Hallo!

da mir mein AntiVir gerade bescheid gegeben hat das ich mir wohl diese zwei Trojaner eingefangen habe (TR/TDss.bckj.7' [trojan] und
TR/FraudPack.auiv' [trojan] ), wollte ich mal meine Logs nach dem CCleaner und Malwarebytes checken lassen.

Hier meine Logs:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4076

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

08.05.2010 12:28:27
mbam-log-2010-05-08 (12-28-27).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 300618
Laufzeit: 25 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL logfile created on: 08.05.2010 12:32:50 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\****\Downloads
64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 98,96 Gb Free Space | 67,56% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 79,16 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: *******
Current User Name: *****
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Daniel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Daniel\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (O&O Defrag) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthServ) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M]
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (WINUSB) -- C:\Windows\SysNative\DRIVERS\WinUSB.SYS (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (cpuz132) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\Drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ATIAVAIW) -- C:\Windows\SysNative\DRIVERS\atinavt2.sys (ATI Technologies Inc.)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys (EnTech Taiwan)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (ATITool) -- C:\Windows\SysNative\DRIVERS\ATITool64.sys ()
DRV:64bit: - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\Windows\SysNative\DRIVERS\s116unic.sys (MCCI Corporation)
DRV:64bit: - (s116obex) -- C:\Windows\SysNative\DRIVERS\s116obex.sys (MCCI Corporation)
DRV:64bit: - (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s116mgmt.sys (MCCI Corporation)
DRV:64bit: - (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) -- C:\Windows\SysNative\DRIVERS\s116nd5.sys (MCCI Corporation)
DRV:64bit: - (s116mdm) -- C:\Windows\SysNative\DRIVERS\s116mdm.sys (MCCI Corporation)
DRV:64bit: - (s116mdfl) -- C:\Windows\SysNative\DRIVERS\s116mdfl.sys (MCCI Corporation)
DRV:64bit: - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s116bus.sys (MCCI Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WinRing0_1_1_1) -- C:\C2DtoG15\WinRing0x64.sys (OpenLibSys.org)
DRV - (CSC) -- C:\Windows\CSC [2008.06.27 13:03:40 | 000,000,000 | ---D | M]
DRV - (FLASHSYS) -- C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys ()
DRV - (WINUSB) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (ENTECH64) -- C:\Windows\SysWOW64\drivers\Entech64.sys (EnTech Taiwan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B3 C4 CA 1E 6B BF C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.4
FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.02 09:05:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.05.08 10:42:07 | 000,000,000 | ---D | M]

[2008.07.14 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2010.05.08 10:46:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions
[2010.05.01 07:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010.05.01 07:08:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.01 07:08:29 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.05.28 10:37:58 | 000,000,682 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\2b4kc0u7.default\searchplugins\ask.xml
[2008.07.29 17:40:29 | 000,000,523 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\2b4kc0u7.default\searchplugins\daemon-search.xml
[2009.04.23 07:53:39 | 000,001,744 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\2b4kc0u7.default\searchplugins\live-search.xml
[2010.03.06 08:09:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2008.06.30 23:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npOGAPlugin.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.05.01 08:59:56 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img33.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img33.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a933f0ae-0591-11de-97f7-002185029410}\Shell - "" = AutoRun
O33 - MountPoints2\{a933f0ae-0591-11de-97f7-002185029410}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{a933f0d8-0591-11de-97f7-002185029410}\Shell - "" = AutoRun
O33 - MountPoints2\{a933f0d8-0591-11de-97f7-002185029410}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{f3982d78-b99f-11de-9f5b-002185029410}\Shell - "" = AutoRun
O33 - MountPoints2\{f3982d78-b99f-11de-9f5b-002185029410}\Shell\AutoRun\command - "" = F:\Install.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk /p \??\H - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.08 11:35:39 | 000,000,000 | ---D | C] -- C:\avrescue
[2010.05.08 11:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.05.06 17:29:08 | 000,000,000 | ---D | C] -- C:\84e6b7a912312b6446727437d0
[2010.05.01 09:05:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.05.01 09:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.05.01 08:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.05.01 08:59:27 | 000,000,000 | ---D | C] -- C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010.05.01 08:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.05.01 08:09:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\jelbltpcp
[2010.04.24 12:42:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\BFBC2
[2010.04.15 06:31:41 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.15 06:31:39 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.15 06:31:39 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.15 06:31:33 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
[2010.04.15 06:31:33 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
[2010.04.15 06:31:33 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
[2010.04.15 06:31:33 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2010.04.15 06:30:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.15 06:30:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.15 06:30:39 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.15 06:30:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.09 16:25:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag
[2010.04.09 16:24:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\O&O
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.08 12:34:06 | 004,456,448 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat
[2010.05.08 11:33:55 | 000,001,724 | ---- | M] () -- C:\Users\Daniel\Desktop\CCleaner.lnk
[2010.05.08 11:31:57 | 001,682,544 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.05.08 11:31:57 | 000,721,592 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.05.08 11:31:57 | 000,665,324 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.05.08 11:31:57 | 000,164,180 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.05.08 11:31:57 | 000,134,806 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.05.08 11:26:23 | 000,004,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.08 11:26:23 | 000,004,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.08 11:26:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.08 11:26:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.08 11:26:16 | 4294,225,920 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.08 11:26:14 | 002,781,067 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010.05.08 10:01:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.05.08 10:01:46 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000001.regtrans-ms
[2010.05.08 10:01:46 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TM.blf
[2010.05.08 10:01:42 | 003,886,453 | -H-- | M] () -- C:\Users\Daniel\AppData\Local\IconCache.db
[2010.05.07 16:25:56 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.05.07 16:25:56 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.05.06 20:08:14 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000002.regtrans-ms
[2010.05.04 06:48:00 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000001.regtrans-ms
[2010.05.04 06:48:00 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TM.blf
[2010.05.01 09:23:15 | 000,001,928 | ---- | M] () -- C:\Users\Daniel\Desktop\HijackThis.lnk
[2010.05.01 09:05:06 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.28 18:33:32 | 000,398,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.26 18:57:50 | 000,033,280 | ---- | M] () -- C:\Users\Daniel\Documents\KFW.doc
[2010.04.24 12:41:43 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.04.24 12:41:43 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.23 19:38:58 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000002.regtrans-ms
[2010.04.23 07:51:02 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\NTUSER.DAT{fcfc8c50-9e88-11de-9a6f-002185029410}.TMContainer00000000000000000001.regtrans-ms
[2010.04.23 07:51:02 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\NTUSER.DAT{fcfc8c50-9e88-11de-9a6f-002185029410}.TM.blf
[2010.04.17 09:10:18 | 000,010,843 | ---- | M] () -- C:\Users\Daniel\Documents\Einnahman Ausgaben.xlsx
[2010.04.09 16:26:34 | 000,123,904 | ---- | M] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.09 16:23:45 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.08 11:33:55 | 000,001,724 | ---- | C] () -- C:\Users\Daniel\Desktop\CCleaner.lnk
[2010.05.06 19:53:10 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000002.regtrans-ms
[2010.05.06 19:53:10 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000001.regtrans-ms
[2010.05.06 19:53:10 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TM.blf
[2010.05.01 09:18:21 | 000,001,928 | ---- | C] () -- C:\Users\Daniel\Desktop\HijackThis.lnk
[2010.05.01 09:05:06 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.26 18:43:41 | 000,033,280 | ---- | C] () -- C:\Users\Daniel\Documents\KFW.doc
[2010.04.24 12:42:29 | 000,218,808 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.04.24 12:41:43 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.04.23 18:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000002.regtrans-ms
[2010.04.23 18:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000001.regtrans-ms
[2010.04.23 18:11:11 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TM.blf
[2010.04.09 16:23:45 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010.01.20 18:57:22 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.01.20 18:57:22 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.10.25 12:43:43 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.10.25 12:43:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.08.29 10:34:59 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.08.29 10:34:59 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.07.12 12:06:39 | 000,000,170 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.07.10 15:31:17 | 000,000,032 | ---- | C] () -- C:\Windows\CD-Start.INI
[2009.03.08 11:33:05 | 000,000,336 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008.07.21 16:12:04 | 000,495,616 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2008.07.21 16:12:04 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2008.07.11 13:11:21 | 000,000,004 | ---- | C] () -- C:\Windows\info147.sys
[2008.07.03 20:07:12 | 001,664,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008.06.27 17:03:55 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2008.06.27 14:22:25 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2008.01.21 04:48:25 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 72 bytes -> C:\Windows:76D44167FD72F082
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:425D0709
< End of report >

