| |
| |||||||
Log-Analyse und Auswertung: mail delivery failed: returning message to sender im gmx accountWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.07.2013, 16:18
| #1 |
| |  mail delivery failed: returning message to sender im gmx account Hallo Trojaner-Board Gemeinde, habe hier schon ein paar Hinweise gelesen....gutes Forum finde ich  Aber zum Anfang, wir waren im Urlaub, als wir gestern wiederkamen, und ich die Nacht kurz meine Emails gecheckt habe, ist mir aufgefalllen, das viele Mails drin waren mit mail delivery failed: returning message to sender. (Glaub an die 100 Stck.) Jedefalls habe ich mein Pw geändert und mal gegooglt, also wahrscheinlich ist mit PW ändern nicht erledigt deswegen habe ich "OTL" mal durchlaufen lassen. Code:
ATTFilter OTL logfile created on: 11.07.2013 16:31:25 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXXXXXXXXX\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,22% Memory free
8,00 Gb Paging File | 5,57 Gb Available in Paging File | 69,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 141,84 Gb Total Space | 41,85 Gb Free Space | 29,50% Space Free | Partition Type: NTFS
Drive D: | 113,08 Gb Total Space | 16,67 Gb Free Space | 14,74% Space Free | Partition Type: NTFS
Drive E: | 111,75 Gb Total Space | 49,32 Gb Free Space | 44,14% Space Free | Partition Type: FAT32
Drive G: | 5,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 156,25 Gb Total Space | 31,16 Gb Free Space | 19,95% Space Free | Partition Type: NTFS
Computer Name: XXXXXXX-PC | User Name: XXXXXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Hilli\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (mitsijm2013) -- C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=hp&exp=true
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 8B 6C 91 7F A5 CD 01 [binary data]
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: Tubesaver%40istqt.co:1.116
FF - prefs.js..extensions.enabledAddons: 126c9ec1-e913-410f-94df-6262dd70e044%4094392a4b-d7bd-4563-8bcd-ba96cf8055b2.com:0.91.29
FF - prefs.js..extensions.enabledAddons: %7B87eab3b7-a707-4459-99ae-c2fa06cfa36b%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7B15312e9a-4905-48da-aae4-15b24bdc2a24%7D:1.0.5
FF - prefs.js..extensions.enabledAddons: info%40skymeissner.com:1.4
FF - prefs.js..extensions.enabledAddons: gmailnoads%40mywebber.com:3.9.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..keyword.URL: "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=f786d24d-82d2-4dce-b51c-501c74fb6ddc&searchtype=ds&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.14 20:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013.06.09 14:34:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\Tubesaver@istqt.co: C:\Program Files (x86)\TubeSaver\116.xpi [2013.07.02 11:14:39 | 000,004,710 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.02.23 20:46:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\Extensions
[2013.02.23 20:46:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\Extensions\{a79fe89b-6662-4ff4-8e88-09950ad4dfde}
[2013.07.04 14:53:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\Firefox\Profiles\iix0erxk.default\extensions
[2013.07.03 08:49:07 | 000,000,000 | ---D | M] ("Mein Gutscheincode") -- C:\Users\Hilli\AppData\Roaming\mozilla\Firefox\Profiles\iix0erxk.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com
[2013.07.03 08:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\Firefox\Profiles\iix0erxk.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\extensionCode
[2013.07.04 14:53:30 | 000,021,861 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\gmailnoads@mywebber.com.xpi
[2013.07.04 14:53:30 | 000,009,689 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\info@skymeissner.com.xpi
[2013.07.04 14:53:10 | 000,169,613 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\jid0-AocRXUCRsLTCYvn6bgJERnwfuqw@jetpack.xpi
[2013.07.04 14:53:30 | 000,122,054 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\{15312e9a-4905-48da-aae4-15b24bdc2a24}.xpi
[2013.07.04 14:53:30 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2013.07.04 14:53:30 | 000,011,097 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\{87eab3b7-a707-4459-99ae-c2fa06cfa36b}.xpi
[2013.05.16 09:51:58 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.10.06 11:53:35 | 000,003,915 | ---- | M] () -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\searchplugins\sweetim.xml
[2012.10.15 15:36:30 | 000,002,399 | ---- | M] () -- C:\Users\Hilli\AppData\Roaming\mozilla\firefox\profiles\iix0erxk.default\searchplugins\Web Search.xml
[2013.07.03 08:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.03 08:52:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.02 11:14:39 | 000,004,710 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\TUBESAVER\116.XPI
