BSI Virus Ich habe das selbe Problem wie Jonas 5, leider habe ich mir auch den BSI Virus eingefangen und würde den gerne so schnell wie möglich los werden, da ich den PC dringends für die Uni benötige.
Ich habe bereits die OTL-Dateien und Gmer-Dateien gemacht und werde diese auch direkt hochladen.
Ich hoffe Ihr könnt mir schnell helfen.
OTL-DateienOTL Logfile: Code:
OTL logfile created on: 30.04.2013 17:03:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\test\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,21% Memory free
6,00 Gb Paging File | 4,62 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 350,32 Gb Total Space | 276,13 Gb Free Space | 78,82% Space Free | Partition Type: NTFS
Drive D: | 348,22 Gb Total Space | 199,26 Gb Free Space | 57,22% Space Free | Partition Type: NTFS
Drive F: | 686,34 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KAI-PC | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\test\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\Daten\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - D:\Daten\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - D:\Daten\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - D:\Daten\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Daten\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Daten\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Daten\My Lockbox\mylbx.exe (FSPro Labs)
PRC - C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe ( )
PRC - C:\Programme\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Programme\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Programme\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lxeacoms.exe ( )
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - D:\Daten\Firefox\mozjs.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - D:\Daten\My Lockbox\FSPFlt.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (AntiVirSchedulerService) -- D:\Daten\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- D:\Daten\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Autodesk Content Service) -- C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (mitsijm2013) -- C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe ( )
SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Programme\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (lxea_device) -- C:\Windows\System32\lxeacoms.exe ( )
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (FSProFilter) -- C:\Windows\System32\drivers\FSPFltd.sys (FSPro Labs)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (ASMMAP) -- C:\Programme\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys (ASUS)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=46&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3026709562-3231863478-2769425423-1003\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-3026709562-3231863478-2769425423-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Daten\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Daten\Adobe\Reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: D:\Daten\Firefox\components [2013.04.17 22:02:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: D:\Daten\Firefox\plugins
[2013.04.30 17:00:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\mozilla\Extensions
O1 HOSTS File: ([2012.03.06 22:38:37 | 000,000,856 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Programme\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [avgnt] D:\Daten\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [mylbx] D:\Daten\My Lockbox\mylbx.exe (FSPro Labs)
O4 - HKLM..\Run: [PDFPrint] D:\Daten\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Daten\Office2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Daten\Office2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Daten\Office2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD56FE41-A865-426B-9882-470E2C014AD8}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.06.04 11:43:30 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001.08.13 23:05:32 | 001,564,672 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001.08.09 01:35:42 | 000,000,131 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.30 17:05:57 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Macromedia
[2013.04.30 17:05:57 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Macromedia
[2013.04.30 17:02:45 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Avira
[2013.04.30 17:00:31 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Mozilla
[2013.04.30 17:00:31 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Mozilla
[2013.04.30 16:57:40 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Autodesk
[2013.04.30 16:57:38 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Adobe
[2013.04.30 16:57:35 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Apple Computer
[2013.04.30 16:57:14 | 000,000,000 | R--D | C] -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.30 16:57:14 | 000,000,000 | R--D | C] -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.30 16:57:13 | 000,000,000 | R--D | C] -- C:\Users\test\Searches
[2013.04.30 16:57:02 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Identities
[2013.04.30 16:57:01 | 000,000,000 | R--D | C] -- C:\Users\test\Contacts
[2013.04.30 16:56:59 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\VirtualStore
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Vorlagen
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\AppData\Local\Verlauf
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\AppData\Local\Temporary Internet Files
