OTL Logfile: Code:
OTL logfile created on: 31.05.2012 09:15:49 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\RS\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,21 Gb Available Physical Memory | 77,58% Memory free
16,00 Gb Paging File | 14,01 Gb Available in Paging File | 87,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,51 Gb Total Space | 263,23 Gb Free Space | 70,66% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 465,76 Gb Total Space | 17,65 Gb Free Space | 3,79% Space Free | Partition Type: NTFS
Drive H: | 152,66 Gb Total Space | 144,82 Gb Free Space | 94,87% Space Free | Partition Type: NTFS
Computer Name: RS-PC1TERMINAL | User Name: RS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Users\RS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PC Beschleunigen\PCSUService.exe ()
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Windows\CBTWlanSrv.exe ()
PRC - C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.DEU ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WerSvc) -- C:\Windows\SysNative\wersvc.dll (Microsoft Corporation)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (pr2ah4nc) DiRT Drivers Auto Removal (pr2ah4nc) -- C:\Windows\SysNative\pr2ah4nc.exe (CODEMASTERS)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (SearchAnonymizer) -- C:\Users\RS\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (TuneUp.UtilitiesSvc) -- C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUNEUPUTILITIESSERVICE64.EXE (TuneUp Software)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PCSUService) -- C:\Program Files (x86)\PC Beschleunigen\PCSUService.exe ()
SRV - (NAUpdate) @C:\Program Files (x86) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (CBTWlanSrv) -- C:\Windows\CBTWlanSrv.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (cxbu0x64) -- C:\Windows\SysNative\drivers\cxbu0x64.sys (HID Global Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation)
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\mod7700.sys (DiBcom SA)
DRV:64bit: - (MODRC) -- C:\Windows\SysNative\drivers\modrc.sys (DiBcom S.A.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (fwlanusbn) -- C:\Windows\SysNative\drivers\fwlanusbn.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (azvusb) -- C:\Windows\SysNative\drivers\azvusb.sys (AzureWave Technologies, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (pe3ah4nc) DiRT Environment Driver (pe3ah4nc) -- C:\Windows\SysNative\drivers\pe3ah4nc.sys (CODEMASTERS)
DRV:64bit: - (ps6ah4nc) DiRT Synchronization Driver (ps6ah4nc) -- C:\Windows\SysNative\drivers\ps6ah4nc.sys (CODEMASTERS)
DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.)
DRV:64bit: - (EIO_XP) -- C:\Windows\SysNative\drivers\EIO64_XP.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (TuneUpUtilitiesDrv) -- C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (Cyberlink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1Qzu0B0CtDyDyEtAtD0ByD0AyDtDzz0ByEyCtN0D0TzutBtDtCtBtDyDtBzz&cr=875777936
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0ACC0A1C-402D-1588-A4C3-496683E1FC29}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1Qzu0B0CtDyDyEtAtD0ByD0AyDtDzz0ByEyCtN0D0TzutBtDtCtBtDyDtBzz&cr=875777936
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = Babylon Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D E0 9E 05 95 89 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ecce0073-a837-45a2-95b9-600420505f7e} - No CLSID value found
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1Qzu0B0CtDyDyEtAtD0ByD0AyDtDzz0ByEyCtN0D0TzutBtDtCtBtDyDtBzz&cr=875777936
IE - HKCU\..\SearchScopes\{0ACC0A1C-402D-1588-A4C3-496683E1FC29}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&k=0
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=220512_53all&babsrc=SP_ss&mntrId=8ae98b46000000000000bc05430b5a50
IE - HKCU\..\SearchScopes\{153B2A09-4F89-463A-AB21-96C4DF443499}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com.anonymize-me.de/?anonymto=687474703A2F2F7765627365617263682E61736B2E636F6D2F72656469726563743F636C69656E743D69652674623D4E524F266F3D313031393137267372633D63726D26713D7B7365617263685465726D737D266C6F63616C653D64655F4445&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&k=0
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D314937414446415F6465&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&k=0
IE - HKCU\..\SearchScopes\{70702855-838D-4602-812C-7E697436D21D}: "URL" = hxxp://search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2665693D7574662D382666723D6231696537&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&k=0