[2013.06.14 20:31:18 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
O1 HOSTS File: ([2013.02.14 23:17:23 | 000,000,899 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 update.ross-tech.com
O1 - Hosts: 127.0.0.1 update.ross-tech.de
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Mein Gutscheincode) - {11111111-1111-1111-1111-110211941181} - C:\Program Files (x86)\Mein Gutscheincode\Mein Gutscheincode-bho.dll (Mein Gutscheincode GmbH)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TubeSaver) - {E7673D9C-270D-4805-B619-5556A9977909} - C:\Program Files (x86)\TubeSaver\116.dll (istqt Soft)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000..\Run: [EPSON SX420W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_SE8C8.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000..\Run: [EPSON249022 (Epson Stylus SX420W)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_S141C.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000..\Run: [Glary Memory Optimizer] C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
O4 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A09D798D-7B9E-45A7-9AD9-1AFF74F5DABC}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC9F6373-993E-4EF7-849F-F5836E92EBBC}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\brx - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\brx {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\BricsCAD V13\BrxProtIE.dll (BricsCad)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.23 11:39:56 | 000,173,056 | ---- | M] (Autofac Project - hxxp://autofac.org) - E:\Autofac.dll -- [ FAT32 ]
O32 - AutoRun File - [2012.11.07 01:07:00 | 000,046,080 | ---- | M] () - E:\AutoRunCE.exe -- [ FAT32 ]
O32 - AutoRun File - [2011.10.10 15:54:08 | 002,290,144 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.10.09 16:23:34 | 000,000,047 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011.10.09 16:23:34 | 000,224,630 | R--- | M] () - G:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2013.02.23 22:33:57 | 000,000,000 | ---D | M] - K:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{5fe3c75f-e2e4-11e2-aa17-001bb95c54d1}\Shell - "" = AutoRun
O33 - MountPoints2\{5fe3c75f-e2e4-11e2-aa17-001bb95c54d1}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{f0cf54a8-4da8-11e2-8680-001bb95c54d1}\Shell - "" = AutoRun
O33 - MountPoints2\{f0cf54a8-4da8-11e2-8680-001bb95c54d1}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2011.10.10 15:54:08 | 002,290,144 | R--- | M] ()
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.03 08:52:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.02 22:18:36 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
[2013.07.02 22:18:20 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Local\Android
[2013.07.02 12:25:06 | 000,000,000 | ---D | C] -- C:\Users\Hilli\.android
[2013.07.02 12:25:02 | 000,000,000 | ---D | C] -- C:\Users\Hilli\.swt
[2013.07.02 12:24:26 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
[2013.07.02 12:22:17 | 000,000,000 | ---D | C] -- C:\Flashtool
[2013.07.02 11:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.07.02 11:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.07.02 11:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.07.02 11:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mein Gutscheincode
[2013.07.02 11:14:50 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Roaming\MyPhoneExplorer
[2013.07.02 11:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2013.07.02 11:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TubeSaver
[2013.07.02 11:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPhoneExplorer
[2013.07.02 10:17:24 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Desktop\files
[2013.07.01 02:18:35 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Desktop\Vergiss mich nicht
[2013.06.25 19:12:49 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Podcasts
[2013.06.25 19:12:49 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Documents\Media Go
[2013.06.25 19:12:14 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Local\Sony
[2013.06.25 19:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2013.06.25 19:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2013.06.25 19:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install
[2013.06.25 19:11:16 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Roaming\Sony
[2013.06.25 17:38:16 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Desktop\Stina
[2013.06.24 21:12:49 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Desktop\poiw-data
[2013.06.22 10:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