OTL Extras logfile created on: 08.05.2010 12:32:50 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Daniel\Downloads
64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 98,96 Gb Free Space | 67,56% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 79,16 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANIEL-SPIELE
Current User Name: Daniel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 62 71 2D 74 DC 5B C8 01 [binary data]
"VistaSp2" = F5 BE D2 83 74 55 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A945D2-B3E3-4D17-8831-62448B64C517}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{01F2872E-7A73-4D9B-9EB2-08A105B6E151}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{159B5243-2AF7-42A4-8077-B1CE9A4FA290}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1A7137A9-F1D2-40BA-8151-E05E3D13FF88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{30B1996E-6A26-43E3-866E-7B9818C92B5C}" = rport=139 | protocol=6 | dir=out | app=system |
"{3FACD1E9-1DD5-42B4-9777-168B4AC715CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{3FD2DA40-5387-4314-990B-25DF6E4B4BA8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4178A154-A687-44F9-BA49-D070586A0437}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44C5353C-0A20-44B4-9117-A27ED64D9B34}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{564B0437-5C74-46DF-9D09-E54DC7B31A17}" = lport=445 | protocol=6 | dir=in | app=system |
"{5724708B-FA92-427A-86BD-8889B8EE1BDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{59FD94F1-CC94-49FA-B72E-319F78563C79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A97E134-6964-4EB8-97A2-0CE737E84745}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5D305AF4-0F1D-4FE5-A063-B7F1878B2EF1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{779B7F01-9B9A-4240-A39A-84AB1BA1ECE5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7D42E391-82DA-4DC4-A751-6CF4D8B48123}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{7E0A191B-B878-4152-9D84-8DF4CA900FD7}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{7E1374DC-E8C9-453A-BD89-CC4BE6912B89}" = lport=137 | protocol=17 | dir=in | app=system |
"{860EBE5C-9EE2-4755-8DA4-F5DBFE6F81AA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89B922A4-F4F0-47F0-BC54-89F37A59FAB7}" = rport=445 | protocol=6 | dir=out | app=system |
"{8DFBCC2C-85DE-474C-8EEB-95F3A42EAB0B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{95F20670-5086-4121-95D6-3545E647514B}" = rport=138 | protocol=17 | dir=out | app=system |
"{97849BE1-D637-4879-9313-E04A31DD82E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98237B9A-ED0E-4106-836C-2EF1109FE608}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B417D398-DE67-4584-8675-01D6C53AA0A8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B57C5129-3694-4723-BE0B-369A957B5032}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CD7FD870-9377-49B5-BDA0-54BD2E4058F4}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DDD8F22C-F495-4B41-A379-50416552FAD0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E62543D4-0D3D-4DF0-B599-6783811B4028}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6CE5DA6-BF98-45C3-B2E4-0A20ADB95F69}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E794098A-0F71-4F47-88CA-164A15522D25}" = lport=138 | protocol=17 | dir=in | app=system |
"{EBB4BD1F-3222-44E9-A817-41C621BCA747}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0576846B-D0EB-4A11-B842-005A74A5A7AD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{07947C16-44B6-49BE-B2DF-65C31785CAD1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{07D35AC0-D272-42DE-B9E0-F9BA61E2601B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0986D7B6-8F1E-48B5-AA57-7F608869BAFD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{0C36406C-3B12-4D4F-ADED-BED5BA3FF74A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0C888B22-21B7-432A-96DA-4C04302ED61B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0CF8E246-F0EC-490E-B123-85A391E8D988}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0D057C31-1FBC-4FB3-8B2A-E3952F1EC21A}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{0D38E943-F40B-4362-9C96-DF29387E384C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{12039BB7-6E59-4183-BA71-B4ADAF7EE83E}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{1745BAF2-C829-494B-945D-3F33E928E36E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{18A822EA-1A4E-4170-BD4D-D11504E13925}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{19EEB5DA-5FAD-45F6-B5A3-9E0F75CDDBA7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1E98EBED-8E81-448C-80A3-75D8BD23B24F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{217CE3BA-F2D5-494C-856E-EA0A902F73FC}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe |
"{235B1A76-70BE-4BA7-9FAF-3F3B7A0BB605}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{23808F0A-9BF8-4417-A88B-4E4DF4976C45}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe |
"{24793580-125B-4D22-9F3E-698DDDBB1A55}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{24C16246-D22F-47AE-9084-5D409AD90B25}" = protocol=6 | dir=in | app=d:\2142\bf2142.exe |
"{25D4CFDE-28C5-4790-B63E-88809791A9C9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{287C1004-7419-4105-A114-BB7713B2F3CA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{28DA9921-2670-4DE3-8DC2-6094678554ED}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2AC17A61-F0B8-45EE-BD1C-AC79F6E804E2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2CA8A229-8796-483F-99CA-FBF8068E990B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2DDFFA27-8A56-4FE5-B2C7-4D7B4D5A9FBF}" = dir=in | app=d:\command\retailexe\1.4\cnc3game.dat |
"{2E7ABE2D-2829-4AC1-98CF-2150ECACCD5D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3457B299-656D-4523-98A9-9AE9417935C6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3566C117-9838-4CB0-A18B-DC437D3081FA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{35C64713-8E60-4B5E-961C-D441E01FD281}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{36A74C75-848F-418F-A421-980948F667FF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{37DB583C-2711-4DBE-879A-BA3D99ED49D3}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{38900BC8-DD9E-4A17-8376-E25642DCDEE2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{393544D1-7E02-4A73-B16A-ED40823C2B43}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{398CB8D5-7FDE-4B60-862E-BCC481FF3F6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3A371543-BD0C-4910-BAB9-0C59BE440BC0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3C63D77E-6309-4DBA-9815-5075DFCBEC2D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3CFAD7DE-9BC1-43AC-BCC4-95C07E09C763}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3ED7F78E-E9E2-4A5B-9419-9B248BCC6DE5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{3F9222A3-6D11-4D46-B7E1-AE0FC53ACC15}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{40632805-E925-4B38-88B8-4C88AE5BB665}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4072F284-4A68-45AC-A504-E3E07212CAF3}" = protocol=6 | dir=in | app=d:\codwaw\codwawmp.exe |
"{4225C9A8-616C-41F2-A0EA-1D568FC7F80E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{44D6D2A8-17B6-4261-BF81-3D45B1BC8EC2}" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe |
"{453FABB3-CFBC-48EC-85FE-3C64435D6E80}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{47664A3C-25B2-47FE-B5E0-590220543A5C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{47E8C780-10CF-4BE2-B19B-6E956366E9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4A011E32-5ACC-4A13-B003-1F64D05C5405}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4E5A0EB9-6F00-4B7E-8987-0379090FB71C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4EBF4A93-B695-43F9-913E-0B54AA2533A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4FBF52E4-A95E-40F0-B5A9-CC7EA190B270}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{515D5F0C-2926-4CD2-88B0-CD71F75C3B7B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{51694DCE-B710-457C-9B4D-5E85D8D63E49}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{51718FF4-2759-47ED-8449-9FA5D830B2FC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{531DC9D7-89DD-4AED-BB4E-44915A10696B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5377B5F6-6EFA-4D8B-84DA-48BB99EFC3CB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5688367C-C214-4529-A5FC-798418666CAE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{56FCDEEF-ED6B-45C8-8052-603BCE146969}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe |
"{59F4BCE6-391D-4F34-883A-A513EAB7164E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{60015B62-B56E-43CD-8CEA-8061CCB47D2C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{64D2050F-ADF4-43C1-94C3-220D710172BA}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{68AD0357-F4A2-4338-B5C1-18B0D77F6E3B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{690C3A6B-5B95-4B49-A3A3-F883087AA128}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe |
"{6EA501C0-00AB-4001-84BD-B7DC3005EE25}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6F1E5993-2839-460B-84E2-2CE218767A21}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6F38B0DA-BA4C-4A28-B37C-AACC11C56D43}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{7104C9AC-54F5-4674-961F-7B6EAD438D4A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7724DB0F-DF4F-4D90-A052-3343A3525C01}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{77A121C9-17CB-4A20-8D94-6094D9FAFA09}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7934CCB1-74AD-4463-B6B8-243094C85513}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |
"{79626726-B305-4009-A311-BB476B0F2379}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{7B23A9D1-3660-441C-87DE-CDB2BCB7E69F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7C9AFF93-423E-404E-B607-A0CEEF7AB817}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7E11A057-FEBC-4F3B-A077-19E9404CDE71}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{7F07A769-CEF3-45F9-A712-D215A690C62E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7F244385-6ADF-4BF0-A1D0-732CE256E52F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{83DA59E8-9E34-4E92-A5AE-DF20F954074C}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |
"{85DC5DEE-817E-44C8-9CC2-7B92007BA880}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe |
"{89DC7B80-33E0-4716-B4C0-A7B2CA94D1D3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8E0B8806-B432-4A17-943B-23CCF1130410}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysis.exe |
"{8F804F21-8E21-4829-BF1B-9819F655E2F0}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe |
"{8FB29679-B574-4351-A378-E565815B535D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{902BDE15-4D1D-4CC0-A9EA-812B691A51B7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{91A477DE-B438-47F1-8DA7-DA80A84925A8}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysis.exe |
"{972628CF-9FF5-4F54-AE1F-ED1769B7C029}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{988D0960-5B05-4806-85F9-754CE0926348}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9AF60067-6946-4295-9FD5-C72E6D2F8300}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A6826213-E56B-4FA5-A53D-8273ADEABF47}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A935EEE8-445E-416B-818A-61E6B03F60B8}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A9C7ED12-6A7F-4DE5-BC72-FF2E963DF6AC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AA6F4241-57E5-4F9F-985F-E2FCFF7BDF65}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AD2D6F68-5D16-4BFE-AEBA-3866AA6AF15C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysis.exe |
"{AE91FF0E-F0C8-48CA-BF8C-A4200D514C9D}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{B047B339-77DC-4301-818C-E542F031FED3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B2931B90-341E-4A1A-8C2C-FA3D363A11B3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B34FCCC1-059D-4916-AC39-717399EB90E9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B36B6EFD-9632-49EE-886D-5E101E116081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B3DE73FF-A725-46BC-A4D2-67B0E2BC66EE}" = protocol=17 | dir=in | app=d:\2142\bf2142.exe |
"{B49D9C9B-06F8-4C01-9C39-654E67701E92}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B61DB972-6B82-47EB-BEC9-76256FBB7F59}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B6408A21-0701-4166-BFC1-AAFDC0363CF1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BBDDD651-9004-40D5-8C12-9D6A158D9B1D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{C0877BE4-F48C-4FBE-8127-31718E7F9C7F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C52FC946-6C36-469A-ADCC-56E947728511}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C7CC3790-DD18-4800-BA7A-E1E98837D97C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{CF683C53-303F-4995-817B-391A89317ED5}" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe |
"{CFBBCE65-F656-43CA-92F7-5FD04DB2A694}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CFDD3CA9-AEDC-432B-8C8C-BE10B4FD4CD8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D01F6DE5-8E78-4B04-9CBE-3E6D769AD29B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D25A4CA9-6D83-49CD-B53A-1F5EE01E0A64}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D70F3310-9F3E-48F7-A3CF-4E3296836F12}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{DBA99BA4-EA0E-4753-96D7-C3BF9A21F661}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe |
"{DEFE7054-6699-4E61-977C-94111688F7F3}" = protocol=17 | dir=in | app=d:\codwaw\codwawmp.exe |
"{E5DF02C1-EE8F-4A55-9FA0-BF942C5ED52D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E6340F84-C446-4B30-874E-01328ECAA4D3}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe |
"{E855B351-8E85-435E-AB00-76BD4F291284}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E8D72A3F-8E8F-494C-995C-717E2A0649D0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EB95130A-B1FD-4446-90A5-B03DD48ADC88}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EB9C3D81-7C0A-4601-B9F2-F68E93FC6592}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EBFF26F3-09DA-4C5A-8875-337B15C07A39}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ED3D7540-F509-435E-9391-D5A75364A138}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{EE132866-00E3-44E8-8912-F47DC9DA9427}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EE4E8FB8-4021-44E4-AEA2-432C635186B8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{F1B4B0A9-902D-4D8D-86CE-11995503072E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F406D5B7-A7C3-4837-94DA-C365CB97CCBB}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{F42EF7FF-41A6-4EC6-9C0C-A5424572D9A3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F4D82591-0AD4-4822-924D-21B016B3E775}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysis.exe |
"{F4EC5F6D-6131-4111-BA81-8C2E2743A38D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F539D83D-3E1D-4D31-AC6E-0C6379DF995C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe |
"{F89787C8-0656-4893-BE63-1FFF751A9E8D}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{FA03DA2D-C600-4571-ACB2-0B407B971D6C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FA4EAFEF-6237-44E5-9D7A-5279844F29EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FE8DCF82-B34E-442F-A980-572CDB15B78D}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe |
"{FF25D47E-6838-4DC4-A503-03EAAA967A5C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0566C1BA-0C5E-4834-87F7-EBD7D89CAD51}D:\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=d:\der herr der ringe online\lotroclient.exe |
"TCP Query User{2673D3B3-94FF-40E3-8F1D-CD47E0727F91}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe |
"TCP Query User{28FA41CA-C4ED-4DCD-8DB1-3209B31AC3F4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"TCP Query User{5929217B-929A-4957-8FAF-85108616614E}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{65BAD2FB-823A-43FB-9D2D-93BAAB0D89EB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{6D1FE72D-7AE3-4986-8329-4F26E4E85854}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe |
"TCP Query User{7BC0243E-CACC-4EFA-9F57-D382F9565551}D:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\world of warcraft\repair.exe |
"TCP Query User{8A4DF1F5-BD2B-4D8C-A684-9F50BA2B81B1}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe |
"TCP Query User{99B0D25F-636B-463E-8E0C-2EC73B520DDA}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"TCP Query User{9B013CE1-B8C4-4469-998C-D86598253114}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{9CC1A83C-4494-4BCA-A323-B8EA96493639}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A2F5D4DD-CE8B-4067-9152-3F0F2B9655F2}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{A343CB53-8CBD-41AD-94DD-22C3BEAC7F30}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{A4DE5CA4-C47B-4697-8F78-1B3D76A542F1}D:\codwaw\codwaw.exe" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe |
"TCP Query User{AAA17FA3-E0F9-4278-B378-C88F529359AD}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{B251ED16-B569-4062-A969-5B205EF01768}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{D3CB2227-D97C-4FF4-B713-CECFD1BD2A4E}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{0713CBB8-F1A2-4D9F-93C0-BA842AFB5F91}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe |
"UDP Query User{07806BFD-161B-4127-97F4-629CA3D6A1A1}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{0D9D56FD-AEB7-4156-B5A7-779EC7A62417}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"UDP Query User{22AE314E-35B4-4100-AB0E-EE94B8B0ECD5}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{321DD32A-9037-4743-BBB1-7EC893181C2E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{5794B503-A926-4E94-8AC3-ECC7C3E92484}D:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\world of warcraft\repair.exe |
"UDP Query User{6C551323-66AC-44A4-B000-012DB8C77353}D:\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=d:\der herr der ringe online\lotroclient.exe |
"UDP Query User{75AC708E-A184-409F-A22C-67EA3B0FA954}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{AE0537C2-F154-44E2-B7F1-779C2C730276}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{B69E31A7-9CBC-4A25-AA5C-093C52D70DA4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"UDP Query User{C408DF55-E1A1-42F3-87EA-1716697C8862}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{E0F7B66F-7D9D-47F0-8907-7A80E57DC815}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{EFCAF346-FB00-4513-BAC2-32651F4CBA15}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe |
"UDP Query User{F22CA7D9-1E0E-4247-ABC3-368BC6770747}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{F46D6087-2FA1-4776-B1D9-1E11EFEB801A}D:\codwaw\codwaw.exe" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe |
"UDP Query User{FA403B39-61AE-4573-B5F0-D614CD7D397E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{FB8E9030-4DDF-4208-8B21-EFF253F7592B}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{53480360-C6AA-4E73-A4E3-1C4C915E049F}" = O&O Defrag Professional Edition
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A3C0247-7F29-446D-B418-D17A5256EDA5}" = REWI-Zentrale
"{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{572DB52C-9A8A-4FAB-B84C-DE82C59F86E1}" = REWI-LV
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesignerLPK.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesignerLPK.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_WebDesignerLPK.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0407-0000-0000000FF1CE}" = Microsoft Expression Web MUI (German)
"{90120000-0026-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0032-0407-0000-0000000FF1CE}" = Microsoft Expression Web Language Pack (German)
"{90120000-0032-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B0-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD5C399F-2D43-4EC5-AAF7-D600041EF25C}" = Microsoft Office Outlook SMS Add-in
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Schatten von Angmar v01.04.00.80
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0, build 24
"HijackThis" = HijackThis 2.0.2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Liveupdate4_is1" = Liveupdate4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator 2.2" = Canon MP Navigator 2.2
"PunkBusterSvc" = PunkBuster Services
"Steam App 24960" = Battlefield: Bad Company 2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 0.9.9
"WebDesigner" = Microsoft Expression Web
"WebDesignerLPK.de-de" = Microsoft Expression Web Language Pack - German/Deutsch
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.1.2
"InstallShield_{20BD3140-16AF-4B5F-BCD6-052B6CD11DE6}" = ROUTE 66 Sync
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11.04.2010 07:06:34 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung WMPSideShowGadget.exe, Version 11.0.6001.7000,
Zeitstempel 0x47919dd9, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005,
Zeitstempel 0x49e041d1, Ausnahmecode 0xc000001d, Fehleroffset 0x00000000000176fd,
Prozess-ID
0xec8, Anwendungsstartzeit 01cad9401da6eddb.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 16.04.2010 14:32:54 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 16.04.2010 14:32:55 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 24.04.2010 06:41:36 | Computer Name = Daniel-Spiele | Source = System Restore | ID = 8193
Description =

