
SRV - (swi_service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Limited)
SRV - (swi_update_64) -- C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe (Sophos Limited)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Mobile Partner. RunOuc) -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (DialComService) -- C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe ()
SRV - (WDDriveService) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
SRV - (ioloSystemService) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (NVIDIA Performance Driver Service) -- C:\Programme\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe ()
SRV - (SMManager) -- C:\Programme\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (Credential Vault Host Control Service) -- C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV - (Credential Vault Host Storage) -- C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV - (TdmService) -- C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SecureStorageService) -- C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (buttonsvc64) -- C:\Programme\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (TDslMgrService) -- C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe (T-Systems Enterprise Services GmbH)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Soluto) -- C:\Windows\SysNative\Drivers\Soluto.sys (Soluto LTD.)
DRV:64bit: - (SAVOnAccess) -- C:\Windows\SysNative\DRIVERS\savonaccess.sys (Sophos Limited)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\DRIVERS\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (sdcfilter) -- C:\Windows\SysNative\DRIVERS\sdcfilter.sys (Sophos Limited)
DRV:64bit: - (SophosBootDriver) -- C:\Windows\SysNative\DRIVERS\SophosBootDriver.sys (Sophos Plc)
DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\DRIVERS\avmaudio.sys (AVM Berlin)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\DRIVERS\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\DRIVERS\SaiMini.sys (Saitek)
DRV:64bit: - (USB28xxBGA) -- C:\Windows\SysNative\DRIVERS\emBDA64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (USB28xxOEM) -- C:\Windows\SysNative\DRIVERS\emOEM64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\Drivers\cvusbdrv.sys (Broadcom Corporation)
DRV:64bit: - (CCIDFILTER) -- C:\Windows\SysNative\DRIVERS\ccidflt.SYS (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\DRIVERS\usbser.sys (Microsoft Corporation)
DRV:64bit: - (USBCCID) -- C:\Windows\SysNative\DRIVERS\usbccid.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (OA001Vid) -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (OA001Ufd) -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys (Creative Technology Ltd.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys (Intel Corporation)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\drivers\ElRawDsk.sys (EldoS Corporation)
DRV:64bit: - (NETw5v64) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\DRIVERS\rimspx64.sys (REDC)
DRV:64bit: - (PBADRV) -- C:\Windows\SysNative\DRIVERS\PBADRV64.sys (Dell Inc)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (dsltestSp5a64) -- C:\Windows\SysNative\Drivers\dsltestSp5a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (DslMNLwf) -- C:\Windows\SysNative\DRIVERS\dslmnlwf.sys (T-Systems Enterprise Services GmbH)
DRV:64bit: - (SaiHFF0D) -- C:\Windows\SysNative\DRIVERS\SaiHFF0D.sys (Saitek)
DRV:64bit: - (SaiUFF0D) -- C:\Windows\SysNative\DRIVERS\SaiUFF0D.sys (Saitek)
DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys (REDC)
DRV - (dgderdrv) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.)
DRV - (PciDumpr) -- C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1376788125
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{031049F5-E23F-B009-29B1-5DBFB4AA5E85}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1376788125
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 77 76 9B 89 9E CA 01  [binary data]
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\SearchScopes\{60D3872B-8F74-4890-9B07-ACFB918A72F3}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\..\SearchScopes,Backup.Old.DefaultScope = {031049F5-E23F-B009-29B1-5DBFB4AA5E85}
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\..\SearchScopes\{031049F5-E23F-B009-29B1-5DBFB4AA5E85}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1376788125
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.04 21:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.23 14:47:17 | 000,000,000 | ---D | M]
 
[2012.10.05 20:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2012.12.04 21:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.12.04 21:20:43 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.11 03:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 03:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.11 03:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 03:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 03:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 03:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.01.16 10:12:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
O2 - BHO: (DIALux 3.1 ULDBrowserHelper Class) - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files (x86)\DIALux\DLXShellExtension.dll (DIAL GmbH, Germany)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4:64bit: - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4:64bit: - HKLM..\Run: [USCService] C:\Programme\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [iolo Startup] C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKLM..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat ()
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Backup_DisableCAD = undefined
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64870F7E-99F4-4B3E-9C20-2A5983970A2C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88E0E51C-7ADC-4AD7-80AE-6813A2B2B992}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92FFCC75-D228-4DD0-9E54-783C4D26F355}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7141A1A-A804-48E4-9314-45E46D740950}: DhcpNameServer = 193.189.244.206 193.189.244.225
O18:64bit: - Protocol\Handler\dialux - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll (DIAL GmbH, Germany)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (wvauth) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.06 15:15:54 | 000,000,000 | ---D | M] - D:\AutoCAD_2009 -- [ NTFS ]
O32 - AutoRun File - [2012.12.18 13:08:09 | 000,000,000 | ---D | M] - D:\AutoCAD_2011 -- [ NTFS ]
O32 - AutoRun File - [2012.01.29 01:46:45 | 000,000,000 | ---D | M] - E:\AutoCAD -- [ NTFS ]
O32 - AutoRun File - [2012.01.29 01:47:17 | 000,000,000 | ---D | M] - E:\AutoCAD_2002 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.17 00:23:53 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2013.01.16 11:00:50 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.01.16 10:57:35 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 10:57:22 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.16 10:53:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple
[2013.01.16 10:16:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.16 10:12:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.01.15 12:21:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\temp
[2013.01.15 12:15:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.15 12:15:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.15 12:15:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.15 12:15:17 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.01.15 12:15:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.15 12:14:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.14 23:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.14 23:14:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.01.13 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2013.01.13 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Thunderbird
[2013.01.10 23:00:37 | 026,931,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.01.10 23:00:37 | 025,256,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.01.10 23:00:37 | 020,450,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.01.10 23:00:37 | 018,054,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.01.10 23:00:37 | 017,560,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.01.10 23:00:37 | 015,129,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.01.10 23:00:37 | 015,052,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.01.10 23:00:37 | 009,389,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.01.10 23:00:37 | 007,931,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.01.10 23:00:37 | 007,565,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.01.10 23:00:37 | 006,263,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.01.10 23:00:37 | 002,904,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.01.10 23:00:37 | 002,720,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.01.10 23:00:37 | 002,344,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.01.10 23:00:37 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.01.10 23:00:37 | 001,504,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.01.09 07:33:41 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 07:33:14 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2013.01.08 20:52:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Skyrim
[2013.01.08 20:52:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Games
[2013.01.03 17:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TVgenial 5
[2013.01.03 17:12:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\TVgenial
[2013.01.03 17:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TVgenial
[2013.01.03 17:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TVgenial5
[2012.12.31 09:27:48 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.31 08:38:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\elsterformular
[2012.12.29 02:54:24 | 000,550,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2012.12.28 19:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dropbox
[2012.12.27 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.12.27 20:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012.12.27 20:50:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2012.12.26 02:43:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NVIDIA
[2012.12.26 02:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.12.26 02:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.12.25 21:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2012.12.25 21:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2012.12.21 07:56:34 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.21 07:56:34 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.21 07:56:34 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.21 07:56:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.17 07:28:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.17 07:20:20 | 000,000,196 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.17 07:19:57 | 001,454,210 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.17 07:19:57 | 000,631,488 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.17 07:19:57 | 000,598,512 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.17 07:19:57 | 000,127,102 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.17 07:19:57 | 000,104,526 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.17 01:37:46 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 01:37:46 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 01:37:46 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.01.17 01:37:41 | 000,000,823 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
[2013.01.17 01:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.17 00:59:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.16 10:57:32 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 10:57:31 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.01.16 10:57:31 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.01.16 10:57:31 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.16 10:57:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.16 10:57:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.16 10:33:45 | 000,000,570 | ---- | M] () -- C:\Users\Administrator\Desktop\TOTALCMD64.lnk
[2013.01.16 10:12:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.01.12 23:41:34 | 000,000,020 | ---- | M] () -- C:\Users\Administrator\defogger_reenable
[2013.01.10 23:37:46 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.10 23:37:46 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 07:47:03 | 000,496,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.03 17:12:58 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\TVgenial.lnk
[2012.12.29 11:34:47 | 026,931,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.12.29 11:34:47 | 025,256,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.12.29 11:34:47 | 020,450,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.12.29 11:34:47 | 018,054,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.12.29 11:34:47 | 017,560,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.12.29 11:34:47 | 015,129,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.12.29 11:34:47 | 015,052,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.12.29 11:34:47 | 012,641,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.12.29 11:34:47 | 009,389,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.12.29 11:34:47 | 007,931,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.12.29 11:34:47 | 007,565,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.12.29 11:34:47 | 006,263,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.12.29 11:34:47 | 002,904,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.12.29 11:34:47 | 002,824,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.12.29 11:34:47 | 002,720,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.12.29 11:34:47 | 002,504,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.12.29 11:34:47 | 002,344,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.12.29 11:34:47 | 001,985,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.12.29 11:34:47 | 001,813,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.12.29 11:34:47 | 001,504,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.12.29 11:34:47 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.12.29 09:40:27 | 006,382,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.12.29 09:40:27 | 003,455,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.12.29 09:40:09 | 002,558,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.12.29 09:40:09 | 000,997,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2012.12.29 09:40:09 | 000,118,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.12.29 09:40:09 | 000,063,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.12.29 09:40:09 | 000,055,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2012.12.29 08:00:43 | 000,001,703 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012.12.29 02:54:24 | 000,550,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2012.12.27 20:49:41 | 000,001,839 | ---- | M] () -- C:\Users\Administrator\Desktop\Samsung Kies (Lite).lnk
[2012.12.26 02:41:53 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.26 02:18:09 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.25 21:49:21 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.20 19:19:42 | 000,054,728 | ---- | M] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.17 07:20:16 | 000,000,196 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.16 10:33:15 | 000,000,570 | ---- | C] () -- C:\Users\Administrator\Desktop\TOTALCMD64.lnk
[2013.01.15 12:15:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.15 12:15:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.15 12:15:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.15 12:15:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.15 12:15:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.12 23:41:34 | 000,000,020 | ---- | C] () -- C:\Users\Administrator\defogger_reenable
[2012.12.27 20:49:41 | 000,001,839 | ---- | C] () -- C:\Users\Administrator\Desktop\Samsung Kies (Lite).lnk
[2012.12.26 02:41:53 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.26 02:18:09 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.26 02:18:09 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.09.26 19:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.09.26 19:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.09.26 19:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.09.26 19:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.09.26 19:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.09.21 02:19:02 | 000,377,168 | ---- | C] () -- C:\Windows\SysWow64\brcmbsp.dll
[2012.09.21 02:16:27 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012.02.01 04:58:22 | 002,681,344 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2011.10.31 11:55:50 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011.10.06 13:34:12 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.05.24 12:50:08 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.05.13 10:24:36 | 000,000,102 | ---- | C] () -- C:\Windows\Dialux.ini
[2011.01.24 12:10:47 | 000,000,000 | -H-- | C] () -- C:\Windows\msds.dat
[2010.01.11 13:07:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 16:29:43 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:01 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