IE - HKCU\..\SearchScopes\{7315CAD8-BA08-4B5D-9B06-C0294BDEB3BE}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{7A4E360C-1E4A-41B6-B955-A064DA72F53C}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{9F472711-FBF3-469E-92A9-269888CBE03C}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{BD424A25-99DE-47A4-8C1A-67B2D9FCFB76}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{E423C34F-EC7F-4B20-A1E1-9EFD46010A42}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=311ad0fd-0a7f-4c82-8800-d29b09dbb46a&pid=dvdsoft&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - Extension: FunDial = C:\Users\RS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\1.0.1_0\
CHR - Extension: Funmoods = C:\Users\RS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.5.1_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\RS\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29018606-55C1-4D0E-9E57-BD852701C035}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\nokiasuite.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\pdvdlaunchpolicy.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\powerdvd12.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\nokiasuite.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\pdvdlaunchpolicy.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\powerdvd12.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{57585586-812e-11e0-aefc-001fc6d83c8b}\Shell - "" = AutoRun
O33 - MountPoints2\{57585586-812e-11e0-aefc-001fc6d83c8b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{71e48df7-83d2-11e1-9086-001fc6d83c8b}\Shell - "" = AutoRun
O33 - MountPoints2\{71e48df7-83d2-11e1-9086-001fc6d83c8b}\Shell\AutoRun\command - "" = I:\pushinst.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2012.05.31 09:13:23 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\RS\Desktop\OTL.exe
[2012.05.29 11:46:45 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Local\Cimaware
[2012.05.29 11:13:54 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.05.29 11:13:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.05.29 11:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.05.29 11:12:57 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.29 11:12:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.05.29 10:49:14 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\ShadowExplorer.com - About
[2012.05.28 20:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.05.28 20:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.05.28 20:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.05.28 11:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.05.28 11:41:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.05.28 01:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Mail Recovery
[2012.05.28 01:04:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2012.05.28 00:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly
[2012.05.28 00:28:33 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\GetRightToGo
[2012.05.28 00:04:03 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\YourFileDownloader
[2012.05.27 23:47:56 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Local\za-ass-Software
[2012.05.27 23:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\za-ass-Software
[2012.05.27 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MunSoft
[2012.05.27 21:28:04 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.27 21:27:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.05.27 21:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.05.27 21:26:36 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.05.27 21:26:36 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.05.23 11:22:40 | 000,000,000 | ---D | C] -- C:\Users\RS\Desktop\Insektenhotell
[2012.05.22 12:16:26 | 000,000,000 | ---D | C] -- C:\Users\RS\Documents\scannenmitpowerpoint2007
[2012.05.22 11:46:55 | 000,000,000 | ---D | C] -- C:\Users\RS\Desktop\Kolbe Musik
[2012.05.22 10:06:45 | 000,000,000 | ---D | C] -- C:\Users\RS\Desktop\Basteltips
[2012.05.22 10:05:56 | 000,000,000 | ---D | C] -- C:\Users\RS\Desktop\tyco Arbeitsunfall
[2012.05.16 07:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.05.16 07:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.05.16 07:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.05.14 07:22:54 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.05.14 07:22:45 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.05.14 07:22:42 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.05.14 07:22:42 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.05.08 23:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.05.08 23:36:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.05.08 23:03:24 | 000,000,000 | ---D | C] -- C:\Users\RS\Documents\Nokia Suite
[2012.05.07 15:51:42 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012.05.05 11:02:45 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\Avira
[2012.05.05 11:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.05.05 11:02:22 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.05.05 11:02:22 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.05.05 11:02:22 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.05.05 11:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.05.05 11:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.05.03 21:04:46 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\Malwarebytes