Error - 25.04.2010 01:05:48 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SilentUpdater.exe, Version 9.0.4030.5, Zeitstempel
0x4b86b7c4, fehlerhaftes Modul rtl120.bpl, Version 6.0.6002.18005, Zeitstempel
0x49e03824, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f04e, Prozess-ID 0x714, Anwendungsstartzeit
01cae434f6972dc2.

Error - 25.04.2010 08:51:55 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung BFBC2Game.exe, Version 1.0.1.0, Zeitstempel
0x4bc75d63, fehlerhaftes Modul atiumdva.dll, Version 8.14.10.247, Zeitstempel 0x4b68ef67,
Ausnahmecode 0xc0000005, Fehleroffset 0x00001675, Prozess-ID 0x1254, Anwendungsstartzeit
01cae467eb8da652.

[ OSession Events ]
Error - 24.12.2008 12:32:34 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 87
seconds with 60 seconds of active time. This session ended with a crash.

Error - 12.01.2009 03:58:42 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 282
seconds with 180 seconds of active time. This session ended with a crash.

Error - 05.05.2009 02:05:12 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 71
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.06.2009 14:59:07 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.12.2009 13:44:26 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 07.05.2010 09:12:43 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 07.05.2010 09:49:05 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 07.05.2010 10:19:06 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 07.05.2010 um 16:16:23 unerwartet heruntergefahren.

Error - 07.05.2010 10:20:48 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 07.05.2010 10:46:36 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 08.05.2010 00:36:35 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 08.05.2010 04:41:47 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 08.05.2010 05:18:58 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 08.05.2010 um 11:15:59 unerwartet heruntergefahren.

Error - 08.05.2010 05:26:20 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 08.05.2010 um 11:19:58 unerwartet heruntergefahren.

Error - 08.05.2010 05:28:01 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =


< End of report >


Danke!