< End of report >

cosinus 17.01.2013 15:50
Code:
Boot Mode: SafeMode with Networking
Warum bist du nicht im normalen Modus?!

ratz9 17.01.2013 16:00
Hallo cosinus,

da in den allgemeinen Anweisungen stand, dass nichts ohne eure Anweisung getan werden sollte, war ich immer noch im abgesicherten Modus unterwegs. Ich hatte keine Ahnung, dass der Rechner im normalen Modus schon wieder funktioniert. Am Anfang war es ja so, dass im normalen Modus immer der DVU-Bildschirm erschien.

Ich bin jetzt wieder im normalen Modus auf dem Rechner und kann anscheinend wieder normal arbeiten.

cosinus 17.01.2013 16:17
Dann mach in diesem Modus bitte eine neue Kontrolle mit OTL

ratz9 17.01.2013 16:36
Code:
OTL logfile created on: 17.01.2013 16:23:22 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\R\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 47,25% Memory free
8,17 Gb Paging File | 5,72 Gb Available in Paging File | 69,94% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,29 Gb Total Space | 35,85 Gb Free Space | 30,05% Space Free | Partition Type: NTFS
Drive D: | 119,18 Gb Total Space | 40,03 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
Drive E: | 465,69 Gb Total Space | 30,78 Gb Free Space | 6,61% Space Free | Partition Type: NTFS
Drive F: | 465,69 Gb Total Space | 114,68 Gb Free Space | 24,63% Space Free | Partition Type: NTFS
 
Computer Name: R-LAPTOP02 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\R\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Limited)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited)
PRC - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Sophos Limited)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Sophos Limited)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Limited)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
PRC - C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe (Western Digital)
PRC - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
PRC - C:\Programme\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
PRC - C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe (T-Systems Enterprise Services GmbH)
PRC - C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Programme\NVIDIA Corporation\nView\nView.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Common\gc.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SAVAdminService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Limited)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SolutoLauncherService) -- C:\Programme\Soluto\SolutoLauncherService.exe (Soluto)
SRV - (SolutoService) -- C:\Programme\Soluto\SolutoService.exe (Soluto)
SRV - (SolutoRemoteService) -- C:\Programme\Soluto\SolutoRemoteService.exe (Soluto)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited)
SRV - (Sophos Web Control Service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Sophos Limited)
SRV - (SAVService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited)
SRV - (swi_service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Limited)
SRV - (swi_update_64) -- C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe (Sophos Limited)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Mobile Partner. RunOuc) -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (DialComService) -- C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe ()
SRV - (WDDriveService) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
SRV - (ioloSystemService) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (NVIDIA Performance Driver Service) -- C:\Programme\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe ()
SRV - (SMManager) -- C:\Programme\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (Credential Vault Host Control Service) -- C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV - (Credential Vault Host Storage) -- C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV - (TdmService) -- C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SecureStorageService) -- C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (buttonsvc64) -- C:\Programme\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (TDslMgrService) -- C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe (T-Systems Enterprise Services GmbH)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Soluto) -- C:\Windows\SysNative\Drivers\Soluto.sys (Soluto LTD.)
DRV:64bit: - (SAVOnAccess) -- C:\Windows\SysNative\DRIVERS\savonaccess.sys (Sophos Limited)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\DRIVERS\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (sdcfilter) -- C:\Windows\SysNative\DRIVERS\sdcfilter.sys (Sophos Limited)
DRV:64bit: - (SophosBootDriver) -- C:\Windows\SysNative\DRIVERS\SophosBootDriver.sys (Sophos Plc)
DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\DRIVERS\avmaudio.sys (AVM Berlin)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\DRIVERS\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\DRIVERS\SaiMini.sys (Saitek)
DRV:64bit: - (USB28xxBGA) -- C:\Windows\SysNative\DRIVERS\emBDA64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (USB28xxOEM) -- C:\Windows\SysNative\DRIVERS\emOEM64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\Drivers\cvusbdrv.sys (Broadcom Corporation)
DRV:64bit: - (CCIDFILTER) -- C:\Windows\SysNative\DRIVERS\ccidflt.SYS (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\DRIVERS\usbser.sys (Microsoft Corporation)
DRV:64bit: - (USBCCID) -- C:\Windows\SysNative\DRIVERS\usbccid.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (OA001Vid) -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (OA001Ufd) -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys (Creative Technology Ltd.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys (Intel Corporation)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\drivers\ElRawDsk.sys (EldoS Corporation)
DRV:64bit: - (NETw5v64) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\DRIVERS\rimspx64.sys (REDC)
DRV:64bit: - (PBADRV) -- C:\Windows\SysNative\DRIVERS\PBADRV64.sys (Dell Inc)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (dsltestSp5a64) -- C:\Windows\SysNative\Drivers\dsltestSp5a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (DslMNLwf) -- C:\Windows\SysNative\DRIVERS\dslmnlwf.sys (T-Systems Enterprise Services GmbH)
DRV:64bit: - (SaiHFF0D) -- C:\Windows\SysNative\DRIVERS\SaiHFF0D.sys (Saitek)
DRV:64bit: - (SaiUFF0D) -- C:\Windows\SysNative\DRIVERS\SaiUFF0D.sys (Saitek)
DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys (REDC)
DRV - (dgderdrv) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.)
DRV - (PciDumpr) -- C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1376788125
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{031049F5-E23F-B009-29B1-5DBFB4AA5E85}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1376788125
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 77 76 9B 89 9E CA 01  [binary data]
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\SearchScopes\{60D3872B-8F74-4890-9B07-ACFB918A72F3}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\..\SearchScopes,Backup.Old.DefaultScope = {031049F5-E23F-B009-29B1-5DBFB4AA5E85}
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\..\SearchScopes\{031049F5-E23F-B009-29B1-5DBFB4AA5E85}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ddrnw&chnl=ddrnw&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FtD0ByB0Ezz0FyB0EyE0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1376788125
IE - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.04 21:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.23 14:47:17 | 000,000,000 | ---D | M]
 