[2012.05.03 21:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.03 21:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.03 20:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.05.03 19:38:19 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Local\Microsoft_Corporation
[2012.05.03 17:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2012.05.03 17:27:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced System Protector
[2012.05.03 17:26:33 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\Systweak
[2012.05.03 17:26:32 | 000,018,816 | ---- | C] (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) -- C:\Windows\SysNative\roboot64.exe
[2012.05.03 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro
[2012.05.03 14:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012.05.03 14:15:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2012.04.22 13:51:40 | 002,152,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFUpdate_01009.dll
[2012.04.15 20:44:55 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.15 20:44:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.15 20:44:54 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.04.15 20:44:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.15 20:44:54 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.15 20:44:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.15 20:44:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.15 20:44:53 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.04.15 20:44:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.15 20:44:53 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.04.15 20:44:53 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.11 20:31:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.04.11 20:31:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.11 20:31:02 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.11 19:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2012.04.11 19:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.04.11 19:58:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.04.11 17:49:58 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Local\MediaShow
[2012.04.11 17:45:51 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Local\MediaServer
[2012.04.11 17:45:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2012.04.11 17:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2012.04.11 17:45:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
[2012.04.11 17:44:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012.04.11 17:15:47 | 000,000,000 | ---D | C] -- C:\Users\RS\MediaEspresso
[2012.04.11 17:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2012.04.11 15:49:07 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\WebApp
[2012.04.11 14:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2012.04.11 14:56:23 | 000,750,440 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPM5412.dll
[2012.04.11 14:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.04.11 14:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012.04.11 14:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2012.04.11 14:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick
[2012.04.11 14:39:34 | 000,714,368 | ---- | C] (AVM GmbH) -- C:\Windows\SysNative\drivers\fwlanusbn.sys
[2012.04.11 14:39:34 | 000,099,328 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\fwusbnci.dll
[2012.04.11 14:39:31 | 000,014,120 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmeject.sys
[2012.04.11 14:39:31 | 000,000,000 | ---D | C] -- C:\Windows\AVM_Driver
[2012.04.11 14:39:29 | 000,000,000 | ---D | C] -- C:\Users\RS\AVM_Driver
[2012.04.11 11:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Funk Software
[2012.04.11 11:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Funk Software
[2012.04.11 10:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.04.10 15:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
[2012.04.10 14:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.04.10 13:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink
[2012.04.10 13:31:40 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\Opera
[2012.04.10 13:31:38 | 000,000,000 | ---D | C] -- C:\Users\RS\AppData\Roaming\OCS
[2012.04.10 12:42:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 9
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2012.05.31 09:13:23 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\RS\Desktop\OTL.exe