OTL Extras logfile created on: 08.05.2010 12:32:50 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Daniel\Downloads
64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 98,96 Gb Free Space | 67,56% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 79,16 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANIEL-SPIELE
Current User Name: Daniel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 62 71 2D 74 DC 5B C8 01 [binary data]
"VistaSp2" = F5 BE D2 83 74 55 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A945D2-B3E3-4D17-8831-62448B64C517}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{01F2872E-7A73-4D9B-9EB2-08A105B6E151}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{159B5243-2AF7-42A4-8077-B1CE9A4FA290}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1A7137A9-F1D2-40BA-8151-E05E3D13FF88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{30B1996E-6A26-43E3-866E-7B9818C92B5C}" = rport=139 | protocol=6 | dir=out | app=system |
"{3FACD1E9-1DD5-42B4-9777-168B4AC715CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{3FD2DA40-5387-4314-990B-25DF6E4B4BA8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4178A154-A687-44F9-BA49-D070586A0437}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44C5353C-0A20-44B4-9117-A27ED64D9B34}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{564B0437-5C74-46DF-9D09-E54DC7B31A17}" = lport=445 | protocol=6 | dir=in | app=system |
"{5724708B-FA92-427A-86BD-8889B8EE1BDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{59FD94F1-CC94-49FA-B72E-319F78563C79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A97E134-6964-4EB8-97A2-0CE737E84745}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5D305AF4-0F1D-4FE5-A063-B7F1878B2EF1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{779B7F01-9B9A-4240-A39A-84AB1BA1ECE5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7D42E391-82DA-4DC4-A751-6CF4D8B48123}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{7E0A191B-B878-4152-9D84-8DF4CA900FD7}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{7E1374DC-E8C9-453A-BD89-CC4BE6912B89}" = lport=137 | protocol=17 | dir=in | app=system |
"{860EBE5C-9EE2-4755-8DA4-F5DBFE6F81AA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89B922A4-F4F0-47F0-BC54-89F37A59FAB7}" = rport=445 | protocol=6 | dir=out | app=system |
"{8DFBCC2C-85DE-474C-8EEB-95F3A42EAB0B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{95F20670-5086-4121-95D6-3545E647514B}" = rport=138 | protocol=17 | dir=out | app=system |
"{97849BE1-D637-4879-9313-E04A31DD82E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98237B9A-ED0E-4106-836C-2EF1109FE608}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B417D398-DE67-4584-8675-01D6C53AA0A8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B57C5129-3694-4723-BE0B-369A957B5032}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CD7FD870-9377-49B5-BDA0-54BD2E4058F4}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DDD8F22C-F495-4B41-A379-50416552FAD0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E62543D4-0D3D-4DF0-B599-6783811B4028}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6CE5DA6-BF98-45C3-B2E4-0A20ADB95F69}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E794098A-0F71-4F47-88CA-164A15522D25}" = lport=138 | protocol=17 | dir=in | app=system |
"{EBB4BD1F-3222-44E9-A817-41C621BCA747}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0576846B-D0EB-4A11-B842-005A74A5A7AD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{07947C16-44B6-49BE-B2DF-65C31785CAD1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{07D35AC0-D272-42DE-B9E0-F9BA61E2601B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0986D7B6-8F1E-48B5-AA57-7F608869BAFD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{0C36406C-3B12-4D4F-ADED-BED5BA3FF74A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0C888B22-21B7-432A-96DA-4C04302ED61B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0CF8E246-F0EC-490E-B123-85A391E8D988}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0D057C31-1FBC-4FB3-8B2A-E3952F1EC21A}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{0D38E943-F40B-4362-9C96-DF29387E384C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{12039BB7-6E59-4183-BA71-B4ADAF7EE83E}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{1745BAF2-C829-494B-945D-3F33E928E36E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{18A822EA-1A4E-4170-BD4D-D11504E13925}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{19EEB5DA-5FAD-45F6-B5A3-9E0F75CDDBA7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1E98EBED-8E81-448C-80A3-75D8BD23B24F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{217CE3BA-F2D5-494C-856E-EA0A902F73FC}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe |
"{235B1A76-70BE-4BA7-9FAF-3F3B7A0BB605}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{23808F0A-9BF8-4417-A88B-4E4DF4976C45}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe |
"{24793580-125B-4D22-9F3E-698DDDBB1A55}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{24C16246-D22F-47AE-9084-5D409AD90B25}" = protocol=6 | dir=in | app=d:\2142\bf2142.exe |
"{25D4CFDE-28C5-4790-B63E-88809791A9C9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{287C1004-7419-4105-A114-BB7713B2F3CA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{28DA9921-2670-4DE3-8DC2-6094678554ED}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2AC17A61-F0B8-45EE-BD1C-AC79F6E804E2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2CA8A229-8796-483F-99CA-FBF8068E990B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2DDFFA27-8A56-4FE5-B2C7-4D7B4D5A9FBF}" = dir=in | app=d:\command\retailexe\1.4\cnc3game.dat |
"{2E7ABE2D-2829-4AC1-98CF-2150ECACCD5D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3457B299-656D-4523-98A9-9AE9417935C6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3566C117-9838-4CB0-A18B-DC437D3081FA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{35C64713-8E60-4B5E-961C-D441E01FD281}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{36A74C75-848F-418F-A421-980948F667FF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{37DB583C-2711-4DBE-879A-BA3D99ED49D3}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{38900BC8-DD9E-4A17-8376-E25642DCDEE2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{393544D1-7E02-4A73-B16A-ED40823C2B43}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{398CB8D5-7FDE-4B60-862E-BCC481FF3F6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3A371543-BD0C-4910-BAB9-0C59BE440BC0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3C63D77E-6309-4DBA-9815-5075DFCBEC2D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3CFAD7DE-9BC1-43AC-BCC4-95C07E09C763}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3ED7F78E-E9E2-4A5B-9419-9B248BCC6DE5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{3F9222A3-6D11-4D46-B7E1-AE0FC53ACC15}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{40632805-E925-4B38-88B8-4C88AE5BB665}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4072F284-4A68-45AC-A504-E3E07212CAF3}" = protocol=6 | dir=in | app=d:\codwaw\codwawmp.exe |