[2012.10.05 20:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2012.12.04 21:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.12.04 21:20:43 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.11 03:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 03:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.11 03:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 03:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 03:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 03:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.01.16 10:12:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
O2 - BHO: (DIALux 3.1 ULDBrowserHelper Class) - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files (x86)\DIALux\DLXShellExtension.dll (DIAL GmbH, Germany)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4:64bit: - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4:64bit: - HKLM..\Run: [USCService] C:\Programme\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [iolo Startup] C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64870F7E-99F4-4B3E-9C20-2A5983970A2C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88E0E51C-7ADC-4AD7-80AE-6813A2B2B992}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92FFCC75-D228-4DD0-9E54-783C4D26F355}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7141A1A-A804-48E4-9314-45E46D740950}: DhcpNameServer = 193.189.244.206 193.189.244.225
O18:64bit: - Protocol\Handler\dialux - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll (DIAL GmbH, Germany)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (wvauth) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.06 15:15:54 | 000,000,000 | ---D | M] - D:\AutoCAD_2009 -- [ NTFS ]
O32 - AutoRun File - [2012.12.18 13:08:09 | 000,000,000 | ---D | M] - D:\AutoCAD_2011 -- [ NTFS ]
O32 - AutoRun File - [2012.01.29 01:46:45 | 000,000,000 | ---D | M] - E:\AutoCAD -- [ NTFS ]
O32 - AutoRun File - [2012.01.29 01:47:17 | 000,000,000 | ---D | M] - E:\AutoCAD_2002 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.17 15:12:34 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2013.01.17 13:03:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\FreePDF_XP
[2013.01.16 11:00:50 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.01.16 10:57:35 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 10:57:22 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.16 10:53:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple
[2013.01.16 10:16:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.16 10:12:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.01.15 12:21:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\temp
[2013.01.15 12:15:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.15 12:15:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.15 12:15:17 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.01.15 12:15:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.15 12:14:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.14 23:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.14 23:14:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.01.13 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2013.01.13 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Thunderbird
[2013.01.10 23:00:37 | 026,931,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.01.10 23:00:37 | 025,256,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.01.10 23:00:37 | 020,450,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.01.10 23:00:37 | 018,054,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.01.10 23:00:37 | 017,560,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.01.10 23:00:37 | 015,129,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.01.10 23:00:37 | 015,052,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.01.10 23:00:37 | 009,389,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.01.10 23:00:37 | 007,931,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.01.10 23:00:37 | 007,565,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.01.10 23:00:37 | 006,263,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.01.10 23:00:37 | 002,904,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.01.10 23:00:37 | 002,720,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.01.10 23:00:37 | 002,344,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.01.10 23:00:37 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.01.10 23:00:37 | 001,504,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.01.09 07:33:41 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 07:33:14 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2013.01.08 20:52:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Skyrim
[2013.01.08 20:52:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Games
[2013.01.03 17:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TVgenial 5
[2013.01.03 17:12:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\TVgenial
[2013.01.03 17:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TVgenial
[2013.01.03 17:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TVgenial5
[2012.12.31 09:27:48 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.31 08:38:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\elsterformular
[2012.12.29 02:54:24 | 000,550,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2012.12.28 19:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dropbox
[2012.12.27 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.12.27 20:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012.12.27 20:50:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2012.12.26 02:43:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NVIDIA
[2012.12.26 02:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.12.26 02:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.12.25 21:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2012.12.25 21:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2012.12.21 07:56:34 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.21 07:56:34 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.21 07:56:34 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.21 07:56:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.17 15:59:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.17 15:58:10 | 001,454,210 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.17 15:58:10 | 000,632,502 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.17 15:58:10 | 000,599,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.17 15:58:10 | 000,127,714 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.17 15:58:10 | 000,105,164 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.17 15:53:21 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 15:53:20 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 15:53:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.17 15:42:52 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.01.17 15:42:48 | 000,000,823 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
[2013.01.17 15:37:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.17 15:17:36 | 000,039,556 | ---- | M] () -- C:\Users\Administrator\Desktop\Finanzierung_Landwehrstr_30b-5.pdf
[2013.01.17 13:07:35 | 000,030,686 | ---- | M] () -- C:\Users\Administrator\Desktop\Santander Internet Banking.pdf
[2013.01.16 10:57:32 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 10:57:31 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.01.16 10:57:31 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.01.16 10:57:31 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.16 10:57:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.16 10:57:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.16 10:33:45 | 000,000,570 | ---- | M] () -- C:\Users\Administrator\Desktop\TOTALCMD64.lnk
[2013.01.16 10:12:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.01.12 23:41:34 | 000,000,020 | ---- | M] () -- C:\Users\Administrator\defogger_reenable
[2013.01.10 23:37:46 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.10 23:37:46 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 07:47:03 | 000,496,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.03 17:12:58 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\TVgenial.lnk
[2012.12.29 11:34:47 | 026,931,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.12.29 11:34:47 | 025,256,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.12.29 11:34:47 | 020,450,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.12.29 11:34:47 | 018,054,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.12.29 11:34:47 | 017,560,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.12.29 11:34:47 | 015,129,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.12.29 11:34:47 | 015,052,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.12.29 11:34:47 | 012,641,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.12.29 11:34:47 | 009,389,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.12.29 11:34:47 | 007,931,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.12.29 11:34:47 | 007,565,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.12.29 11:34:47 | 006,263,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.12.29 11:34:47 | 002,904,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.12.29 11:34:47 | 002,824,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.12.29 11:34:47 | 002,720,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.12.29 11:34:47 | 002,504,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.12.29 11:34:47 | 002,344,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.12.29 11:34:47 | 001,985,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.12.29 11:34:47 | 001,813,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.12.29 11:34:47 | 001,504,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.12.29 11:34:47 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.12.29 09:40:27 | 006,382,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.12.29 09:40:27 | 003,455,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.12.29 09:40:09 | 002,558,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.12.29 09:40:09 | 000,997,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2012.12.29 09:40:09 | 000,118,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.12.29 09:40:09 | 000,063,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.12.29 09:40:09 | 000,055,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2012.12.29 08:00:43 | 000,001,703 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012.12.29 02:54:24 | 000,550,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2012.12.27 20:49:41 | 000,001,839 | ---- | M] () -- C:\Users\Administrator\Desktop\Samsung Kies (Lite).lnk
[2012.12.26 02:41:53 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.26 02:18:09 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.25 21:49:21 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.20 19:19:42 | 000,054,728 | ---- | M] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.17 15:17:36 | 000,039,556 | ---- | C] () -- C:\Users\Administrator\Desktop\Finanzierung_Landwehrstr_30b-5.pdf
[2013.01.17 13:05:11 | 000,030,686 | ---- | C] () -- C:\Users\Administrator\Desktop\Santander Internet Banking.pdf
[2013.01.16 10:33:15 | 000,000,570 | ---- | C] () -- C:\Users\Administrator\Desktop\TOTALCMD64.lnk
[2013.01.15 12:15:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.15 12:15:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.15 12:15:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.15 12:15:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.15 12:15:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.15 12:15:18 | 000,060,416 | ---- | C] () -- C:\Windows\NIRCMD.exe
[2013.01.12 23:41:34 | 000,000,020 | ---- | C] () -- C:\Users\Administrator\defogger_reenable
[2012.12.27 20:49:41 | 000,001,839 | ---- | C] () -- C:\Users\Administrator\Desktop\Samsung Kies (Lite).lnk
[2012.12.26 02:41:53 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.26 02:18:09 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.12.26 02:18:09 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.09.26 19:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.09.26 19:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.09.26 19:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.09.26 19:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.09.26 19:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.09.21 02:19:02 | 000,377,168 | ---- | C] () -- C:\Windows\SysWow64\brcmbsp.dll
[2012.09.21 02:16:27 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012.02.01 04:58:22 | 002,681,344 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2011.10.31 11:55:50 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011.10.06 13:34:12 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.05.24 12:50:08 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.05.13 10:24:36 | 000,000,102 | ---- | C] () -- C:\Windows\Dialux.ini
[2011.01.24 12:10:47 | 000,000,000 | -H-- | C] () -- C:\Windows\msds.dat
[2010.01.11 13:07:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 16:29:43 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:01 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

< End of report >

ratz9 17.01.2013 16:37
Code:
OTL Extras logfile created on: 17.01.2013 16:23:22 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\R\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 47,25% Memory free
8,17 Gb Paging File | 5,72 Gb Available in Paging File | 69,94% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,29 Gb Total Space | 35,85 Gb Free Space | 30,05% Space Free | Partition Type: NTFS
Drive D: | 119,18 Gb Total Space | 40,03 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
Drive E: | 465,69 Gb Total Space | 30,78 Gb Free Space | 6,61% Space Free | Partition Type: NTFS
Drive F: | 465,69 Gb Total Space | 114,68 Gb Free Space | 24,63% Space Free | Partition Type: NTFS
 