[2013.06.22 10:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDA
[2013.06.22 10:56:20 | 000,000,000 | ---D | C] -- C:\Users\Hilli\AppData\Local\Downloaded Installations
[2013.06.17 13:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.17 13:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.17 13:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.17 13:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.17 13:22:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.17 13:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013.06.15 01:28:23 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Documents\Dokumentation für Hillis Gerät 2
[2013.06.15 00:24:34 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Desktop\GoPal_5.5
[2013.06.14 22:57:05 | 000,000,000 | ---D | C] -- C:\Users\Hilli\Documents\Dokumentation für Hillis Gerät
========== Files - Modified Within 30 Days ==========
[2013.07.11 16:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.11 12:01:03 | 001,621,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.11 12:01:03 | 000,700,168 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.11 12:01:03 | 000,654,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.11 12:01:03 | 000,148,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.11 12:01:03 | 000,121,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.11 11:04:13 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\TubeSaver Update.job
[2013.07.11 10:44:14 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.11 10:44:14 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.11 09:00:36 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013.07.11 09:00:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.11 09:00:20 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.05 12:17:33 | 000,000,017 | ---- | M] () -- C:\Users\Hilli\AppData\Local\resmon.resmoncfg
[2013.07.03 20:52:55 | 000,458,870 | ---- | M] () -- C:\Users\Hilli\Desktop\1009609_10151522479447921_930858658_o.jpg
[2013.07.02 19:38:45 | 000,308,256 | ---- | M] () -- C:\Users\Hilli\Desktop\Anleitung Handy.jpg
[2013.07.02 12:57:06 | 000,101,173 | ---- | M] () -- C:\Users\Hilli\Desktop\Xperia_Relock_bootloader.ftf
[2013.07.02 11:57:27 | 001,031,879 | ---- | M] () -- C:\Users\Hilli\Documents\Backup Xperia ARC_ 2013-07-02.mpb
[2013.07.02 11:30:58 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.07.02 11:29:32 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.07.02 11:29:32 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.07.02 11:14:48 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\MyPhoneExplorer.lnk
[2013.07.01 19:09:00 | 000,001,633 | ---- | M] () -- C:\Users\Hilli\Documents\image007.gif
[2013.06.27 22:21:54 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.06.27 22:21:54 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.06.27 22:21:54 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.06.27 22:21:54 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.06.27 22:21:54 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.27 22:21:54 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.25 19:12:35 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk
[2013.06.22 10:57:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\SDFormatter.lnk
[2013.06.17 13:23:38 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.14 22:57:04 | 000,000,910 | ---- | M] () -- C:\Users\Hilli\Desktop\Windows Mobile-Gerätecenter.lnk
[2013.06.14 20:31:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.06.12 21:48:04 | 001,598,202 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== Files Created - No Company Name ==========
[2013.07.05 12:17:33 | 000,000,017 | ---- | C] () -- C:\Users\Hilli\AppData\Local\resmon.resmoncfg
[2013.07.03 20:52:53 | 000,458,870 | ---- | C] () -- C:\Users\Hilli\Desktop\1009609_10151522479447921_930858658_o.jpg
[2013.07.02 19:35:38 | 000,308,256 | ---- | C] () -- C:\Users\Hilli\Desktop\Anleitung Handy.jpg
[2013.07.02 12:57:04 | 000,101,173 | ---- | C] () -- C:\Users\Hilli\Desktop\Xperia_Relock_bootloader.ftf
[2013.07.02 11:57:27 | 001,031,879 | ---- | C] () -- C:\Users\Hilli\Documents\Backup Xperia ARC_ 2013-07-02.mpb
[2013.07.02 11:29:32 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.07.02 11:29:32 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.07.02 11:14:48 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\MyPhoneExplorer.lnk
[2013.07.02 11:14:39 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\TubeSaver Update.job
[2013.07.01 19:09:00 | 000,001,633 | ---- | C] () -- C:\Users\Hilli\Documents\image007.gif
[2013.06.27 22:21:54 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.06.26 23:56:25 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.26 23:56:24 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.25 19:12:35 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Media Go.lnk