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Startmenü
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\SendTo
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Recent
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Netzwerkumgebung
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Lokale Einstellungen
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Documents\Eigene Videos
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Documents\Eigene Musik
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Eigene Dateien
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Documents\Eigene Bilder
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Druckumgebung
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Cookies
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\AppData\Local\Anwendungsdaten
[2013.04.30 16:56:50 | 000,000,000 | -HSD | C] -- C:\Users\test\Anwendungsdaten
[2013.04.30 16:56:49 | 000,000,000 | --SD | C] -- C:\Users\test\AppData\Roaming\Microsoft
[2013.04.30 16:56:49 | 000,000,000 | R--D | C] -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.30 16:56:49 | 000,000,000 | R--D | C] -- C:\Users\test\Downloads
[2013.04.30 16:56:49 | 000,000,000 | R--D | C] -- C:\Users\test\Documents
[2013.04.30 16:56:49 | 000,000,000 | R--D | C] -- C:\Users\test\Desktop
[2013.04.30 16:56:49 | 000,000,000 | R--D | C] -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.30 16:56:49 | 000,000,000 | -H-D | C] -- C:\Users\test\AppData
[2013.04.30 16:56:49 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Temp
[2013.04.30 16:56:49 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Microsoft Help
[2013.04.30 16:56:49 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Microsoft
[2013.04.30 16:56:49 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Media Center Programs
[2013.04.30 16:56:48 | 000,000,000 | R--D | C] -- C:\Users\test\Videos
[2013.04.30 16:56:48 | 000,000,000 | R--D | C] -- C:\Users\test\Saved Games
[2013.04.30 16:56:48 | 000,000,000 | R--D | C] -- C:\Users\test\Pictures
[2013.04.30 16:56:48 | 000,000,000 | R--D | C] -- C:\Users\test\Music
[2013.04.30 16:56:48 | 000,000,000 | R--D | C] -- C:\Users\test\Links
[2013.04.30 16:56:48 | 000,000,000 | R--D | C] -- C:\Users\test\Favorites
[2013.04.29 17:10:55 | 000,127,488 | ---- | C] (Корпорация Майкрософт2) -- C:\ProgramData\jejenini.dat
[2013.04.29 17:10:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013.04.23 20:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.04.23 20:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.04.10 21:06:53 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.10 21:06:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.10 21:06:51 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.10 21:06:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.10 21:06:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.04.10 21:06:49 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.10 21:06:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.04.10 21:06:48 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.04.10 19:26:45 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.10 19:26:41 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 19:26:40 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 19:26:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.30 17:07:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.30 17:03:55 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.30 17:03:55 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.30 16:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.30 16:56:55 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.30 16:56:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.30 16:56:13 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.30 07:52:54 | 095,023,320 | ---- | M] () -- C:\ProgramData\ininejej.pad
[2013.04.29 17:10:55 | 000,127,488 | ---- | M] (Корпорация Майкрософт2) -- C:\ProgramData\jejenini.dat
[2013.04.29 17:10:55 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013.04.22 17:13:49 | 000,696,870 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.22 17:13:49 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.22 17:13:49 | 000,148,134 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.22 17:13:49 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.18 14:27:07 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.04.18 14:27:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.04.12 15:45:52 | 002,382,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.30 16:57:18 | 000,001,413 | ---- | C] () -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.30 07:51:40 | 000,002,685 | ---- | C] () -- C:\ProgramData\ininejej.js
[2013.04.29 17:10:56 | 095,023,320 | ---- | C] () -- C:\ProgramData\ininejej.pad
[2013.03.03 21:43:38 | 000,000,613 | ---- | C] () -- C:\Windows\eReg.dat
[2013.01.15 20:14:42 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2013.01.15 20:14:42 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2012.11.08 11:35:56 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.03.07 19:16:33 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.02.08 13:21:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > --- --- ---
OTL-Extra-DateienOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 30.04.2013 17:03:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\test\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,21% Memory free