Computer Name: R-LAPTOP02 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01  [binary data]
"VistaSp2" = C2 5E 86 26 A1 8F CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004AB794-F8E9-4AAB-8B97-35C3A14F097E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{04126AAF-91EE-4010-95A0-90F631986FCB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{047F1E3E-EE7E-41BC-9396-A15EC30A51D9}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0521E506-192C-458B-AF1B-6667EBD3E4C8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{08C26E95-7CEA-408A-A9B9-BE87F810C83C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0BE92E92-4D9E-4123-88CF-56AB1F24C74C}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{166ED1C2-872F-42AC-B961-59AE21387DE4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18C08F8A-02CA-47BF-9BC3-DAD8C2D523C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24268A7C-519F-4AB9-846B-7B97497132CA}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{24E8650D-79E8-4E54-802B-D9458D69622A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31CE7EEF-8682-48EE-8D48-2E1AD3DF8F18}" = rport=138 | protocol=17 | dir=out | app=system |
"{37227A37-5752-4DFA-B6CA-CE3B931B721E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{3D8C1889-C585-4398-BBC5-11050228AE8B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AF6B861-35CE-4278-89B7-824A578B672D}" = lport=139 | protocol=6 | dir=in | app=system |
"{512ED9E5-84C6-41CE-8B53-4B3F6F8572D3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5757AB46-0F42-4492-856C-DDA67094D60C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{59B4C024-4F63-4120-8B4F-324D954E47F3}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C491A72-243F-44C8-B0C3-B5476C340D02}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5CEB26A6-E7D0-4BD8-8999-96E5D3625AC1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5D3A01AD-5C38-40D9-93BD-17232EF2C22C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5DA145B7-C056-452A-BF45-DA669A633078}" = rport=445 | protocol=6 | dir=out | app=system |
"{607F81B9-891B-4849-901C-9B92FBD2AF1E}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{633839B5-F419-4093-9A6D-611A268093C6}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{6D8AAAA8-95F8-432B-87BE-0582651E312A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7889D493-C310-44F2-8B62-EBFEFEC9D35A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{815E43CD-9660-4A2C-85D5-BC3F3DCA5BDB}" = lport=445 | protocol=6 | dir=in | app=system |
"{8279D5F3-F4D2-403E-B774-9DCE8BAFBF81}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{932D1FB5-93D6-4D69-8E53-302B06ECC4A7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9938D337-74C1-42E3-9529-8764302CBBD8}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF5D60D2-B578-4438-9F18-C1A1E534B07D}" = lport=138 | protocol=17 | dir=in | app=system |
"{B62D4EAE-57A4-4CD6-9F87-A0BCF5866410}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B7D637A9-7064-4AAB-9AEE-E11462F8D986}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B9E9B3E7-238D-4D24-A340-5D82F9779A58}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BB0D48EC-A03E-4A83-A98E-C84ADEF67146}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BFF39277-4F23-42FE-BA43-C2893A1DF780}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C67598F1-A7A0-42E2-8B24-23CA282835DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF018C33-F138-407C-91C2-8809D3A44421}" = lport=137 | protocol=17 | dir=in | app=system |
"{EAA7234A-CEB3-4B4A-B0A4-0647B96F2648}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EBCD8012-EDFF-4772-AEDD-C1F35859D152}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1DAB002-FB09-4471-96C9-D6E16A40FE0E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F364A4CD-FE46-4F1E-B406-767273E251DD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02EFDA34-51E3-435C-B256-9E2A09856712}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{03C8063B-944B-41E3-99CB-CEA6407F98EC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{085A2682-E90A-4ED2-8F0C-40E220FAD01D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{087898C0-02A1-464F-908B-D9DC05E6E7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"{0AFA640F-0C73-47D4-B4D6-4D2742E8B3CE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0D005777-5B81-4F80-B094-2D3774026857}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{0DF16DA4-ABBE-4CB9-8298-832FAAA01FB7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{10C2289D-7A33-4355-B832-39C30DE63F4D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{155AD8BF-963F-48B5-BAB2-91BC30434F5C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{17FE4F11-C98A-41AD-9652-DA70F35A0524}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"{1B71991F-1AF6-44A7-B81D-9C28C728D5A4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{1FF409BA-B636-4852-8D9F-B86DCF666F46}" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{2246F11E-021D-495C-ADE1-7DC7AA5E0390}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{26285B89-4895-43D0-AC44-74DCE22F80C8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{2A36BA5C-B879-44BF-844E-E7E815A35EF3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{2AE037D0-55A6-4CCC-8604-8EBD263604FC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30958F18-EF7F-4A13-81C6-2C21ECAF2D90}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3209F2EC-60B5-485B-82BF-499FB531F7BB}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{326A816C-F39A-4420-B6F1-199401824C6C}" = protocol=17 | dir=in | app=c:\users\r\appdata\local\apps\2.0\cnjphykb.7q5\lle3peln.w1c\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{3298E8BB-8C84-42F2-8AED-062D08A4D586}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{351D93DD-17DF-409C-9AEC-39E195ED2B79}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{3643249D-34C8-463C-BCE4-B9C1DB629F2C}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{3ABC9B81-3EEC-472C-9040-9F2A4528A774}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3AD20172-D481-40E5-AB74-0561350BF930}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3E6889C1-0EF0-4509-B0EB-0DB38C7F5264}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{40353085-2744-4239-A29A-D2A742D9DDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{4C5DC25A-C668-424E-B2B1-F8326FD9868F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4DC7054C-8DF2-41B8-B13B-15FE3FE3FFBB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{591C0DB5-CAFA-4829-B17F-49871B6258F4}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{5C4B847A-BD61-4063-A10F-08E53199D182}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{5CD21628-0A32-4F3A-8AD2-39888D42C744}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{5DBAF38A-9C23-4174-87F2-25DA64C8BCF0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{60C921EA-5DB7-4170-BE54-FD56096F5725}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{61A305ED-2261-4CE2-B4A6-BEC96C063DA1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63C887B4-1C14-45AD-80E1-527506A16035}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{66265A86-188D-48E2-9703-4CB444BE0798}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{6D0BF4EF-A7DA-4B1F-B443-9697EEAD5D02}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{6F3CA072-E5A2-460D-B8DB-6D65DEFA4A55}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6F996556-100C-41F9-A934-C8FA8DF3102D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{718249AB-6A20-4C15-A835-67C6158FED96}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{733825D8-605E-4CFF-AB50-EB36C9A59B69}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{73D6C0D3-7650-4BBA-89EB-8449AB392E56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{73F5F9DF-1506-4970-892F-463FD32F7A50}" = protocol=6 | dir=in | app=c:\users\r\appdata\local\temp\{5ed8315d-3e87-4622-967c-3234a017efa0}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe |
"{743C974D-19EA-41CF-B214-99452621447F}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7841BE0C-155F-4146-8696-CB567ACE6900}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{7B958CAD-DFA4-4727-827F-D143D0129E9A}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{7CD321F7-C197-40AF-9CDC-4339720FF702}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7E7E645E-175A-4140-BA49-82744155120B}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{814C3C81-F911-40CC-91AE-C8A2A8E10DB7}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{819696DE-A2A0-44D7-AB46-5BE14AF30770}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8586A832-089B-4B46-BD3E-051079499086}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{870E4E06-E546-4F3E-881B-15E696C515E0}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{87B98076-E0BF-4967-B96C-F89292FB6E2B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8A7324A4-D4AF-4D54-84FA-D4DF0288230C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8CE52618-D161-4B36-AC59-3352998F6BB3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{8D1CA9CB-DF48-48A6-A9DB-052922DA50A7}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{8DEAA701-4875-4F18-B65F-3F349BC29C0E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8E69E61D-75BE-4800-B757-810803546628}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{93645458-5796-41F8-B3A3-53E12C08B104}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{94403B60-C306-462C-8007-CCAF839EC9A9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{97976F18-12C7-4142-AE52-402DCA6E9A83}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{9A3CBFE2-DCA6-4A06-86FE-B934B598365A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9AC7665D-8979-42BB-9284-171E64E593F9}" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{9C6FAF94-0259-488F-BEB0-A9C6955BCF43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9CF29FA5-A78B-4CD0-964C-249DEA10D674}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{9D283717-87D7-4AC5-B7BA-207CBD1A31F7}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{9DB47AA2-CDC6-401E-9568-CE746F7DD0D1}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{A1B79FB2-F57E-4D30-9EBF-24CE296EA503}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A4B577E0-126C-407F-8BA6-3D01DF75CCC5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A8618E98-F4F6-44F4-9C9C-DE25D35842E4}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A9904A47-CC06-4BA2-BEE3-9B9781AAE79E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ACE1F1C5-97CC-446C-9C46-5D8F9F4C3038}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B054E907-DE09-4905-94A3-73BCE57D1C35}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{B2A7CC22-665B-4F7E-AA32-097D2D2688A5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B628B788-E2C1-4F3A-B5BC-9DD1853AF651}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{B657B423-85CD-42E8-AB19-264CB3FA8B2D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{B7F3FE4C-F2D6-4B16-92A1-E3D3FA29E886}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{B9307BFE-746B-415F-A76E-9D36C9B84D25}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{BB699662-56C5-4786-8172-A92294FF5C3B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{BF886810-2C18-4420-A41A-892A7835326F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{C1851709-F356-42F3-92CB-7BFCA52088FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C1D6117C-7861-4F64-98AF-F03B5B545EB4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C270F552-4FA2-461E-8C7E-EA29C523C26F}" = protocol=6 | dir=in | app=f:\dummie\solutoinstaller.exe |
"{C4C32767-0577-4533-83CC-6DF8DA1BF367}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{C708B084-338F-49EE-846E-4D9127489F31}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{CCC05EBB-D6D7-4451-A6EA-5E7190886405}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{D28C396E-55DE-439C-AA52-4ABCBA2D636B}" = protocol=6 | dir=in | app=c:\users\r\appdata\local\apps\2.0\cnjphykb.7q5\lle3peln.w1c\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{D3ED3147-4A6A-4341-80AE-3BDE64F3381F}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{DA6E6CD7-E335-4669-B149-D7637E1EF988}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{DAAE65BE-6159-40AD-9F50-78EBB62E9A32}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{DADBBA94-29D7-4B52-9936-9BB4C56843F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{E7761B1F-5EA8-4501-9FE5-BF1B96FCE511}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{E910AF4C-AE2F-4818-8715-00D38A1D58E7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EA4D3C34-F80B-495D-B5EE-7A4FEC45524A}" = protocol=17 | dir=in | app=f:\dummie\solutoinstaller.exe |
"{EA632EE9-E206-4AD4-83B3-FFB8BC586A6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EC95EC23-D7A6-4DD9-B3F5-B9B219221766}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{F1977FEF-88C3-4734-8FEF-BBD669D52FE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F1A843A7-E47D-4301-9D47-C0B16B0038D9}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{F3366ACE-BA77-4652-A755-B8EA7715C073}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{F36EF739-0BE7-4F29-A530-7CB969565E24}" = protocol=17 | dir=in | app=c:\users\r\appdata\local\temp\{5ed8315d-3e87-4622-967c-3234a017efa0}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe |
"{F40FFE66-3094-4534-B11C-CB653B32EB36}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F7671D30-9CF2-4862-B4AC-3F718FB2F083}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F8ADE1F3-7CD5-4DDF-AAD9-94897858C5E7}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{FB5A84CD-6DEB-46B9-93CA-4422D46D0DE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FF620D17-B817-4392-84D2-B6C285D0B219}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"TCP Query User{01ED3EA8-9B8A-47B0-BB3E-D3621E5A1CC1}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{03178976-5CC9-44D6-A200-159C26AFAC9A}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{0B99D92A-919B-4EA7-9C44-D56D97D785A9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{0D7A08CD-CDE0-4F59-AAF5-4CEB16183875}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{12D81733-D86D-4464-B31E-706BA4B6D78A}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{15E150DA-43C3-4F01-9418-92AE2E11027F}C:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"TCP Query User{18BC1E09-0A7F-4B0F-85D1-1DC841528CBD}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{1AF47DF9-73B3-407B-86E2-BB40F47BBE8A}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{1DF3300B-43E1-4760-A823-F1382599EE73}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{2518BD93-A4EF-4996-911F-39358109F53A}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{27F500A9-8BE9-46F4-B6DB-0DDC79342375}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"TCP Query User{46D0ED4E-4BE6-4B3B-B6D0-58F1ECF9A1AF}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{4B1F6EB3-58B2-4151-AD91-C4A65F7E24A9}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"TCP Query User{5456FF82-75BD-4091-B66E-E6A0F91A91C7}C:\windows\syswow64\dllhost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"TCP Query User{58C7AEC3-C572-400E-945F-350818A701FC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{5AD8EC2B-BC8E-4483-956C-B100C2CEB1F5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{5E7A5CDA-4EA7-4C4F-8202-DCC2CB6824C8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{630D0EB8-D412-4056-9FAF-A09A314349BE}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{68E50DDE-851A-4055-975B-6373FB3FE583}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{69B2B139-4B2D-43A2-81FC-5F68C7F57FE5}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{70DCACC0-625A-4C7A-BB01-37DAAD7A49A7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{82933F9C-09FD-4C56-8E49-356772A838AC}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{8BE6F9FB-577F-421B-A76E-AEEC8432DFD9}C:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"TCP Query User{933908A2-C868-4B73-9361-704E57198723}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"TCP Query User{A736F789-7A90-44E0-822F-F96413ABA171}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A825E474-D263-448F-BDC6-9A9512BCCAAA}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{B1F99871-7056-4447-8648-9A180D2F9466}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B5FDDFB1-F5B5-4DC1-B7BA-D78FE3C54521}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{BF825E28-6954-4A8D-ADCC-FA06E110DD57}C:\windows\syswow64\dllhost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"TCP Query User{C94EA6AC-0BB8-4C5F-B006-438227B316AC}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{CB6C5993-C813-4585-B8D6-7A0C0043BAAD}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{D6C957E0-9652-4924-8ADC-0DE9327E70B8}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{DDC577DD-A79D-41D6-B03C-77B98F48915F}C:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{EC8AA220-6E06-4BC1-922E-22DB33275D39}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{F71D3BEE-B3BB-4E00-BA3E-46CBC408191B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{04708614-D000-4BE3-8F24-AA236B5B1793}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{131FF0D6-DC35-494D-82F4-D29F14C2CD1F}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"UDP Query User{299D3748-C8B5-4C8B-B381-E97960A43FF3}C:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"UDP Query User{29DF9CAC-45AD-43F0-8D85-B077B9425A59}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{2FDC4ACC-F1FF-4CED-A4B1-CBCB019A9353}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{3A09AC9B-F6FE-4DC0-926D-A88F2E751FC1}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{3C628545-3AD4-464D-B8CB-476B8CB37993}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{41644C6B-D48A-4D2C-9D02-B1FA6F90E6F2}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{47D95A4D-5CC9-4FCA-A03D-720363217297}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{4BB5B14E-AD1F-4D3B-8334-9931084E1377}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{53CFC851-FCE6-475D-A67B-6BE65BE3DD7F}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{5BAC89A2-85D3-4DB4-9651-05D11EE9FEB3}C:\windows\syswow64\dllhost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"UDP Query User{6D0CB095-3DB3-406A-BD92-9F2E14583DC9}C:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"UDP Query User{6F8BE57D-F25F-400E-8A86-097D3F5B851D}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"UDP Query User{72AEBF62-F255-4745-A64D-9AB348E6A65C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{74A7F2DD-0EFF-4DD3-8E1B-C1F677B9B7D1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{788F8B31-B94E-43F9-B9BA-566BFF9A7970}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{78C33F25-D5C1-4B22-8609-C8C473BA1A44}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{7EA9D499-C76C-4895-8FD5-6F099D0B141D}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{7F7F7E47-9AA7-4B2B-AFAB-143056C7B6D6}C:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{8C40F6A7-5344-4818-A983-96364A062AEA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{9A50A13D-C530-4600-99E9-2DA546199E42}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{9F2A2FC3-0098-4ED4-8F9C-C4995DF7B4B8}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{A1A1EFF4-F03D-4A2C-B144-74B6DF48904E}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{A2F34F26-D41A-4A20-82CA-CC95DBC49CB4}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{AEBA58E5-42C2-4FAA-AF46-166D4468A76C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{B73CC98E-24BE-4D4E-A5DF-A907C1C67F4E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C07CA024-925B-45B2-B9EF-D967254A3D94}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C573D57A-1276-496E-A236-22C61530BEDB}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D0F3612F-BBE7-4DD4-8C6F-A974B47CFC1B}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{DADD4AD6-BB93-4755-A11F-6BBDB373E525}C:\windows\syswow64\dllhost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"UDP Query User{F1C1711F-E529-4E89-BC09-6E5924B5DA78}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{F1C19121-1A1F-49F5-8D36-2F5F9EFF5219}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{F81612F5-FF60-4D90-8033-308DBA0C3A09}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{FEEB672A-BA9B-421D-962B-876147C69183}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{167F594F-8A62-48A9-B6EC-97B853464808}" = Dell ControlPoint System Manager
"{16B452B6-828D-4E93-A97E-B92C76E8E0DD}" = SO64MMWrapper
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{27753668-8F35-4FEE-BE5D-ADCD615D334A}" = Dell ControlPoint Connection Manager 64
"{2B7F5983-7076-4D6E-9207-D9D05722502F}" = Smart Technology Programming Software 7.0.2.7
"{2C3393DE-8A93-43A0-9983-ACE9CB9EDCBA}" = BS64MMWrapper
"{3110A3AD-9890-42DF-8CE5-FBFE4E633ED2}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5783F2D7-9007-0407-0102-0060B0CE6BBA}" = AutoCAD Electrical 2011
"{5783F2D7-9007-0407-1102-0060B0CE6BBA}" = AutoCAD Electrical 2011 Language Pack - Deutsch
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{76D6189D-1564-0400-0000-DFC2EE337EAC}" = Autodesk Inventor View 2011
"{76D6189D-1564-0400-0001-DFC2EE337EAC}" = Autodesk Inventor View 2011 Language Pack - Deutsch
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87508272-99AC-47AA-9F65-5F8C09930CA6}" = Dell Control Point 64
"{8F79E264-B252-464F-979B-181903811220}" = Aastra - OpenCom1000 Service Tools (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{ACF9459F-3585-487A-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client)
"{ACF9459F-3585-487F-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client) German Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{C3B66206-54AC-4A76-8CCF-7FE5670C3581}" = DCP64MMWrapper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{F161E795-1A75-4DBD-AFAE-4980BA7EABDB}" = Dell ControlVault Host Components Installer 64Bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDA5AFC5-DAE3-4DB0-810F-B5FA858E5233}" = Soluto
"{FEF64966-7F5E-48A6-8A87-C12533BEE519}" = ATMinInstall64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)
"7C3B20D7A6E59F324247FCFEDEFA94CB3339BA1C" = Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows-Treiberpaket - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5)
"AutoCAD Electrical 2011" = AutoCAD Electrical 2011
"Autodesk Inventor View 2011" = Autodesk Inventor View 2011 Deutsch
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
"DWG TrueView 2011" = DWG TrueView 2011
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Autodesk AutoCAD 2009 Performance Driver" = NVIDIA Performance Driver for Autodesk AutoCAD 2009
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Dell Touchpad
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview
"{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}" = Google Earth
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{434D083E-A4CC-401A-9E74-621000038101}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038102}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038103}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038104}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038105}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038106}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038107}" = OF: Red River
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
"{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}" = DIAL Communication Framework
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5BA43E5C-66FD-48D2-AB40-B807D457EF83}" = ElsterFormular 2007/2008
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FCCD531-1B38-4A94-924C-127F722F1031}" = Nero 8
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AE25201-3E12-4FA2-9E65-67CD475D9263}" = ACDSee 9 Foto-Manager
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A06F5ACB-AF59-4DC0-B22E-1F6F47FC7004}" = Microsoft Reader Text-to-Speech deutsch
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A79408B0-345D-42E8-8EB6-00597320B9E0}" = FRITZ!Box-Fernzugang einrichten
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5E7BF75-007E-44AD-8962-627ED44CB63B}" = NaturalReaderFree
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.2.5
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFC0BA9B-F472-4559-B655-9C47281F9483}" = WD Security
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"001FFFFFFF12FF00FF0201F05F02F000-R1" = ArchiCAD 12 GER
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"AVAPLAN Studio 2010_is1" = AVAPLAN Studio 2010 Version 3.5.0
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"Cinergy HTC USB XS" = Cinergy HTC USB XS V5.09.1202.00
"ClearProg" = ClearProg 1.6.0 Final
"DIALux" = DIALux 4.10
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free DVD Decrypter_is1" = Free DVD Decrypter version 1.5
"FreePDF_XP" = FreePDF (Remove only)
"Google Calendar Sync" = Google Calendar Sync
"GPL Ghostscript 9.04" = GPL Ghostscript
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"jdownloader2" = JDownloader 2.0
"KaloMa_is1" = KaloMa 4.9
"MKVToolNix" = MKVToolNix 5.9.0
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NAVIGON Sync" = NAVIGON Sync 2.0.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenFietsMap (BNL)" = OpenFietsMap
"OpenFietsMap(Germany)" = OpenFietsMap(Germany)
"RealPlayer 12.0" = RealPlayer
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"Simple Sudoku_is1" = Simple Sudoku 4.2
"SpeedFan" = SpeedFan (remove only)
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"The Elder Scrolls V - Skyrim_is1" = The Elder Scrolls V - Skyrim
"TVgenial" = TVgenial 5.00
"VAG-COM311_DE" = VAG-COM 311 Deutsch
"VLC media player" = VLC media player 2.0.4
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.3
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.01.2013 10:12:31 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 10:13:05 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:44:42 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:44:42 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = EventSystem | ID = 4609
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 10:53:33 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 10:54:12 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:54:12 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:55:19 | Computer Name = R-Laptop02 | Source = Windows Search Service | ID = 3013
Description =
 