[2013.06.24 13:44:51 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.06.22 10:57:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\SDFormatter.lnk
[2013.06.17 13:23:38 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.14 22:57:04 | 000,000,910 | ---- | C] () -- C:\Users\Hilli\Desktop\Windows Mobile-Gerätecenter.lnk
[2013.03.14 16:23:34 | 000,083,186 | ---- | C] () -- C:\Users\Hilli\ESt2011_Tresp_Theresa.elfo
[2013.03.14 14:05:59 | 000,158,492 | ---- | C] () -- C:\Users\Hilli\ESt2012_Just_Theresa_und_Hiller_Mario.elfo
[2013.02.04 23:41:13 | 000,168,482 | ---- | C] () -- C:\Users\Hilli\MarioESt2012.elfo
[2012.10.05 16:36:25 | 001,598,202 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.05 15:47:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.04 07:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.04 07:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.04.18 19:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.08 23:28:24 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\AlcaTech
[2013.05.22 22:47:05 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\Autodesk
[2013.04.14 16:48:13 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\Bricsys
[2013.06.09 14:26:06 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.02.23 20:46:31 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\conkeror.mozdev.org
[2013.05.04 10:35:01 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\DAEMON Tools Lite
[2013.05.03 20:49:23 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\Dropbox
[2013.02.04 21:41:14 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\elsterformular
[2012.10.11 13:40:12 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\EPSON
[2013.06.02 12:04:46 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\Glarysoft
[2013.05.18 19:57:37 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\GoPal Assistant
[2013.07.02 12:07:25 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\MyPhoneExplorer
[2012.11.06 23:26:20 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\OpenCandy
[2013.06.09 14:48:57 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\PDAppFlex
[2013.06.25 19:12:47 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\Sony
[2013.02.22 22:47:01 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\TeamViewer
[2013.04.04 22:02:53 | 000,000,000 | ---D | M] -- C:\Users\Hilli\AppData\Roaming\Ubisoft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A1EDB939
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 11.07.2013 14:05:56 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXXXXXX\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 47,80% Memory free
8,00 Gb Paging File | 5,71 Gb Available in Paging File | 71,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 141,84 Gb Total Space | 41,85 Gb Free Space | 29,51% Space Free | Partition Type: NTFS
Drive D: | 113,08 Gb Total Space | 16,67 Gb Free Space | 14,74% Space Free | Partition Type: NTFS
Drive E: | 111,75 Gb Total Space | 49,32 Gb Free Space | 44,14% Space Free | Partition Type: FAT32
Drive G: | 5,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 156,25 Gb Total Space | 31,16 Gb Free Space | 19,95% Space Free | Partition Type: NTFS
Computer Name: XXXXXXXXX-PC | User Name: XXXXXXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024B6468-77EC-455B-A72C-6CFB2EDA457F}" = lport=445 | protocol=6 | dir=in | app=system |
"{07F66EDA-A287-477F-9483-18DEAB35446F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B805628-B736-4053-B4EF-1DB4F2DFBC52}" = lport=137 | protocol=17 | dir=in | app=system |
"{0E94876A-CD6D-4CB3-A653-18D9F8FB5B2D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{146DCA7A-AE2A-4CA9-9B9B-8235D97C992A}" = rport=139 | protocol=6 | dir=out | app=system |
"{2571C3A2-DCE1-4C8B-9ED6-3C6C3FADA75D}" = rport=137 | protocol=17 | dir=out | app=system |
"{38752127-5C74-4564-9315-F695893FD392}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{39E29446-0B6F-4D91-8ACC-6A053CB3E368}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C608C28-DD79-429D-BD90-49B18DBCA2E1}" = lport=139 | protocol=6 | dir=in | app=system |
"{47F39740-E391-4EB7-A7B4-2DB4286EB991}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5D969C65-E88E-44D9-9CDF-A21AE5FCA1C8}" = rport=138 | protocol=17 | dir=out | app=system |
"{645C8061-646F-435E-9DD1-F4610E766AA3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6BDC0AAA-08AA-4DC0-A9C9-86F0A4F8DE62}" = rport=10243 | protocol=6 | dir=out | app=system |