6,00 Gb Paging File | 4,62 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 350,32 Gb Total Space | 276,13 Gb Free Space | 78,82% Space Free | Partition Type: NTFS
Drive D: | 348,22 Gb Total Space | 199,26 Gb Free Space | 57,22% Space Free | Partition Type: NTFS
Drive F: | 686,34 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KAI-PC | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3026709562-3231863478-2769425423-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Daten\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Daten\Office2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Daten\Office2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Daten\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Daten\OFFICE~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Daten\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0086F903-A10C-4A13-8D4C-F7BF830D7325}" = lport=137 | protocol=17 | dir=in | app=system |
"{171F9262-1228-4B9C-9B43-CDDFEA8A45C0}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{1A188122-BB24-4B46-9FCF-D508B5D923E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{216832FD-E2A3-42B2-9F94-AA59E122CD0C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22CFD600-1D61-4F65-BDFC-D1072F93FBC9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{268AC67C-53B7-4455-AA53-8E3A6F33F48F}" = lport=138 | protocol=17 | dir=in | app=system |
"{35775C35-22DC-45EB-BDD1-3DFF692CD1E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{431A3D13-8063-4236-BDA7-F298B61B5129}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46A5E126-7143-4BD3-A8E9-7620A64C8089}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{5AC0381D-CB97-4FF5-AFEE-9B6578B6BD03}" = lport=6004 | protocol=17 | dir=in | app=d:\daten\office2007\office12\outlook.exe |
"{5D74C5CF-C699-4DF6-91F5-95965DFF2E80}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{748E0C07-7DA3-409C-B3B8-5A2E26508B71}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7B5F9217-8765-412A-A1D2-0DEB65A2BD3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B76E85B-3BCF-4261-89A3-16419F857FC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7ECA9F01-D36E-4315-BAF4-8C3C7B524807}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D0FF1C3-3352-4D80-9025-7C92550A4D94}" = rport=137 | protocol=17 | dir=out | app=system |
"{9181252D-DF2A-427F-A094-038575FA1589}" = rport=139 | protocol=6 | dir=out | app=system |
"{91C432CE-2906-4177-9457-4783DBB463B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{98BEA4DC-A109-4FBF-AD9A-621353F94EC0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A43B2A18-0E5D-4C92-B6EA-A0F7F65A925B}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4F8C634-145E-4AA8-8BB4-7680B17A87A7}" = rport=445 | protocol=6 | dir=out | app=system |
"{AEF88B5E-5968-4457-8C98-74A1960E2DC4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0735D1E-9BF1-4CF8-A2AF-FFA23D812DE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C27D27F8-54C1-432A-A0A0-02479493DE80}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C3600C99-2C1C-4F10-AC49-A1C9163AF38F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D07B5B3D-FB92-42CA-9FF5-C0963D40041E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D0834E43-8864-40DB-94E1-FE5FABB12018}" = lport=53908 | protocol=6 | dir=in | name=akamai netsession interface |
"{DB7206AF-4135-4D8F-A9A1-CBAEE1FA213B}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{E8A7C76B-314B-4A43-95DF-34CD1FE1AC1A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F906B9B3-024D-41BE-86EE-1471454C5914}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FC92FAEB-1BCB-4AD2-9E6F-8323B57FF69D}" = lport=80 | protocol=6 | dir=in | name=http |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0214B312-AAD9-4A78-846C-EF8CCEE0178B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{06D3A05F-0BB5-4FA9-BB5F-7EF48423B561}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{162EE40B-37C2-4C24-A6FF-97EF37D92DF4}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{1EEC4B01-F1F8-4E1F-9030-AED1CCE6A4F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{25E7A6BF-D667-4710-B8AE-DEE165F4B4D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{26B7E2AC-79F3-4417-809E-8C6C72C0F691}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe |
"{27953119-0997-4015-B842-9A44CF25339E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{27E6C3FF-730E-4E11-9E2B-23E2B06321A8}" = protocol=6 | dir=in | app=d:\spiele\overlord ii\overlord2.exe |
"{306EFDEB-1D46-4D50-89FD-AAE701AE7825}" = protocol=17 | dir=in | app=d:\spiele\overlord ii\overlord2.exe |
"{30EDA747-3D63-43E1-8902-17788D6BB748}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3CFE3CA5-5DC2-46AE-B28A-869DBDBBBCAE}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{3EE11E14-899B-443E-A42C-F3D7DF819C6C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3F65ED3C-6F08-428A-99FF-5A03F401EBD3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{420030CA-6FF7-4DFF-AB57-9591F2D1E75F}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{4AD574C1-C316-474D-8C0B-C1C88E19F849}" = protocol=6 | dir=out | app=system |
"{52E1C089-9AA5-49B0-867D-B5BE242CAC9A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{594E5C94-E80E-4917-B391-BE1BDC4D6B3A}" = dir=in | app=d:\daten\itunes\itunes.exe |
"{5AD87D6E-0F5F-4EAD-8BF8-05E19283FAA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{662001CA-957F-423C-A698-BA935A0FF483}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{71A9292E-81B9-40B9-9F2E-A8BC0E202261}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74BFDED8-0FFF-4A80-86A8-E0688052E41D}" = protocol=6 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"{77FA0B95-1966-4554-A926-2F8792AFB0B0}" = protocol=17 | dir=in | app=d:\daten\office2007\office12\onenote.exe |