[ OSession Events ]
Error - 15.04.2010 16:50:12 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1005
 seconds with 840 seconds of active time.  This session ended with a crash.
 
Error - 25.04.2010 12:59:37 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4399
 seconds with 4020 seconds of active time.  This session ended with a crash.
 
Error - 04.02.2011 08:47:58 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.07.2011 07:39:56 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 03.01.2013 14:51:26 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 25
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 17.01.2013 10:44:39 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7001
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7026
Description =
 
Error - 17.01.2013 10:52:54 | Computer Name = R-Laptop02 | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 17.01.2013 10:53:47 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7009
Description =
 
Error - 17.01.2013 10:53:47 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7000
Description =
 
Error - 17.01.2013 10:54:06 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >

ratz9 17.01.2013 16:38
Code:
OTL Extras logfile created on: 17.01.2013 16:23:22 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\R\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 47,25% Memory free
8,17 Gb Paging File | 5,72 Gb Available in Paging File | 69,94% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,29 Gb Total Space | 35,85 Gb Free Space | 30,05% Space Free | Partition Type: NTFS
Drive D: | 119,18 Gb Total Space | 40,03 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
Drive E: | 465,69 Gb Total Space | 30,78 Gb Free Space | 6,61% Space Free | Partition Type: NTFS
Drive F: | 465,69 Gb Total Space | 114,68 Gb Free Space | 24,63% Space Free | Partition Type: NTFS
 