"{76618528-05E0-4101-B0C0-9D5079053EF3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{7A5B36E5-CF4A-4870-9ABF-3503D4F3C89F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8A927F1C-644C-4A9B-AF7E-CDEE3ED9C53E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9920D7CD-8B9C-423A-AEBD-6935A2F9D443}" = rport=445 | protocol=6 | dir=out | app=system |
"{AB661C35-154E-4E97-BA23-594F569F502D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE26106B-0B62-404B-8B53-777D1217B99C}" = lport=138 | protocol=17 | dir=in | app=system |
"{B1520DEE-FC76-44EC-AACC-1DBE4C99A75D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{D5D36E1E-773D-4D13-A645-A0D74EB3AAFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6953002-764F-4ACB-B45B-C509E030B773}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE38887F-7510-4F32-97AF-B54180C93856}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0A98CDC-A922-4E0C-AD51-70283A0CE365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5A33FD5-CCA0-4226-A806-916B0931AB3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DA0A87-018B-4CF3-A338-524970C6BFE8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe |
"{1493D1E5-648A-4574-A876-D1A243AAA2A7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{14B48938-4666-4280-B09D-4D9ECF504FC9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{15C3CA97-F04C-459A-A15A-B2EA11124BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{19EAC54F-661C-41FA-8951-06B2C1FE260E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1EE046CA-5858-4875-A134-12C4BD0D1C06}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{1EEDA08E-60B8-496E-BDBB-CF2EE78496EB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{24B7A174-5B74-4FE7-92F4-52897DC29FC0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{27DE7061-6082-4208-A7E0-0050C8C9122C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2B87932E-F689-40FF-9500-0114B20CBCED}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{333DC20B-C3C9-4ADB-A0D0-4470AFBC5D8C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{334880F3-745E-4075-BCD3-88E1339F4397}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33E14E41-8C35-4EFF-ADC0-BF9FB8A6AFD1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{35A25940-26AC-449F-8776-DEAD4915F555}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4A65F3B8-6849-4880-9506-BA449171323A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4F30F5E2-AD35-4127-B5AE-57B3AE45D888}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{540E1D19-1C71-4B93-9705-329329D2484B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5625B3B7-5E3D-49E0-AA1C-C47DDC28D4EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{594D2040-7B59-49E3-9AF1-3E92CC0A713E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{5A97E8FB-BF70-4BCD-9AC5-F48B00FEEE40}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5C8373DC-61C0-4B43-A744-081D07971BC4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5C9DF7CB-11EA-4730-BC1F-61C11BD73E13}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5FC24A54-E8A7-44AD-9052-CB5AA289437D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{633F337F-A675-4A3E-850C-AF6D765E09F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6474D661-CF01-4F1B-AFCF-61B815B8905E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6843608D-72F4-4378-82BC-019F9D403BEC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{68D0C8A6-7771-424C-9E2E-8F176EFCBDCE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{68D506C9-A70E-4708-89D0-B41BB77DDBC6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{6957EE61-4C73-4CEE-8C57-FDDDC9861BA3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6E443032-0FA6-481E-91BA-2DDEEFF0D12D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73F747ED-43A5-4F87-88F2-BC4EC4FF50C8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{75C1FEEA-74DB-4C50-B939-C1BA9314CDEE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8160E9D4-C116-433D-913F-6B70238B1627}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{85696775-8506-4179-8E94-968C4B818975}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8C6A27D6-C28D-4330-B0AA-BF5CD70AC3C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8C7CBC05-CFDF-4DCD-9AD4-5D86F9F88F7C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8E36E6FD-D44F-4042-AC68-49652303DF80}" = protocol=17 | dir=in | app=c:\users\hilli\appdata\roaming\dropbox\bin\dropbox.exe |
"{958AED33-F896-408D-812E-2E3DBE4491EB}" = protocol=6 | dir=in | app=c:\users\hilli\appdata\roaming\dropbox\bin\dropbox.exe |
"{9AF3C1B6-7387-4BC6-8B13-5C4305483BC5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A5BD2DD4-C186-4E85-A8E6-BF92FD80D101}" = protocol=6 | dir=out | app=system |