"{7C1F0D5F-91E4-4904-992E-77F5751A8F85}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{835A3409-98EE-4C55-8075-6A11C8F34F3B}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe |
"{8C0223A1-A4C2-407E-8C37-B4A8C6AA31C1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{944A4B76-6208-4303-B7B1-C88AA44F897F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94AEF0D3-B46A-408A-8736-B2371D5B6E26}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{98A29F3E-B120-44E1-B757-6F3EFCBAB799}" = protocol=6 | dir=in | app=d:\daten\office2007\office12\onenote.exe |
"{9D93D159-AF0A-43F8-A5AC-4AF0949256B9}" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"{AECA1F85-F885-4591-B0E4-CAD2A6E0CDAD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA9BAEDE-8626-4141-848E-0ECB34C9BBBB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFA46A46-12E1-4272-A9E6-267B645F0013}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{BFC62061-C5ED-4983-8A53-EB84B355F847}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\source sdk base 2007\hl2.exe |
"{C05259D5-1557-4F52-B5B6-62B300286ED4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1030AC7-2596-4247-ACF4-1E1F095EE223}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{C3BD1924-497D-465A-9B50-694238D72429}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\source sdk base 2007\hl2.exe |
"{C744C96D-087E-4CC6-9596-0BD22E453C92}" = protocol=17 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"{CDC9672D-4E9F-476E-89E8-06FA74973E0B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D002EFF0-5ADA-4ECA-88BA-FC2F895EE7A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D11289F4-4E4C-43AF-9014-82FADE663FB5}" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"{DED0FE38-104D-4F25-81F4-A084CB067083}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{EA4243B0-F8D4-415A-BCCC-173639E405AF}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{F0785630-7019-4860-AAE8-3BF25CBD85B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{03A14974-BCE3-49EE-8952-A467134BDF77}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"TCP Query User{16EF7CE9-6E0A-42E4-BD1A-AE3090F89AC6}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
"TCP Query User{1F21A618-E3EF-4349-BD11-6D95E78754A9}D:\daten\remote mouse\server\server.exe" = protocol=6 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"TCP Query User{49569D13-576C-4782-BB2D-1D1B9C0BC037}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"TCP Query User{63C04B0F-A642-4813-8136-F8A7F76FEC1C}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
"TCP Query User{92C875A6-C7A4-4AC7-8CCE-2345CAF9423E}D:\spiele\demo\age of wonders ii\aow2.exe" = protocol=6 | dir=in | app=d:\spiele\demo\age of wonders ii\aow2.exe |
"TCP Query User{98ECDA12-82B1-4D64-88DF-B19AE4930CB4}C:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{DF208FC4-56B1-4A02-843E-9FF7F34E5339}D:\daten\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\daten\sopcast\sopcast.exe |
"TCP Query User{DFCD84D6-81B6-4377-8141-73BCCC7369D5}D:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe |
"TCP Query User{EA5B1BE9-A660-4CCF-9875-6813DA8D94CE}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"TCP Query User{F4DE3F3F-5007-4AFE-ACE7-BE5B8AFE1951}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"UDP Query User{0F996188-63D3-4E0E-A002-EBB9E7B26255}C:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{459D2E4D-2B82-4785-BB4A-758A98564CEA}D:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe |
"UDP Query User{71ECE4BB-7B77-4760-AE4D-AA1125D18DF2}D:\spiele\demo\age of wonders ii\aow2.exe" = protocol=17 | dir=in | app=d:\spiele\demo\age of wonders ii\aow2.exe |
"UDP Query User{80EE6BCD-E590-4B62-B48C-FB4CF5BF3F20}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
"UDP Query User{92BD085C-A5D5-4868-93C3-9F558FAE580F}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"UDP Query User{A26CDBE0-645E-49D0-BE27-F35FA90F5994}D:\daten\remote mouse\server\server.exe" = protocol=17 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"UDP Query User{A6D272D6-2A94-4A85-83E4-7B4B995C0A65}D:\daten\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\daten\sopcast\sopcast.exe |
"UDP Query User{AAC1C855-0ABA-494F-A718-F694906A0CCF}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"UDP Query User{BFFA6A2F-0842-4635-AF6C-90AAF806E1BC}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"UDP Query User{C5CF3EE0-CAAF-4F05-A904-CABCED70BC53}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"UDP Query User{CEC1AEBA-5E32-4C79-AA3B-D301D61A7EB8}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{08BCFE15-8AA1-4A58-B018-4FEF486BA922}" = Autodesk Inventor Fusion for Inventor 2013 Add-in
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25DE52ED-9E51-4C50-AE16-E258836ADF83}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{266597A9-1732-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2013 (Client) German Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39FF4C41-0C7E-498D-ABAA-3CC74830BA53}" = Eco Materials Adviser for Autodesk Inventor 2013
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4209F371-4927-659B-6665-F7524E53AE40}_is1" = Ashampoo WinOptimizer 8 v.8.14.00
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5783F2D7-A005-0407-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2012