Computer Name: R-LAPTOP02 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01  [binary data]
"VistaSp2" = C2 5E 86 26 A1 8F CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004AB794-F8E9-4AAB-8B97-35C3A14F097E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{04126AAF-91EE-4010-95A0-90F631986FCB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{047F1E3E-EE7E-41BC-9396-A15EC30A51D9}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0521E506-192C-458B-AF1B-6667EBD3E4C8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{08C26E95-7CEA-408A-A9B9-BE87F810C83C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0BE92E92-4D9E-4123-88CF-56AB1F24C74C}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{166ED1C2-872F-42AC-B961-59AE21387DE4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18C08F8A-02CA-47BF-9BC3-DAD8C2D523C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24268A7C-519F-4AB9-846B-7B97497132CA}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{24E8650D-79E8-4E54-802B-D9458D69622A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31CE7EEF-8682-48EE-8D48-2E1AD3DF8F18}" = rport=138 | protocol=17 | dir=out | app=system |
"{37227A37-5752-4DFA-B6CA-CE3B931B721E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{3D8C1889-C585-4398-BBC5-11050228AE8B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AF6B861-35CE-4278-89B7-824A578B672D}" = lport=139 | protocol=6 | dir=in | app=system |
"{512ED9E5-84C6-41CE-8B53-4B3F6F8572D3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5757AB46-0F42-4492-856C-DDA67094D60C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{59B4C024-4F63-4120-8B4F-324D954E47F3}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C491A72-243F-44C8-B0C3-B5476C340D02}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5CEB26A6-E7D0-4BD8-8999-96E5D3625AC1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5D3A01AD-5C38-40D9-93BD-17232EF2C22C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5DA145B7-C056-452A-BF45-DA669A633078}" = rport=445 | protocol=6 | dir=out | app=system |
"{607F81B9-891B-4849-901C-9B92FBD2AF1E}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{633839B5-F419-4093-9A6D-611A268093C6}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{6D8AAAA8-95F8-432B-87BE-0582651E312A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7889D493-C310-44F2-8B62-EBFEFEC9D35A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{815E43CD-9660-4A2C-85D5-BC3F3DCA5BDB}" = lport=445 | protocol=6 | dir=in | app=system |
"{8279D5F3-F4D2-403E-B774-9DCE8BAFBF81}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{932D1FB5-93D6-4D69-8E53-302B06ECC4A7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9938D337-74C1-42E3-9529-8764302CBBD8}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF5D60D2-B578-4438-9F18-C1A1E534B07D}" = lport=138 | protocol=17 | dir=in | app=system |
"{B62D4EAE-57A4-4CD6-9F87-A0BCF5866410}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B7D637A9-7064-4AAB-9AEE-E11462F8D986}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B9E9B3E7-238D-4D24-A340-5D82F9779A58}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BB0D48EC-A03E-4A83-A98E-C84ADEF67146}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BFF39277-4F23-42FE-BA43-C2893A1DF780}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C67598F1-A7A0-42E2-8B24-23CA282835DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF018C33-F138-407C-91C2-8809D3A44421}" = lport=137 | protocol=17 | dir=in | app=system |
"{EAA7234A-CEB3-4B4A-B0A4-0647B96F2648}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EBCD8012-EDFF-4772-AEDD-C1F35859D152}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1DAB002-FB09-4471-96C9-D6E16A40FE0E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F364A4CD-FE46-4F1E-B406-767273E251DD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02EFDA34-51E3-435C-B256-9E2A09856712}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{03C8063B-944B-41E3-99CB-CEA6407F98EC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{085A2682-E90A-4ED2-8F0C-40E220FAD01D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{087898C0-02A1-464F-908B-D9DC05E6E7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"{0AFA640F-0C73-47D4-B4D6-4D2742E8B3CE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0D005777-5B81-4F80-B094-2D3774026857}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{0DF16DA4-ABBE-4CB9-8298-832FAAA01FB7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{10C2289D-7A33-4355-B832-39C30DE63F4D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{155AD8BF-963F-48B5-BAB2-91BC30434F5C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{17FE4F11-C98A-41AD-9652-DA70F35A0524}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"{1B71991F-1AF6-44A7-B81D-9C28C728D5A4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{1FF409BA-B636-4852-8D9F-B86DCF666F46}" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{2246F11E-021D-495C-ADE1-7DC7AA5E0390}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{26285B89-4895-43D0-AC44-74DCE22F80C8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{2A36BA5C-B879-44BF-844E-E7E815A35EF3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{2AE037D0-55A6-4CCC-8604-8EBD263604FC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30958F18-EF7F-4A13-81C6-2C21ECAF2D90}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3209F2EC-60B5-485B-82BF-499FB531F7BB}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{326A816C-F39A-4420-B6F1-199401824C6C}" = protocol=17 | dir=in | app=c:\users\r\appdata\local\apps\2.0\cnjphykb.7q5\lle3peln.w1c\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{3298E8BB-8C84-42F2-8AED-062D08A4D586}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{351D93DD-17DF-409C-9AEC-39E195ED2B79}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{3643249D-34C8-463C-BCE4-B9C1DB629F2C}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{3ABC9B81-3EEC-472C-9040-9F2A4528A774}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3AD20172-D481-40E5-AB74-0561350BF930}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3E6889C1-0EF0-4509-B0EB-0DB38C7F5264}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{40353085-2744-4239-A29A-D2A742D9DDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{4C5DC25A-C668-424E-B2B1-F8326FD9868F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4DC7054C-8DF2-41B8-B13B-15FE3FE3FFBB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{591C0DB5-CAFA-4829-B17F-49871B6258F4}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{5C4B847A-BD61-4063-A10F-08E53199D182}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{5CD21628-0A32-4F3A-8AD2-39888D42C744}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{5DBAF38A-9C23-4174-87F2-25DA64C8BCF0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{60C921EA-5DB7-4170-BE54-FD56096F5725}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{61A305ED-2261-4CE2-B4A6-BEC96C063DA1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63C887B4-1C14-45AD-80E1-527506A16035}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{66265A86-188D-48E2-9703-4CB444BE0798}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{6D0BF4EF-A7DA-4B1F-B443-9697EEAD5D02}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{6F3CA072-E5A2-460D-B8DB-6D65DEFA4A55}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6F996556-100C-41F9-A934-C8FA8DF3102D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{718249AB-6A20-4C15-A835-67C6158FED96}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{733825D8-605E-4CFF-AB50-EB36C9A59B69}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{73D6C0D3-7650-4BBA-89EB-8449AB392E56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{73F5F9DF-1506-4970-892F-463FD32F7A50}" = protocol=6 | dir=in | app=c:\users\r\appdata\local\temp\{5ed8315d-3e87-4622-967c-3234a017efa0}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe |
"{743C974D-19EA-41CF-B214-99452621447F}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7841BE0C-155F-4146-8696-CB567ACE6900}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{7B958CAD-DFA4-4727-827F-D143D0129E9A}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{7CD321F7-C197-40AF-9CDC-4339720FF702}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7E7E645E-175A-4140-BA49-82744155120B}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{814C3C81-F911-40CC-91AE-C8A2A8E10DB7}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{819696DE-A2A0-44D7-AB46-5BE14AF30770}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8586A832-089B-4B46-BD3E-051079499086}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{870E4E06-E546-4F3E-881B-15E696C515E0}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{87B98076-E0BF-4967-B96C-F89292FB6E2B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8A7324A4-D4AF-4D54-84FA-D4DF0288230C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8CE52618-D161-4B36-AC59-3352998F6BB3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{8D1CA9CB-DF48-48A6-A9DB-052922DA50A7}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{8DEAA701-4875-4F18-B65F-3F349BC29C0E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8E69E61D-75BE-4800-B757-810803546628}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{93645458-5796-41F8-B3A3-53E12C08B104}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{94403B60-C306-462C-8007-CCAF839EC9A9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{97976F18-12C7-4142-AE52-402DCA6E9A83}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{9A3CBFE2-DCA6-4A06-86FE-B934B598365A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9AC7665D-8979-42BB-9284-171E64E593F9}" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{9C6FAF94-0259-488F-BEB0-A9C6955BCF43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9CF29FA5-A78B-4CD0-964C-249DEA10D674}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{9D283717-87D7-4AC5-B7BA-207CBD1A31F7}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{9DB47AA2-CDC6-401E-9568-CE746F7DD0D1}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{A1B79FB2-F57E-4D30-9EBF-24CE296EA503}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A4B577E0-126C-407F-8BA6-3D01DF75CCC5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A8618E98-F4F6-44F4-9C9C-DE25D35842E4}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A9904A47-CC06-4BA2-BEE3-9B9781AAE79E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ACE1F1C5-97CC-446C-9C46-5D8F9F4C3038}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B054E907-DE09-4905-94A3-73BCE57D1C35}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{B2A7CC22-665B-4F7E-AA32-097D2D2688A5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B628B788-E2C1-4F3A-B5BC-9DD1853AF651}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{B657B423-85CD-42E8-AB19-264CB3FA8B2D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{B7F3FE4C-F2D6-4B16-92A1-E3D3FA29E886}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{B9307BFE-746B-415F-A76E-9D36C9B84D25}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{BB699662-56C5-4786-8172-A92294FF5C3B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{BF886810-2C18-4420-A41A-892A7835326F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{C1851709-F356-42F3-92CB-7BFCA52088FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C1D6117C-7861-4F64-98AF-F03B5B545EB4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C270F552-4FA2-461E-8C7E-EA29C523C26F}" = protocol=6 | dir=in | app=f:\dummie\solutoinstaller.exe |
"{C4C32767-0577-4533-83CC-6DF8DA1BF367}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{C708B084-338F-49EE-846E-4D9127489F31}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{CCC05EBB-D6D7-4451-A6EA-5E7190886405}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{D28C396E-55DE-439C-AA52-4ABCBA2D636B}" = protocol=6 | dir=in | app=c:\users\r\appdata\local\apps\2.0\cnjphykb.7q5\lle3peln.w1c\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{D3ED3147-4A6A-4341-80AE-3BDE64F3381F}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{DA6E6CD7-E335-4669-B149-D7637E1EF988}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{DAAE65BE-6159-40AD-9F50-78EBB62E9A32}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{DADBBA94-29D7-4B52-9936-9BB4C56843F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{E7761B1F-5EA8-4501-9FE5-BF1B96FCE511}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{E910AF4C-AE2F-4818-8715-00D38A1D58E7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EA4D3C34-F80B-495D-B5EE-7A4FEC45524A}" = protocol=17 | dir=in | app=f:\dummie\solutoinstaller.exe |
"{EA632EE9-E206-4AD4-83B3-FFB8BC586A6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EC95EC23-D7A6-4DD9-B3F5-B9B219221766}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{F1977FEF-88C3-4734-8FEF-BBD669D52FE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F1A843A7-E47D-4301-9D47-C0B16B0038D9}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{F3366ACE-BA77-4652-A755-B8EA7715C073}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{F36EF739-0BE7-4F29-A530-7CB969565E24}" = protocol=17 | dir=in | app=c:\users\r\appdata\local\temp\{5ed8315d-3e87-4622-967c-3234a017efa0}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe |
"{F40FFE66-3094-4534-B11C-CB653B32EB36}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F7671D30-9CF2-4862-B4AC-3F718FB2F083}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F8ADE1F3-7CD5-4DDF-AAD9-94897858C5E7}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{FB5A84CD-6DEB-46B9-93CA-4422D46D0DE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FF620D17-B817-4392-84D2-B6C285D0B219}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"TCP Query User{01ED3EA8-9B8A-47B0-BB3E-D3621E5A1CC1}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{03178976-5CC9-44D6-A200-159C26AFAC9A}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{0B99D92A-919B-4EA7-9C44-D56D97D785A9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{0D7A08CD-CDE0-4F59-AAF5-4CEB16183875}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{12D81733-D86D-4464-B31E-706BA4B6D78A}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{15E150DA-43C3-4F01-9418-92AE2E11027F}C:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"TCP Query User{18BC1E09-0A7F-4B0F-85D1-1DC841528CBD}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{1AF47DF9-73B3-407B-86E2-BB40F47BBE8A}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{1DF3300B-43E1-4760-A823-F1382599EE73}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{2518BD93-A4EF-4996-911F-39358109F53A}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{27F500A9-8BE9-46F4-B6DB-0DDC79342375}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"TCP Query User{46D0ED4E-4BE6-4B3B-B6D0-58F1ECF9A1AF}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{4B1F6EB3-58B2-4151-AD91-C4A65F7E24A9}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"TCP Query User{5456FF82-75BD-4091-B66E-E6A0F91A91C7}C:\windows\syswow64\dllhost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"TCP Query User{58C7AEC3-C572-400E-945F-350818A701FC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{5AD8EC2B-BC8E-4483-956C-B100C2CEB1F5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{5E7A5CDA-4EA7-4C4F-8202-DCC2CB6824C8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{630D0EB8-D412-4056-9FAF-A09A314349BE}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{68E50DDE-851A-4055-975B-6373FB3FE583}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{69B2B139-4B2D-43A2-81FC-5F68C7F57FE5}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{70DCACC0-625A-4C7A-BB01-37DAAD7A49A7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{82933F9C-09FD-4C56-8E49-356772A838AC}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{8BE6F9FB-577F-421B-A76E-AEEC8432DFD9}C:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"TCP Query User{933908A2-C868-4B73-9361-704E57198723}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"TCP Query User{A736F789-7A90-44E0-822F-F96413ABA171}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A825E474-D263-448F-BDC6-9A9512BCCAAA}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{B1F99871-7056-4447-8648-9A180D2F9466}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B5FDDFB1-F5B5-4DC1-B7BA-D78FE3C54521}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{BF825E28-6954-4A8D-ADCC-FA06E110DD57}C:\windows\syswow64\dllhost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"TCP Query User{C94EA6AC-0BB8-4C5F-B006-438227B316AC}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{CB6C5993-C813-4585-B8D6-7A0C0043BAAD}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{D6C957E0-9652-4924-8ADC-0DE9327E70B8}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{DDC577DD-A79D-41D6-B03C-77B98F48915F}C:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe |
"TCP Query User{EC8AA220-6E06-4BC1-922E-22DB33275D39}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{F71D3BEE-B3BB-4E00-BA3E-46CBC408191B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{04708614-D000-4BE3-8F24-AA236B5B1793}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{131FF0D6-DC35-494D-82F4-D29F14C2CD1F}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"UDP Query User{299D3748-C8B5-4C8B-B381-E97960A43FF3}C:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"UDP Query User{29DF9CAC-45AD-43F0-8D85-B077B9425A59}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{2FDC4ACC-F1FF-4CED-A4B1-CBCB019A9353}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{3A09AC9B-F6FE-4DC0-926D-A88F2E751FC1}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{3C628545-3AD4-464D-B8CB-476B8CB37993}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{41644C6B-D48A-4D2C-9D02-B1FA6F90E6F2}C:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{47D95A4D-5CC9-4FCA-A03D-720363217297}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{4BB5B14E-AD1F-4D3B-8334-9931084E1377}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{53CFC851-FCE6-475D-A67B-6BE65BE3DD7F}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{5BAC89A2-85D3-4DB4-9651-05D11EE9FEB3}C:\windows\syswow64\dllhost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"UDP Query User{6D0CB095-3DB3-406A-BD92-9F2E14583DC9}C:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\hunted\binaries\win32\p4dftre.dll |
"UDP Query User{6F8BE57D-F25F-400E-8A86-097D3F5B851D}C:\program files (x86)\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\graphisoft\archicad 12\archicad.exe |
"UDP Query User{72AEBF62-F255-4745-A64D-9AB348E6A65C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{74A7F2DD-0EFF-4DD3-8E1B-C1F677B9B7D1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{788F8B31-B94E-43F9-B9BA-566BFF9A7970}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{78C33F25-D5C1-4B22-8609-C8C473BA1A44}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{7EA9D499-C76C-4895-8FD5-6F099D0B141D}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{7F7F7E47-9AA7-4B2B-AFAB-143056C7B6D6}C:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{8C40F6A7-5344-4818-A983-96364A062AEA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{9A50A13D-C530-4600-99E9-2DA546199E42}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{9F2A2FC3-0098-4ED4-8F9C-C4995DF7B4B8}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{A1A1EFF4-F03D-4A2C-B144-74B6DF48904E}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{A2F34F26-D41A-4A20-82CA-CC95DBC49CB4}C:\program files (x86)\jdownloader 2.0\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2.0\jdownloader2.exe |
"UDP Query User{AEBA58E5-42C2-4FAA-AF46-166D4468A76C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{B73CC98E-24BE-4D4E-A5DF-A907C1C67F4E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C07CA024-925B-45B2-B9EF-D967254A3D94}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C573D57A-1276-496E-A236-22C61530BEDB}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D0F3612F-BBE7-4DD4-8C6F-A974B47CFC1B}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{DADD4AD6-BB93-4755-A11F-6BBDB373E525}C:\windows\syswow64\dllhost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dllhost.exe |
"UDP Query User{F1C1711F-E529-4E89-BC09-6E5924B5DA78}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{F1C19121-1A1F-49F5-8D36-2F5F9EFF5219}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{F81612F5-FF60-4D90-8033-308DBA0C3A09}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{FEEB672A-BA9B-421D-962B-876147C69183}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{167F594F-8A62-48A9-B6EC-97B853464808}" = Dell ControlPoint System Manager
"{16B452B6-828D-4E93-A97E-B92C76E8E0DD}" = SO64MMWrapper
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{27753668-8F35-4FEE-BE5D-ADCD615D334A}" = Dell ControlPoint Connection Manager 64
"{2B7F5983-7076-4D6E-9207-D9D05722502F}" = Smart Technology Programming Software 7.0.2.7
"{2C3393DE-8A93-43A0-9983-ACE9CB9EDCBA}" = BS64MMWrapper
"{3110A3AD-9890-42DF-8CE5-FBFE4E633ED2}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5783F2D7-9007-0407-0102-0060B0CE6BBA}" = AutoCAD Electrical 2011
"{5783F2D7-9007-0407-1102-0060B0CE6BBA}" = AutoCAD Electrical 2011 Language Pack - Deutsch
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{76D6189D-1564-0400-0000-DFC2EE337EAC}" = Autodesk Inventor View 2011
"{76D6189D-1564-0400-0001-DFC2EE337EAC}" = Autodesk Inventor View 2011 Language Pack - Deutsch
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87508272-99AC-47AA-9F65-5F8C09930CA6}" = Dell Control Point 64
"{8F79E264-B252-464F-979B-181903811220}" = Aastra - OpenCom1000 Service Tools (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{ACF9459F-3585-487A-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client)
"{ACF9459F-3585-487F-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client) German Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{C3B66206-54AC-4A76-8CCF-7FE5670C3581}" = DCP64MMWrapper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{F161E795-1A75-4DBD-AFAE-4980BA7EABDB}" = Dell ControlVault Host Components Installer 64Bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDA5AFC5-DAE3-4DB0-810F-B5FA858E5233}" = Soluto
"{FEF64966-7F5E-48A6-8A87-C12533BEE519}" = ATMinInstall64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)
"7C3B20D7A6E59F324247FCFEDEFA94CB3339BA1C" = Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows-Treiberpaket - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5)
"AutoCAD Electrical 2011" = AutoCAD Electrical 2011
"Autodesk Inventor View 2011" = Autodesk Inventor View 2011 Deutsch
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
"DWG TrueView 2011" = DWG TrueView 2011
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Autodesk AutoCAD 2009 Performance Driver" = NVIDIA Performance Driver for Autodesk AutoCAD 2009
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Dell Touchpad
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview
"{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}" = Google Earth
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{434D083E-A4CC-401A-9E74-621000038101}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038102}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038103}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038104}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038105}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038106}" = OF: Red River
"{434D083E-A4CC-401A-9E74-621000038107}" = OF: Red River
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
"{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}" = DIAL Communication Framework
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5BA43E5C-66FD-48D2-AB40-B807D457EF83}" = ElsterFormular 2007/2008
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FCCD531-1B38-4A94-924C-127F722F1031}" = Nero 8
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AE25201-3E12-4FA2-9E65-67CD475D9263}" = ACDSee 9 Foto-Manager
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A06F5ACB-AF59-4DC0-B22E-1F6F47FC7004}" = Microsoft Reader Text-to-Speech deutsch
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A79408B0-345D-42E8-8EB6-00597320B9E0}" = FRITZ!Box-Fernzugang einrichten
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5E7BF75-007E-44AD-8962-627ED44CB63B}" = NaturalReaderFree
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.2.5
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFC0BA9B-F472-4559-B655-9C47281F9483}" = WD Security
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"001FFFFFFF12FF00FF0201F05F02F000-R1" = ArchiCAD 12 GER
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"AVAPLAN Studio 2010_is1" = AVAPLAN Studio 2010 Version 3.5.0
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"Cinergy HTC USB XS" = Cinergy HTC USB XS V5.09.1202.00
"ClearProg" = ClearProg 1.6.0 Final
"DIALux" = DIALux 4.10
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free DVD Decrypter_is1" = Free DVD Decrypter version 1.5
"FreePDF_XP" = FreePDF (Remove only)
"Google Calendar Sync" = Google Calendar Sync
"GPL Ghostscript 9.04" = GPL Ghostscript
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"jdownloader2" = JDownloader 2.0
"KaloMa_is1" = KaloMa 4.9
"MKVToolNix" = MKVToolNix 5.9.0
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NAVIGON Sync" = NAVIGON Sync 2.0.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenFietsMap (BNL)" = OpenFietsMap
"OpenFietsMap(Germany)" = OpenFietsMap(Germany)
"RealPlayer 12.0" = RealPlayer
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"Simple Sudoku_is1" = Simple Sudoku 4.2
"SpeedFan" = SpeedFan (remove only)
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"The Elder Scrolls V - Skyrim_is1" = The Elder Scrolls V - Skyrim
"TVgenial" = TVgenial 5.00
"VAG-COM311_DE" = VAG-COM 311 Deutsch
"VLC media player" = VLC media player 2.0.4
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.3
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1537932054-3061199544-2405855936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.01.2013 10:12:31 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 10:13:05 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:44:42 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:44:42 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = EventSystem | ID = 4609
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 10:53:33 | Computer Name = R-Laptop02 | Source = WinMgmt | ID = 10
Description =
 