"{AA49CE38-4FB6-45C1-B7FF-7DB14791F2D0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B3B066E9-5A2E-4A9F-A09A-C6A2C69C1650}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B4898B1A-DFC3-4274-843B-1B2361320438}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{B6E4D15D-F4FC-4F42-9AA9-41960E4CDE94}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B8E86A59-DF0C-45D3-A08F-77364128B452}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{B9D8A05B-DAA6-4A21-A009-DD36A746D771}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA621AF4-44DD-41B1-83C2-EAF627944904}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BB7DAA1A-41D6-496C-BC7C-04861D40A7C2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BD2C523B-A199-4E6C-A65D-B42B2AEEFB78}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C21D3AA8-3308-4670-8E9B-A9EC95BECB11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C56E9DF0-B04E-4498-A3F1-495F85F9FFF1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C5F8DF10-2D21-46EA-A94A-EB6B260E8B53}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{CB761DCB-C689-445A-B729-121CD34F5B2D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{CBAB10BC-CAED-47A1-8FC3-13B43D2F9E36}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CBC3C8A5-A1A0-4062-AD23-BD114D35D2E3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D0E1DB85-A90C-4F0B-9269-1480F11334ED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D146F204-F6C6-49B0-A99C-F997AD788143}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D495F957-256D-4F86-8C42-7E51D21E3379}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D4FAB894-7524-4D0F-8DE5-BE2A02CDDC3B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DBC82EC7-46F9-47EB-B6A9-8A9C7C477C72}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DBD39AD2-F887-45D4-947B-0CBB4CDCB0CF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDDCE87C-E2C8-47E4-AD4B-E5EE96288220}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe |
"{DDF6568A-01C5-4B68-A48F-C6F395DB8C30}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E37552CB-593A-403E-B04E-F71A57A76521}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E37DD6CE-981B-45F4-8D30-3AC7AAF040B8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E62D2220-BB1F-414F-98D9-5367C5F195E9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EAB48D40-C7B2-42E9-BEB3-EC379E06006D}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{ECB5B053-0812-4CF5-83B5-68D6047F0658}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ECEEA93B-6784-4900-8ADC-798B0B030FAA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED093657-363A-43A3-B281-CDA3509B213A}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{ED22DDCA-8B2F-492E-A1BC-6E31D37AC0D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDE1073D-C2E7-4225-B0AC-48972979CD68}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EF276E81-A9B4-4142-B39C-114E03DDABC2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{F3A4D7BB-5023-4263-926D-F4EF239C5EB6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F3E59B0D-C580-4D79-B5CD-201A58C9172C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5F1C1A4-4660-4C62-AD97-B7C6250C5570}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F634A791-476D-4515-B0C5-E01A89D42DFA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F775AFB6-7E51-42E8-B5C6-A722E0DC8E65}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{FE21F285-39F4-4826-8451-EEA109AE404B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"TCP Query User{907E7403-CD0F-4B55-B3C6-1D85C9E8F6CF}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A8DC275A-18AF-4A27-90C7-3E6EEA993ED2}C:\users\hilli\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\hilli\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{AB58217F-34DC-4758-9FC4-932735FDE9CF}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{B2437E4C-74B5-4D3D-BC77-6165E9FD1BE0}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{D853E05B-F0C9-49A7-AFAD-69E4F5D66228}C:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{303F587C-C69B-40EB-A4F6-B6CBA9E16875}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6EA0AFE2-5D99-4CF9-AEDD-4408907A70A9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{9218C220-3685-4973-9C53-F913CBEDD651}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{ADCAFF3B-83BE-4069-80B4-323015C8B970}C:\users\hilli\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\hilli\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{F8974E75-A9AE-4C0E-935C-92EFE4DC6159}C:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{08BCFE15-8AA1-4A58-B018-4FEF486BA922}" = Autodesk Inventor Fusion for Inventor 2013 Add-in
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1012456A-D118-37E0-E837-34AA28602013}" = AMD Drag and Drop Transcoding