[2012.05.31 09:13:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.31 08:23:21 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.31 08:23:21 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.31 08:14:41 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.31 08:14:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.30 20:40:53 | 001,507,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.30 20:40:53 | 000,657,688 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.30 20:40:53 | 000,618,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.30 20:40:53 | 000,131,078 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.30 20:40:53 | 000,107,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.30 20:35:46 | 000,409,089 | ---- | M] () -- C:\Users\RS\Desktop\DHL_Marke_1_TUUQFU2BSA2 Aachen.pdf
[2012.05.30 20:20:37 | 000,113,352 | ---- | M] () -- C:\Users\RS\Documents\Scan0001.~PDF
[2012.05.29 11:13:45 | 000,002,225 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.05.29 11:13:45 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.05.28 20:32:00 | 000,001,274 | ---- | M] () -- C:\Users\RS\Desktop\Spybot - Search & Destroy.lnk
[2012.05.28 00:33:25 | 000,302,425 | ---- | M] () -- C:\Users\RS\AppData\Local\funmoods-speeddial.crx
[2012.05.28 00:33:25 | 000,031,470 | ---- | M] () -- C:\Users\RS\AppData\Local\funmoods.crx
[2012.05.28 00:17:46 | 000,006,060 | ---- | M] () -- C:\user.js
[2012.05.27 21:28:04 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.27 21:28:04 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.27 21:26:10 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.05.27 21:26:10 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.05.27 20:46:49 | 000,000,117 | ---- | M] () -- C:\Windows\SysWow64\decoder_del.2.bat
[2012.05.27 18:41:24 | 000,000,157 | ---- | M] () -- C:\Windows\SysWow64\decoder_del.1.bat
[2012.05.27 18:33:21 | 000,000,163 | ---- | M] () -- C:\Windows\SysWow64\decoder_del.bat
[2012.05.22 12:20:21 | 000,001,356 | ---- | M] () -- C:\Users\RS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2012.05.22 12:15:57 | 000,297,104 | ---- | M] () -- C:\Users\RS\Desktop\scanner.zip
[2012.05.22 11:49:16 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.05.22 09:05:23 | 000,000,188 | ---- | M] () -- C:\Users\RS\defogger_reenable
[2012.05.15 03:36:06 | 000,429,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.09 00:14:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.05.08 23:37:55 | 000,002,101 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.05.08 15:19:13 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.05.08 15:19:13 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.05.08 12:25:47 | 000,003,157 | ---- | M] () -- C:\Users\RS\Desktop\Nero BackItUp.lnk
[2012.05.07 15:51:42 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012.05.04 18:17:11 | 000,000,022 | ---- | M] () -- C:\ProgramData\8f01a90e-7eb3-48d3-93b1-50d88fd146fb
[2012.05.04 18:15:54 | 000,000,017 | ---- | M] () -- C:\Users\RS\AppData\Local\resmon.resmoncfg
[2012.05.04 18:15:15 | 000,000,221 | ---- | M] () -- C:\Users\RS\Desktop\Call of Duty Modern Warfare 2.url
[2012.05.04 18:14:55 | 000,671,384 | ---- | M] () -- C:\Users\RS\Documents\Scan0002.~PDF
[2012.05.04 18:14:55 | 000,026,112 | ---- | M] () -- C:\Users\RS\Documents\Abwesenheitsinformation.oft
[2012.05.04 18:11:51 | 000,088,335 | ---- | M] () -- C:\Users\RS\Wappen_Ellwangen_Jagst.png
[2012.05.04 18:11:51 | 000,047,761 | ---- | M] () -- C:\Users\RS\safe_image.png
[2012.05.04 18:11:51 | 000,002,051 | ---- | M] () -- C:\Users\RS\BW.jpg
[2012.05.04 18:11:51 | 000,001,814 | ---- | M] () -- C:\Users\RS\logo.gif
[2012.05.04 18:11:51 | 000,001,232 | ---- | M] () -- C:\Users\RS\Deutschlandflagge mit Bundesadler.jpg
[2012.04.22 13:51:40 | 002,152,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFUpdate_01009.dll
[2012.04.22 13:51:38 | 000,759,296 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\UMDF\PCCSWpdDriver.dll
[2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012.04.11 19:58:32 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.04.11 17:45:39 | 000,002,204 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012.04.11 17:37:10 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012.04.11 14:56:22 | 000,002,224 | ---- | M] () -- C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
[2012.04.11 14:56:22 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6500 E710n-z.lnk
[2012.04.11 14:56:22 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\HP Officejet 6500 E710n-z Scan.lnk
[2012.04.10 19:11:56 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.04.10 15:17:09 | 000,001,345 | ---- | M] () -- C:\Users\RS\Desktop\Media Center.lnk
[2012.04.10 15:00:31 | 000,000,999 | ---- | M] () -- C:\Users\RS\Desktop\DVD Shrink 3.2.lnk
[2012.04.10 12:42:19 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Audials 9.lnk
[2012.04.05 12:34:28 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.04.04 18:47:24 | 000,227,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.04.04 18:47:08 | 000,772,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.05.30 20:35:27 | 000,409,089 | ---- | C] () -- C:\Users\RS\Desktop\DHL_Marke_1_TUUQFU2BSA2 Aachen.pdf