Error - 17.01.2013 10:54:12 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:54:12 | Computer Name = R-Laptop02 | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit einer anderen bereits aktiven Komponentenversion.  Die widersprüchlichen Komponenten
 sind:  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error - 17.01.2013 10:55:19 | Computer Name = R-Laptop02 | Source = Windows Search Service | ID = 3013
Description =
 
[ OSession Events ]
Error - 15.04.2010 16:50:12 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1005
 seconds with 840 seconds of active time.  This session ended with a crash.
 
Error - 25.04.2010 12:59:37 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4399
 seconds with 4020 seconds of active time.  This session ended with a crash.
 
Error - 04.02.2011 08:47:58 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.07.2011 07:39:56 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 03.01.2013 14:51:26 | Computer Name = R-Laptop02 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 25
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 17.01.2013 10:44:39 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = DCOM | ID = 10005
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7001
Description =
 
Error - 17.01.2013 10:44:45 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7026
Description =
 
Error - 17.01.2013 10:52:54 | Computer Name = R-Laptop02 | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 17.01.2013 10:53:47 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7009
Description =
 
Error - 17.01.2013 10:53:47 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7000
Description =
 
Error - 17.01.2013 10:54:06 | Computer Name = R-Laptop02 | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >

cosinus 18.01.2013 00:08
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


ratz9 18.01.2013 20:54
Hallo cosinus,

hier die mbar Log-Datei:


Code:
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.17.09

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: R-LAPTOP02 [administrator]

18.01.2013 00:20:45
mbar-log-2013-01-18 (00-20-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31816
Time elapsed: 7 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


hier die EsetonlineScanner Log-Datei:


Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=0c05b6634eeb424ca5f79805638546fa
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-18 06:07:18
# local_time=2013-01-18 07:07:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 71100 196056438 0 0
# compatibility_mode=8450 16777213 85 98 16065 44292004 0 0
# scanned=435772
# found=9
# cleaned=0
# scan_time=13366
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\252699c1-3a2da299        multiple threats        CE50D6D8C0A37F635CF7D721F6A9099F3C86F9E0        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\6e1ca1cf-2667fa30        a variant of Java/TrojanDownloader.OpenConnection.MU trojan        63E189FF26A8C192D99B354199A8B2265012A6B0        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\39000a54-15191ec8        multiple threats        13DC31D64D769B375F718640F1C4F4F6AA1E69A4        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\284aab9e-1767777b        a variant of Java/Exploit.CVE-2013-0422.Q trojan        B966DC5E4E2B2CC874DCDEA30D6369898B9FA8B0        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\44bebe0-2f36548f        a variant of Java/TrojanDownloader.OpenConnection.MU trojan        63E189FF26A8C192D99B354199A8B2265012A6B0        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\6e73ff28-288f8803        multiple threats        B45FDB1583AF6A88A3BF7FDE794FDF041F97C394        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\38e06af1-344f3a50        a variant of Java/Exploit.CVE-2013-0422.K trojan        3B6B1ED1F175014D6E02F050789EAE6DB5EE8108        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\67db70bc-2205c2c4        multiple threats        6714FFB3736DBE558E3ADF136535A07F4BED3F00        I
C:\Users\R\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\12f1fa3d-4a65bafc        multiple threats        13DC31D64D769B375F718640F1C4F4F6AA1E69A4        I

cosinus 20.01.2013 19:11
Ähm :wtf: eigentlich solltest du den Quickscan mit Malwarebytes Anti-Malware (MBAM) und nicht Malwarebytes Anti-Rookit (MBAR) machen

ratz9 20.01.2013 21:04
Entschuldige das war ein Fehler meinerseits.

Hier nun die richtige Log-Datei, ich hoffe zumindest.



Code:
Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.20.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: R-LAPTOP02 [Administrator]

Schutz: Aktiviert

20.01.2013 20:55:25
mbam-log-2013-01-20 (20-55-25).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 249653
Laufzeit: 3 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 21.01.2013 08:41
Ok, nur Funde im JavaCache, bitte mit TFC entfernen:

TFC - Temp File Cleaner

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Sieht sonst soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:30 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20