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{266597A9-1764-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2013 (Client) German Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1" = SmartPCFixer 4.2
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F2B8F3E-70FA-AA71-4526-3BFDEDE502EF}" = AMD Fuel
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-B006-0000-0102-0060B0CE6BBA}" = AutoCAD MEP 2013 - Deutsch (German)
"{5783F2D7-B006-0407-1102-0060B0CE6BBA}" = AutoCAD MEP 2013 Language Pack - Deutsch
"{5783F2D7-B006-0407-2102-0060B0CE6BBA}" = AutoCAD MEP 2013 - Deutsch (German)
"{5783F2D7-B028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{68CA3A47-3F7E-0E92-DC0D-5B0C02D9AFAD}" = ccc-utility64
"{6BB150E8-6CBB-5F8F-CAE7-BE21B2C92D31}" = AMD Accelerated Video Transcoding
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{792A9A32-718A-40D1-9867-A903F76AE2F8}" = Eco Materials Adviser for Autodesk Inventor 2013
"{7F4DD591-1764-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1764-0001-1031-7107D70F3DB4}" = Autodesk Inventor Professional 2013 Language Pack - Deutsch (German)
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{914F7627-B645-9895-F723-BAEAAC865E75}" = AMD Catalyst Install Manager
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B46DECD1-1764-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2013 (Desktop Content)
"{CF526A26-1764-0000-0000-02E95019B628}" = Autodesk Vault Basic 2013 (Client)
"{D25FF5C1-1764-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2013
"{DA3372D5-F228-5C71-3FAC-177D4AEE8659}" = AMD Media Foundation Decoders
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FFF5619F-2013-0064-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"4C8545EEB6143B6AD3858B5D1E0AEE76040B1435" = Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24)
"6849F67BACD4DA5A5B9D46803E6850D0BE8B3826" = Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24)
"8D0D8EE2347DC7FE9BD534792E76CD8F22681D44" = Windows-Treiberpaket - TERRATEC Cinergy C/S2 PCI Infrared (05/21/2010 1.00.03.201)
"AutoCAD MEP 2013 - Deutsch (German)" = AutoCAD MEP 2013 - Deutsch (German)
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Professional 2013" = Autodesk Inventor Professional 2013 Deutsch (German)
"CB911E83C421B81249FF40C42D1544261A839B84" = Windows-Treiberpaket - TERRATEC Cinergy C PCI (11/18/2010 1.01.02.501)
"CCleaner" = CCleaner
"DWG TrueView 2013" = DWG TrueView 2013
"EPSON SX420W Series" = Druckerdeinstallation für EPSON SX420W Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{03D45A4B-D7F5-C03E-1650-885756303D13}" = CCC Help Norwegian
"{04AE3BBC-ABFF-42CC-9F90-5B35D229328A}" = Gtk# for .Net 2.12.10
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}" = SDFormatter
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{284E9E9A-D8BE-3588-D0BA-E9BB61970A1D}" = CCC Help Hungarian
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{30E01116-5666-4807-8EF1-D80E9FF16717}" = Epson Easy Photo Print 2
"{30E18A93-982E-AF1B-D646-E8C5DAECA390}" = CCC Help French
"{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}" = Media Go
"{39D61CBB-81C7-43CF-BB70-6BB620FBD10A}" = BricsCAD 13.1
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4021F8B5-E8BB-D0F9-AF28-4970013FAE3D}" = AMD VISION Engine Control Center
"{470D66DF-B597-124E-EDCE-8B966AA5F230}" = CCC Help Portuguese
"{483924A6-52C5-9169-0280-14272D5FBA70}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}" = Media Go Video Playback Engine 1.116.104.02020
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57AE1BE1-24E8-4169-D52C-ABE31BD91562}" = CCC Help Finnish
"{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1" = posterXXL.de Bestellsoftware 4.80
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5A775CBD-03A6-4832-820C-20C0DC57E2E5}" = Cinergy C PCI HD Driver Installation (64 Bit)
"{5B5745F7-23EF-9E5E-6689-512C9FA08222}" = CCC Help English
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{60597b3f-d714-4f4e-8094-be088a31ff25}" = TubeBox
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{625031C9-E249-2A53-C282-C1E9872B211E}" = CCC Help Turkish
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}" = Die Siedler 7
"{655E0B5A-7ADF-A052-587F-64F0E59B58E7}" = CCC Help Dutch
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6B68D0AD-880A-4862-928A-2830037BE50E}" = TubeBox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74437563-D720-0307-90FC-1C351B1041D7}" = Catalyst Control Center Localization All
"{789A4D10-821B-3FA5-52B0-F0FAEEDED9F4}" = CCC Help Czech
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BA14A92-C229-5E00-3ADE-8D22F81B849E}" = CCC Help German
"{80A5B901-C7BD-D300-17BA-9E02F18EAB77}" = CCC Help Danish
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{82F505E6-5879-B30A-12B7-7795969D3BBB}" = CCC Help Polish