"{4225C9A8-616C-41F2-A0EA-1D568FC7F80E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{44D6D2A8-17B6-4261-BF81-3D45B1BC8EC2}" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe |
"{453FABB3-CFBC-48EC-85FE-3C64435D6E80}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{47664A3C-25B2-47FE-B5E0-590220543A5C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{47E8C780-10CF-4BE2-B19B-6E956366E9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4A011E32-5ACC-4A13-B003-1F64D05C5405}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4E5A0EB9-6F00-4B7E-8987-0379090FB71C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4EBF4A93-B695-43F9-913E-0B54AA2533A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4FBF52E4-A95E-40F0-B5A9-CC7EA190B270}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{515D5F0C-2926-4CD2-88B0-CD71F75C3B7B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{51694DCE-B710-457C-9B4D-5E85D8D63E49}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{51718FF4-2759-47ED-8449-9FA5D830B2FC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{531DC9D7-89DD-4AED-BB4E-44915A10696B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5377B5F6-6EFA-4D8B-84DA-48BB99EFC3CB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5688367C-C214-4529-A5FC-798418666CAE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{56FCDEEF-ED6B-45C8-8052-603BCE146969}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe |
"{59F4BCE6-391D-4F34-883A-A513EAB7164E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{60015B62-B56E-43CD-8CEA-8061CCB47D2C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{64D2050F-ADF4-43C1-94C3-220D710172BA}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{68AD0357-F4A2-4338-B5C1-18B0D77F6E3B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{690C3A6B-5B95-4B49-A3A3-F883087AA128}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe |
"{6EA501C0-00AB-4001-84BD-B7DC3005EE25}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6F1E5993-2839-460B-84E2-2CE218767A21}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6F38B0DA-BA4C-4A28-B37C-AACC11C56D43}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{7104C9AC-54F5-4674-961F-7B6EAD438D4A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7724DB0F-DF4F-4D90-A052-3343A3525C01}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{77A121C9-17CB-4A20-8D94-6094D9FAFA09}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7934CCB1-74AD-4463-B6B8-243094C85513}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |
"{79626726-B305-4009-A311-BB476B0F2379}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{7B23A9D1-3660-441C-87DE-CDB2BCB7E69F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7C9AFF93-423E-404E-B607-A0CEEF7AB817}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7E11A057-FEBC-4F3B-A077-19E9404CDE71}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{7F07A769-CEF3-45F9-A712-D215A690C62E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7F244385-6ADF-4BF0-A1D0-732CE256E52F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{83DA59E8-9E34-4E92-A5AE-DF20F954074C}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |
"{85DC5DEE-817E-44C8-9CC2-7B92007BA880}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe |
"{89DC7B80-33E0-4716-B4C0-A7B2CA94D1D3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8E0B8806-B432-4A17-943B-23CCF1130410}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysis.exe |
"{8F804F21-8E21-4829-BF1B-9819F655E2F0}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe |
"{8FB29679-B574-4351-A378-E565815B535D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{902BDE15-4D1D-4CC0-A9EA-812B691A51B7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{91A477DE-B438-47F1-8DA7-DA80A84925A8}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysis.exe |
"{972628CF-9FF5-4F54-AE1F-ED1769B7C029}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{988D0960-5B05-4806-85F9-754CE0926348}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9AF60067-6946-4295-9FD5-C72E6D2F8300}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A6826213-E56B-4FA5-A53D-8273ADEABF47}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A935EEE8-445E-416B-818A-61E6B03F60B8}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A9C7ED12-6A7F-4DE5-BC72-FF2E963DF6AC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AA6F4241-57E5-4F9F-985F-E2FCFF7BDF65}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AD2D6F68-5D16-4BFE-AEBA-3866AA6AF15C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysis.exe |
"{AE91FF0E-F0C8-48CA-BF8C-A4200D514C9D}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{B047B339-77DC-4301-818C-E542F031FED3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B2931B90-341E-4A1A-8C2C-FA3D363A11B3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B34FCCC1-059D-4916-AC39-717399EB90E9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B36B6EFD-9632-49EE-886D-5E101E116081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B3DE73FF-A725-46BC-A4D2-67B0E2BC66EE}" = protocol=17 | dir=in | app=d:\2142\bf2142.exe |
"{B49D9C9B-06F8-4C01-9C39-654E67701E92}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B61DB972-6B82-47EB-BEC9-76256FBB7F59}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B6408A21-0701-4166-BFC1-AAFDC0363CF1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BBDDD651-9004-40D5-8C12-9D6A158D9B1D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{C0877BE4-F48C-4FBE-8127-31718E7F9C7F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C52FC946-6C36-469A-ADCC-56E947728511}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C7CC3790-DD18-4800-BA7A-E1E98837D97C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{CF683C53-303F-4995-817B-391A89317ED5}" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe |
"{CFBBCE65-F656-43CA-92F7-5FD04DB2A694}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CFDD3CA9-AEDC-432B-8C8C-BE10B4FD4CD8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D01F6DE5-8E78-4B04-9CBE-3E6D769AD29B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D25A4CA9-6D83-49CD-B53A-1F5EE01E0A64}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D70F3310-9F3E-48F7-A3CF-4E3296836F12}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{DBA99BA4-EA0E-4753-96D7-C3BF9A21F661}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe |
"{DEFE7054-6699-4E61-977C-94111688F7F3}" = protocol=17 | dir=in | app=d:\codwaw\codwawmp.exe |
"{E5DF02C1-EE8F-4A55-9FA0-BF942C5ED52D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E6340F84-C446-4B30-874E-01328ECAA4D3}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe |
"{E855B351-8E85-435E-AB00-76BD4F291284}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E8D72A3F-8E8F-494C-995C-717E2A0649D0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EB95130A-B1FD-4446-90A5-B03DD48ADC88}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EB9C3D81-7C0A-4601-B9F2-F68E93FC6592}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EBFF26F3-09DA-4C5A-8875-337B15C07A39}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ED3D7540-F509-435E-9391-D5A75364A138}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{EE132866-00E3-44E8-8912-F47DC9DA9427}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EE4E8FB8-4021-44E4-AEA2-432C635186B8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{F1B4B0A9-902D-4D8D-86CE-11995503072E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F406D5B7-A7C3-4837-94DA-C365CB97CCBB}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{F42EF7FF-41A6-4EC6-9C0C-A5424572D9A3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F4D82591-0AD4-4822-924D-21B016B3E775}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysis.exe |
"{F4EC5F6D-6131-4111-BA81-8C2E2743A38D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F539D83D-3E1D-4D31-AC6E-0C6379DF995C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe |
"{F89787C8-0656-4893-BE63-1FFF751A9E8D}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{FA03DA2D-C600-4571-ACB2-0B407B971D6C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FA4EAFEF-6237-44E5-9D7A-5279844F29EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FE8DCF82-B34E-442F-A980-572CDB15B78D}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe |
"{FF25D47E-6838-4DC4-A503-03EAAA967A5C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0566C1BA-0C5E-4834-87F7-EBD7D89CAD51}D:\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=d:\der herr der ringe online\lotroclient.exe |
"TCP Query User{2673D3B3-94FF-40E3-8F1D-CD47E0727F91}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe |
"TCP Query User{28FA41CA-C4ED-4DCD-8DB1-3209B31AC3F4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"TCP Query User{5929217B-929A-4957-8FAF-85108616614E}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{65BAD2FB-823A-43FB-9D2D-93BAAB0D89EB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{6D1FE72D-7AE3-4986-8329-4F26E4E85854}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe |
"TCP Query User{7BC0243E-CACC-4EFA-9F57-D382F9565551}D:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\world of warcraft\repair.exe |
"TCP Query User{8A4DF1F5-BD2B-4D8C-A684-9F50BA2B81B1}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe |
"TCP Query User{99B0D25F-636B-463E-8E0C-2EC73B520DDA}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"TCP Query User{9B013CE1-B8C4-4469-998C-D86598253114}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{9CC1A83C-4494-4BCA-A323-B8EA96493639}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A2F5D4DD-CE8B-4067-9152-3F0F2B9655F2}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{A343CB53-8CBD-41AD-94DD-22C3BEAC7F30}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{A4DE5CA4-C47B-4697-8F78-1B3D76A542F1}D:\codwaw\codwaw.exe" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe |
"TCP Query User{AAA17FA3-E0F9-4278-B378-C88F529359AD}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{B251ED16-B569-4062-A969-5B205EF01768}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{D3CB2227-D97C-4FF4-B713-CECFD1BD2A4E}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{0713CBB8-F1A2-4D9F-93C0-BA842AFB5F91}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe |
"UDP Query User{07806BFD-161B-4127-97F4-629CA3D6A1A1}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{0D9D56FD-AEB7-4156-B5A7-779EC7A62417}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"UDP Query User{22AE314E-35B4-4100-AB0E-EE94B8B0ECD5}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{321DD32A-9037-4743-BBB1-7EC893181C2E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{5794B503-A926-4E94-8AC3-ECC7C3E92484}D:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\world of warcraft\repair.exe |
"UDP Query User{6C551323-66AC-44A4-B000-012DB8C77353}D:\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=d:\der herr der ringe online\lotroclient.exe |
"UDP Query User{75AC708E-A184-409F-A22C-67EA3B0FA954}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{AE0537C2-F154-44E2-B7F1-779C2C730276}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{B69E31A7-9CBC-4A25-AA5C-093C52D70DA4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe |
"UDP Query User{C408DF55-E1A1-42F3-87EA-1716697C8862}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{E0F7B66F-7D9D-47F0-8907-7A80E57DC815}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{EFCAF346-FB00-4513-BAC2-32651F4CBA15}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe |
"UDP Query User{F22CA7D9-1E0E-4247-ABC3-368BC6770747}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{F46D6087-2FA1-4776-B1D9-1E11EFEB801A}D:\codwaw\codwaw.exe" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe |
"UDP Query User{FA403B39-61AE-4573-B5F0-D614CD7D397E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{FB8E9030-4DDF-4208-8B21-EFF253F7592B}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{53480360-C6AA-4E73-A4E3-1C4C915E049F}" = O&O Defrag Professional Edition
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A3C0247-7F29-446D-B418-D17A5256EDA5}" = REWI-Zentrale
"{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{572DB52C-9A8A-4FAB-B84C-DE82C59F86E1}" = REWI-LV
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesignerLPK.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesignerLPK.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_WebDesignerLPK.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0407-0000-0000000FF1CE}" = Microsoft Expression Web MUI (German)
"{90120000-0026-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0032-0407-0000-0000000FF1CE}" = Microsoft Expression Web Language Pack (German)
"{90120000-0032-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B0-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD5C399F-2D43-4EC5-AAF7-D600041EF25C}" = Microsoft Office Outlook SMS Add-in
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Schatten von Angmar v01.04.00.80
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0, build 24
"HijackThis" = HijackThis 2.0.2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Liveupdate4_is1" = Liveupdate4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator 2.2" = Canon MP Navigator 2.2
"PunkBusterSvc" = PunkBuster Services
"Steam App 24960" = Battlefield: Bad Company 2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 0.9.9
"WebDesigner" = Microsoft Expression Web
"WebDesignerLPK.de-de" = Microsoft Expression Web Language Pack - German/Deutsch
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.1.2
"InstallShield_{20BD3140-16AF-4B5F-BCD6-052B6CD11DE6}" = ROUTE 66 Sync
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11.04.2010 07:06:34 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung WMPSideShowGadget.exe, Version 11.0.6001.7000,
Zeitstempel 0x47919dd9, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005,
Zeitstempel 0x49e041d1, Ausnahmecode 0xc000001d, Fehleroffset 0x00000000000176fd,
Prozess-ID
0xec8, Anwendungsstartzeit 01cad9401da6eddb.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 16.04.2010 14:32:54 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 16.04.2010 14:32:55 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 24.04.2010 06:41:36 | Computer Name = Daniel-Spiele | Source = System Restore | ID = 8193
Description =