"{5783F2D7-A005-0407-1002-0060B0CE6BBA}" = AutoCAD Mechanical 2012 Language Pack - Deutsch
"{5783F2D7-B005-0000-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2013 - Deutsch (German)
"{5783F2D7-B005-0407-1002-0060B0CE6BBA}" = AutoCAD Mechanical 2013 Language Pack - Deutsch (German)
"{5783F2D7-B005-0407-2002-0060B0CE6BBA}" = AutoCAD Mechanical 2013 - Deutsch (German)
"{5783F2D7-B028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2013
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hilfe
"{7F4DD591-1732-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1732-0001-1031-7107D70F3DB4}" = Autodesk Inventor Professional 2013 Language Pack - Deutsch (German)
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{82C1E6E4-6718-4EFD-9DCC-E276D690EF46}" = Autodesk Inventor Fusion Plugin for AutoCAD 2013
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B46DECD1-1732-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2013 (Desktop Content)
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C5089197-5B15-44AD-B0FC-2E94EE9ECB63}" = WinSysClean X2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA78313-443C-4674-81B8-88919D137258}" = Autodesk Download Manager
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CF526A26-1732-0000-0000-02E95019B628}" = Autodesk Vault Basic 2013 (Client)
"{D25FF5C1-1732-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2013
"{D6B3114F-945B-4980-BF7A-AF12E9161A0F}" = iCloud
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion Plugin for AutoCAD 2012
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F34EE6D2-9356-4294-B3B3-AE04428C8C43}_is1" = Remote Mouse version 1.50
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FE2F4875-095C-427C-9A97-4F8DE05ACF22}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2013
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FFF5619F-2013-0032-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"ANNO1602" = Anno 1602
"AutoCAD Mechanical 2012" = AutoCAD Mechanical 2012
"AutoCAD Mechanical 2013 - Deutsch (German)" = AutoCAD Mechanical 2013 - Deutsch (German)
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion Plugin for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Autodesk Inventor Fusion Plugin for AutoCAD 2013" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"Autodesk Inventor Professional 2013" = Autodesk Inventor Professional 2013 Deutsch (German)
"Autodesk Vault Basic 2013 (Client)" = Autodesk Vault Basic 2013 (Client)
"Avira AntiVir Desktop" = Avira Free Antivirus
"DWG TrueView 2013" = DWG TrueView 2013
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My Lockbox_is1" = My Lockbox 2.8.2
"Origin" = Origin
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"RocketDock_is1" = RocketDock 1.3.5
"SopCast" = SopCast 3.5.0
"Steam App 218" = Source SDK Base 2007
"Steam App 340" = Half-Life 2: Lost Coast
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"Yuri's Revenge" = Command && Conquer Alarmstufe Rot 2 - Yuris Rache
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.04.2013 05:35:40 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 29.04.2013 06:19:34 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29.04.2013 06:19:34 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2299423
Error - 29.04.2013 06:19:34 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2299423
Error - 29.04.2013 10:19:32 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 29.04.2013 10:19:57 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 30.04.2013 01:07:06 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 30.04.2013 01:07:43 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 30.04.2013 01:51:37 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053
Error - 30.04.2013 01:51:37 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = 456: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
[ OSession Events ]
Error - 05.05.2012 05:30:36 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2958
seconds with 300 seconds of active time. This session ended with a crash.
Error - 05.05.2012 05:30:55 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.05.2012 05:31:16 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.
Error - 13.09.2012 21:16:12 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 111908
seconds with 1320 seconds of active time. This session ended with a crash.
Error - 26.11.2012 08:05:33 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 76
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 30.04.2013 10:56:21 | Computer Name = Kai-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 30.04.2013 10:56:25 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 10:56:49 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 10:56:51 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 10:56:53 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:01:03 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:01:04 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:01:06 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:02:24 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:02:43 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report > --- --- ---
OTL-Extra-DateienOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 30.04.2013 17:03:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\test\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,21% Memory free