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{8476003F-6927-8393-C6F4-FAF47D61D00B}" = CCC Help Korean
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89A2D79E-B3AD-A83A-795F-5645EFF922D3}" = CCC Help Greek
"{89C0F58F-9E5B-2B45-D9DF-7988A54BECA8}" = CCC Help Italian
"{8B91D776-792D-F02B-DE43-BF398549C729}" = CCC Help Spanish
"{8F272838-BDD6-B433-D650-25E231AEFA8A}" = Catalyst Control Center InstallProxy
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{983BE967-28E9-5C78-8851-638DAC4AF66E}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCB8F6D-33FC-4E79-8616-7BE5DF32A955}" = BPM-Studio 4 Demo
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}" = MEDION GoPal Assistant
"{A707240D-18D3-07F4-AE2E-6AE76C220192}" = CCC Help Japanese
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A86DDB5D-FB15-4C7E-8838-849493A45DF8}_is1" = Catan 1.0
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{B95AC87D-630B-603F-3F12-AA22B3BBA69C}" = CCC Help Chinese Traditional
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB1C554C-5343-9A69-1B8C-666AF192CA19}" = CCC Help Russian
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F32D24DD-D787-10F9-D21E-BC3FAB3064CB}" = Catalyst Control Center Graphics Previews Common
"{F8D90583-7BB5-75A9-B23F-A353AD4674BC}" = CCC Help Thai
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android SDK Tools" = Android SDK Tools
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Vault Basic 2013 (Client)" = Autodesk Vault Basic 2013 (Client)
"avast" = avast! Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVBViewer TERRATEC Edition_is1" = DVBViewer TERRATEC Edition
"ElsterFormular" = ElsterFormular
"EPSON Scanner" = EPSON Scan
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Flashtool" = Flashtool
"Glary Utilities_is1" = Glary Utilities 2.56.0.1822
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mein Gutscheincode" = Mein Gutscheincode
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"RocketDock_is1" = RocketDock 1.3.5
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 8" = TeamViewer 8
"Tubesaver@istqt.co" = TubeSaver
"Wubi" = Linux Mint
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4169407878-62748205-3410115502-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.03.2013 08:30:12 | Computer Name = XXXXXXXX-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11.03.2013 08:30:13 | Computer Name = XXXXXXXX-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9812
Error - 11.03.2013 08:30:13 | Computer Name = XXXXXXXX-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9812
Error - 11.03.2013 09:45:25 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.03.2013 16:05:45 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.03.2013 03:39:10 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.03.2013 10:26:01 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.03.2013 05:04:57 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.03.2013 08:26:42 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.03.2013 15:19:06 | Computer Name = XXXXXXXX-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 10.07.2013 14:22:11 | Computer Name = XXXXXXXX-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
System Store erreicht.
Error - 10.07.2013 14:22:11 | Computer Name = XXXXXXXX-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 10.07.2013 14:22:40 | Computer Name = XXXXXXXX-PC| Source = DCOM | ID = 10016
Description =
Error - 11.07.2013 03:00:30 | Computer Name = XXXXXXXX-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 11.07.2013 03:00:30 | Computer Name = XXXXXXXX-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 11.07.2013 03:00:33 | Computer Name = XXXXXXXX-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 11.07.2013 03:00:33 | Computer Name = XXXXXXXX-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 11.07.2013 03:01:06 | Computer Name = XXXXXXXX-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
System Store erreicht.
Error - 11.07.2013 03:01:06 | Computer Name = XXXXXXXX-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 11.07.2013 03:01:35 | Computer Name = XXXXXXXX-PC| Source = DCOM | ID = 10016
Description =
< End of report >
Wer kann mir helfen und sagen was bei mir falsch läuft????? Ich Bedanke mich jetzt schon mal für die Hilfe!!  |
| Themen zu mail delivery failed: returning message to sender im gmx account |
| antivirus, bho, bonjour, browser, error, failed, flash player, format, hacktool.keygen.kms, homepage, iexplore.exe, install.exe, mail delivery, mozilla, msiexec.exe, plug-in, pup.pswtool.productkey, registry, riskware.tool.ck, rundll, scan, senden, software, svchost.exe, tubesaver, udp, windows, xperia, ändern |
Baum-Darstellung