Error - 25.04.2010 01:05:48 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SilentUpdater.exe, Version 9.0.4030.5, Zeitstempel
0x4b86b7c4, fehlerhaftes Modul rtl120.bpl, Version 6.0.6002.18005, Zeitstempel
0x49e03824, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f04e, Prozess-ID 0x714, Anwendungsstartzeit
01cae434f6972dc2.

Error - 25.04.2010 08:51:55 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung BFBC2Game.exe, Version 1.0.1.0, Zeitstempel
0x4bc75d63, fehlerhaftes Modul atiumdva.dll, Version 8.14.10.247, Zeitstempel 0x4b68ef67,
Ausnahmecode 0xc0000005, Fehleroffset 0x00001675, Prozess-ID 0x1254, Anwendungsstartzeit
01cae467eb8da652.

[ OSession Events ]
Error - 24.12.2008 12:32:34 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 87
seconds with 60 seconds of active time. This session ended with a crash.

Error - 12.01.2009 03:58:42 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 282
seconds with 180 seconds of active time. This session ended with a crash.

Error - 05.05.2009 02:05:12 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 71
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.06.2009 14:59:07 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.12.2009 13:44:26 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 07.05.2010 09:12:43 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 07.05.2010 09:49:05 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 07.05.2010 10:19:06 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 07.05.2010 um 16:16:23 unerwartet heruntergefahren.

Error - 07.05.2010 10:20:48 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 07.05.2010 10:46:36 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 08.05.2010 00:36:35 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 08.05.2010 04:41:47 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =

Error - 08.05.2010 05:18:58 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 08.05.2010 um 11:15:59 unerwartet heruntergefahren.

Error - 08.05.2010 05:26:20 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 08.05.2010 um 11:19:58 unerwartet heruntergefahren.

Error - 08.05.2010 05:28:01 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000
Description =


< End of report >


Danke!