6,00 Gb Paging File | 4,62 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 350,32 Gb Total Space | 276,13 Gb Free Space | 78,82% Space Free | Partition Type: NTFS
Drive D: | 348,22 Gb Total Space | 199,26 Gb Free Space | 57,22% Space Free | Partition Type: NTFS
Drive F: | 686,34 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KAI-PC | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3026709562-3231863478-2769425423-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Daten\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Daten\Office2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Daten\Office2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Daten\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Daten\OFFICE~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Daten\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0086F903-A10C-4A13-8D4C-F7BF830D7325}" = lport=137 | protocol=17 | dir=in | app=system |
"{171F9262-1228-4B9C-9B43-CDDFEA8A45C0}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{1A188122-BB24-4B46-9FCF-D508B5D923E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{216832FD-E2A3-42B2-9F94-AA59E122CD0C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22CFD600-1D61-4F65-BDFC-D1072F93FBC9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{268AC67C-53B7-4455-AA53-8E3A6F33F48F}" = lport=138 | protocol=17 | dir=in | app=system |
"{35775C35-22DC-45EB-BDD1-3DFF692CD1E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{431A3D13-8063-4236-BDA7-F298B61B5129}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46A5E126-7143-4BD3-A8E9-7620A64C8089}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{5AC0381D-CB97-4FF5-AFEE-9B6578B6BD03}" = lport=6004 | protocol=17 | dir=in | app=d:\daten\office2007\office12\outlook.exe |
"{5D74C5CF-C699-4DF6-91F5-95965DFF2E80}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{748E0C07-7DA3-409C-B3B8-5A2E26508B71}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7B5F9217-8765-412A-A1D2-0DEB65A2BD3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B76E85B-3BCF-4261-89A3-16419F857FC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7ECA9F01-D36E-4315-BAF4-8C3C7B524807}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D0FF1C3-3352-4D80-9025-7C92550A4D94}" = rport=137 | protocol=17 | dir=out | app=system |
"{9181252D-DF2A-427F-A094-038575FA1589}" = rport=139 | protocol=6 | dir=out | app=system |
"{91C432CE-2906-4177-9457-4783DBB463B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{98BEA4DC-A109-4FBF-AD9A-621353F94EC0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A43B2A18-0E5D-4C92-B6EA-A0F7F65A925B}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4F8C634-145E-4AA8-8BB4-7680B17A87A7}" = rport=445 | protocol=6 | dir=out | app=system |
"{AEF88B5E-5968-4457-8C98-74A1960E2DC4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0735D1E-9BF1-4CF8-A2AF-FFA23D812DE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C27D27F8-54C1-432A-A0A0-02479493DE80}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C3600C99-2C1C-4F10-AC49-A1C9163AF38F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D07B5B3D-FB92-42CA-9FF5-C0963D40041E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D0834E43-8864-40DB-94E1-FE5FABB12018}" = lport=53908 | protocol=6 | dir=in | name=akamai netsession interface |
"{DB7206AF-4135-4D8F-A9A1-CBAEE1FA213B}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{E8A7C76B-314B-4A43-95DF-34CD1FE1AC1A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F906B9B3-024D-41BE-86EE-1471454C5914}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FC92FAEB-1BCB-4AD2-9E6F-8323B57FF69D}" = lport=80 | protocol=6 | dir=in | name=http |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0214B312-AAD9-4A78-846C-EF8CCEE0178B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{06D3A05F-0BB5-4FA9-BB5F-7EF48423B561}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{162EE40B-37C2-4C24-A6FF-97EF37D92DF4}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{1EEC4B01-F1F8-4E1F-9030-AED1CCE6A4F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{25E7A6BF-D667-4710-B8AE-DEE165F4B4D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{26B7E2AC-79F3-4417-809E-8C6C72C0F691}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe |
"{27953119-0997-4015-B842-9A44CF25339E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{27E6C3FF-730E-4E11-9E2B-23E2B06321A8}" = protocol=6 | dir=in | app=d:\spiele\overlord ii\overlord2.exe |
"{306EFDEB-1D46-4D50-89FD-AAE701AE7825}" = protocol=17 | dir=in | app=d:\spiele\overlord ii\overlord2.exe |
"{30EDA747-3D63-43E1-8902-17788D6BB748}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3CFE3CA5-5DC2-46AE-B28A-869DBDBBBCAE}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{3EE11E14-899B-443E-A42C-F3D7DF819C6C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3F65ED3C-6F08-428A-99FF-5A03F401EBD3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{420030CA-6FF7-4DFF-AB57-9591F2D1E75F}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{4AD574C1-C316-474D-8C0B-C1C88E19F849}" = protocol=6 | dir=out | app=system |
"{52E1C089-9AA5-49B0-867D-B5BE242CAC9A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{594E5C94-E80E-4917-B391-BE1BDC4D6B3A}" = dir=in | app=d:\daten\itunes\itunes.exe |
"{5AD87D6E-0F5F-4EAD-8BF8-05E19283FAA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{662001CA-957F-423C-A698-BA935A0FF483}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{71A9292E-81B9-40B9-9F2E-A8BC0E202261}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74BFDED8-0FFF-4A80-86A8-E0688052E41D}" = protocol=6 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"{77FA0B95-1966-4554-A926-2F8792AFB0B0}" = protocol=17 | dir=in | app=d:\daten\office2007\office12\onenote.exe |
"{7C1F0D5F-91E4-4904-992E-77F5751A8F85}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{835A3409-98EE-4C55-8075-6A11C8F34F3B}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe |
"{8C0223A1-A4C2-407E-8C37-B4A8C6AA31C1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{944A4B76-6208-4303-B7B1-C88AA44F897F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94AEF0D3-B46A-408A-8736-B2371D5B6E26}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{98A29F3E-B120-44E1-B757-6F3EFCBAB799}" = protocol=6 | dir=in | app=d:\daten\office2007\office12\onenote.exe |
"{9D93D159-AF0A-43F8-A5AC-4AF0949256B9}" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"{AECA1F85-F885-4591-B0E4-CAD2A6E0CDAD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA9BAEDE-8626-4141-848E-0ECB34C9BBBB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFA46A46-12E1-4272-A9E6-267B645F0013}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{BFC62061-C5ED-4983-8A53-EB84B355F847}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\source sdk base 2007\hl2.exe |
"{C05259D5-1557-4F52-B5B6-62B300286ED4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1030AC7-2596-4247-ACF4-1E1F095EE223}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{C3BD1924-497D-465A-9B50-694238D72429}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\source sdk base 2007\hl2.exe |
"{C744C96D-087E-4CC6-9596-0BD22E453C92}" = protocol=17 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"{CDC9672D-4E9F-476E-89E8-06FA74973E0B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D002EFF0-5ADA-4ECA-88BA-FC2F895EE7A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D11289F4-4E4C-43AF-9014-82FADE663FB5}" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"{DED0FE38-104D-4F25-81F4-A084CB067083}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{EA4243B0-F8D4-415A-BCCC-173639E405AF}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{F0785630-7019-4860-AAE8-3BF25CBD85B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{03A14974-BCE3-49EE-8952-A467134BDF77}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"TCP Query User{16EF7CE9-6E0A-42E4-BD1A-AE3090F89AC6}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
"TCP Query User{1F21A618-E3EF-4349-BD11-6D95E78754A9}D:\daten\remote mouse\server\server.exe" = protocol=6 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"TCP Query User{49569D13-576C-4782-BB2D-1D1B9C0BC037}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"TCP Query User{63C04B0F-A642-4813-8136-F8A7F76FEC1C}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
"TCP Query User{92C875A6-C7A4-4AC7-8CCE-2345CAF9423E}D:\spiele\demo\age of wonders ii\aow2.exe" = protocol=6 | dir=in | app=d:\spiele\demo\age of wonders ii\aow2.exe |
"TCP Query User{98ECDA12-82B1-4D64-88DF-B19AE4930CB4}C:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{DF208FC4-56B1-4A02-843E-9FF7F34E5339}D:\daten\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\daten\sopcast\sopcast.exe |
"TCP Query User{DFCD84D6-81B6-4377-8141-73BCCC7369D5}D:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe |
"TCP Query User{EA5B1BE9-A660-4CCF-9875-6813DA8D94CE}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"TCP Query User{F4DE3F3F-5007-4AFE-ACE7-BE5B8AFE1951}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"UDP Query User{0F996188-63D3-4E0E-A002-EBB9E7B26255}C:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{459D2E4D-2B82-4785-BB4A-758A98564CEA}D:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\_adrenalin_\counter-strike source\hl2.exe |
"UDP Query User{71ECE4BB-7B77-4760-AE4D-AA1125D18DF2}D:\spiele\demo\age of wonders ii\aow2.exe" = protocol=17 | dir=in | app=d:\spiele\demo\age of wonders ii\aow2.exe |
"UDP Query User{80EE6BCD-E590-4B62-B48C-FB4CF5BF3F20}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
"UDP Query User{92BD085C-A5D5-4868-93C3-9F558FAE580F}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"UDP Query User{A26CDBE0-645E-49D0-BE27-F35FA90F5994}D:\daten\remote mouse\server\server.exe" = protocol=17 | dir=in | app=d:\daten\remote mouse\server\server.exe |
"UDP Query User{A6D272D6-2A94-4A85-83E4-7B4B995C0A65}D:\daten\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\daten\sopcast\sopcast.exe |
"UDP Query User{AAC1C855-0ABA-494F-A718-F694906A0CCF}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"UDP Query User{BFFA6A2F-0842-4635-AF6C-90AAF806E1BC}C:\users\kai\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\local\akamai\netsession_win.exe |
"UDP Query User{C5CF3EE0-CAAF-4F05-A904-CABCED70BC53}C:\users\kai\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kai\appdata\roaming\spotify\spotify.exe |
"UDP Query User{CEC1AEBA-5E32-4C79-AA3B-D301D61A7EB8}D:\daten\miranda\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\daten\miranda\app\miranda\miranda32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{08BCFE15-8AA1-4A58-B018-4FEF486BA922}" = Autodesk Inventor Fusion for Inventor 2013 Add-in
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25DE52ED-9E51-4C50-AE16-E258836ADF83}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{266597A9-1732-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2013 (Client) German Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39FF4C41-0C7E-498D-ABAA-3CC74830BA53}" = Eco Materials Adviser for Autodesk Inventor 2013
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4209F371-4927-659B-6665-F7524E53AE40}_is1" = Ashampoo WinOptimizer 8 v.8.14.00
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5783F2D7-A005-0407-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2012
"{5783F2D7-A005-0407-1002-0060B0CE6BBA}" = AutoCAD Mechanical 2012 Language Pack - Deutsch
"{5783F2D7-B005-0000-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2013 - Deutsch (German)
"{5783F2D7-B005-0407-1002-0060B0CE6BBA}" = AutoCAD Mechanical 2013 Language Pack - Deutsch (German)
"{5783F2D7-B005-0407-2002-0060B0CE6BBA}" = AutoCAD Mechanical 2013 - Deutsch (German)
"{5783F2D7-B028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2013
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hilfe
"{7F4DD591-1732-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1732-0001-1031-7107D70F3DB4}" = Autodesk Inventor Professional 2013 Language Pack - Deutsch (German)
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{82C1E6E4-6718-4EFD-9DCC-E276D690EF46}" = Autodesk Inventor Fusion Plugin for AutoCAD 2013
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B46DECD1-1732-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2013 (Desktop Content)
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C5089197-5B15-44AD-B0FC-2E94EE9ECB63}" = WinSysClean X2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA78313-443C-4674-81B8-88919D137258}" = Autodesk Download Manager
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CF526A26-1732-0000-0000-02E95019B628}" = Autodesk Vault Basic 2013 (Client)
"{D25FF5C1-1732-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2013
"{D6B3114F-945B-4980-BF7A-AF12E9161A0F}" = iCloud
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion Plugin for AutoCAD 2012
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F34EE6D2-9356-4294-B3B3-AE04428C8C43}_is1" = Remote Mouse version 1.50
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FE2F4875-095C-427C-9A97-4F8DE05ACF22}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2013
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FFF5619F-2013-0032-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"ANNO1602" = Anno 1602
"AutoCAD Mechanical 2012" = AutoCAD Mechanical 2012
"AutoCAD Mechanical 2013 - Deutsch (German)" = AutoCAD Mechanical 2013 - Deutsch (German)
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion Plugin for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Autodesk Inventor Fusion Plugin for AutoCAD 2013" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"Autodesk Inventor Professional 2013" = Autodesk Inventor Professional 2013 Deutsch (German)
"Autodesk Vault Basic 2013 (Client)" = Autodesk Vault Basic 2013 (Client)
"Avira AntiVir Desktop" = Avira Free Antivirus
"DWG TrueView 2013" = DWG TrueView 2013
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My Lockbox_is1" = My Lockbox 2.8.2
"Origin" = Origin
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"RocketDock_is1" = RocketDock 1.3.5
"SopCast" = SopCast 3.5.0
"Steam App 218" = Source SDK Base 2007
"Steam App 340" = Half-Life 2: Lost Coast
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"Yuri's Revenge" = Command && Conquer Alarmstufe Rot 2 - Yuris Rache
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.04.2013 05:35:40 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 29.04.2013 06:19:34 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29.04.2013 06:19:34 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2299423
Error - 29.04.2013 06:19:34 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2299423
Error - 29.04.2013 10:19:32 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 29.04.2013 10:19:57 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 30.04.2013 01:07:06 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 30.04.2013 01:07:43 | Computer Name = Kai-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 30.04.2013 01:51:37 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053
Error - 30.04.2013 01:51:37 | Computer Name = Kai-PC | Source = Bonjour Service | ID = 100
Description = 456: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
[ OSession Events ]
Error - 05.05.2012 05:30:36 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2958
seconds with 300 seconds of active time. This session ended with a crash.
Error - 05.05.2012 05:30:55 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.05.2012 05:31:16 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.
Error - 13.09.2012 21:16:12 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 111908
seconds with 1320 seconds of active time. This session ended with a crash.
Error - 26.11.2012 08:05:33 | Computer Name = Kai-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 76
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 30.04.2013 10:56:21 | Computer Name = Kai-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 30.04.2013 10:56:25 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 10:56:49 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 10:56:51 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 10:56:53 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:01:03 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:01:04 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:01:06 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:02:24 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 30.04.2013 11:02:43 | Computer Name = Kai-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report > --- --- --- |