[2012.05.29 11:13:45 | 000,002,225 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.05.29 11:13:45 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.05.29 11:13:44 | 000,002,217 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.05.28 20:32:00 | 000,001,274 | ---- | C] () -- C:\Users\RS\Desktop\Spybot - Search & Destroy.lnk
[2012.05.28 00:33:30 | 000,302,425 | ---- | C] () -- C:\Users\RS\AppData\Local\funmoods-speeddial.crx
[2012.05.28 00:33:30 | 000,031,470 | ---- | C] () -- C:\Users\RS\AppData\Local\funmoods.crx
[2012.05.27 20:46:47 | 000,000,117 | ---- | C] () -- C:\Windows\SysWow64\decoder_del.2.bat
[2012.05.27 18:41:23 | 000,000,157 | ---- | C] () -- C:\Windows\SysWow64\decoder_del.1.bat
[2012.05.27 18:33:13 | 000,000,163 | ---- | C] () -- C:\Windows\SysWow64\decoder_del.bat
[2012.05.22 12:15:57 | 000,297,104 | ---- | C] () -- C:\Users\RS\Desktop\scanner.zip
[2012.05.22 09:05:23 | 000,000,188 | ---- | C] () -- C:\Users\RS\defogger_reenable
[2012.05.09 00:14:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.05.08 23:37:55 | 000,002,101 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.05.08 12:25:47 | 000,003,157 | ---- | C] () -- C:\Users\RS\Desktop\Nero BackItUp.lnk
[2012.05.04 18:17:11 | 000,000,022 | ---- | C] () -- C:\ProgramData\8f01a90e-7eb3-48d3-93b1-50d88fd146fb
[2012.05.04 18:15:54 | 000,000,017 | ---- | C] () -- C:\Users\RS\AppData\Local\resmon.resmoncfg
[2012.05.04 18:15:15 | 000,000,221 | ---- | C] () -- C:\Users\RS\Desktop\Call of Duty Modern Warfare 2.url
[2012.05.04 18:14:55 | 000,671,384 | ---- | C] () -- C:\Users\RS\Documents\Scan0002.~PDF
[2012.05.04 18:14:55 | 000,113,352 | ---- | C] () -- C:\Users\RS\Documents\Scan0001.~PDF
[2012.05.04 18:14:55 | 000,026,112 | ---- | C] () -- C:\Users\RS\Documents\Abwesenheitsinformation.oft
[2012.05.04 18:11:51 | 000,088,335 | ---- | C] () -- C:\Users\RS\Wappen_Ellwangen_Jagst.png
[2012.05.04 18:11:51 | 000,047,761 | ---- | C] () -- C:\Users\RS\safe_image.png
[2012.05.04 18:11:51 | 000,002,051 | ---- | C] () -- C:\Users\RS\BW.jpg
[2012.05.04 18:11:51 | 000,001,814 | ---- | C] () -- C:\Users\RS\logo.gif
[2012.05.04 18:11:51 | 000,001,232 | ---- | C] () -- C:\Users\RS\Deutschlandflagge mit Bundesadler.jpg
[2012.05.03 17:27:01 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\sasnative64.exe
[2012.04.11 19:58:32 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.04.11 17:45:39 | 000,002,204 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012.04.11 14:56:22 | 000,002,224 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
[2012.04.11 14:56:22 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6500 E710n-z.lnk
[2012.04.11 14:56:22 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet 6500 E710n-z Scan.lnk
[2012.04.11 14:39:35 | 000,013,202 | ---- | C] () -- C:\Windows\instwcli.inf
[2012.04.11 14:39:34 | 000,015,565 | ---- | C] () -- C:\Windows\SysNative\drivers\fwlanusbn.bin
[2012.04.10 15:17:09 | 000,001,345 | ---- | C] () -- C:\Users\RS\Desktop\Media Center.lnk
[2012.04.10 15:00:31 | 000,000,999 | ---- | C] () -- C:\Users\RS\Desktop\DVD Shrink 3.2.lnk
[2012.04.10 12:42:19 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\Audials 9.lnk
[2012.03.19 14:51:02 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011.10.27 15:28:39 | 000,012,800 | ---- | C] () -- C:\Users\RS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.22 18:48:36 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011.01.22 18:48:36 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2010.12.04 18:26:06 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010.11.28 15:05:59 | 000,260,932 | ---- | C] () -- C:\Windows\hpwins20.dat.temp
[2010.11.28 15:05:58 | 000,001,360 | ---- | C] () -- C:\Windows\hpwmdl20.dat.temp
[2010.11.22 00:04:40 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.11.21 22:01:00 | 000,012,054 | R--- | C] () -- C:\Windows\hpwscr20.dat
[2010.11.21 21:25:04 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2010.11.21 20:49:52 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.11.21 19:51:07 | 000,000,239 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2010.11.21 19:48:48 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2010.11.21 18:46:42 | 001,526,700 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.21 17:47:10 | 000,106,496 | ---- | C] () -- C:\Windows\CBTWlanSrv.exe
[2010.11.21 17:47:06 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\acs.exe
[2010.11.20 23:45:58 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.11.20 20:04:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.17 20:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.05.04 10:13:57 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\AD ON Multimedia
[2010.11.21 19:51:07 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\Cherry
[2012.05.04 18:15:43 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\DAEMON Tools Lite
[2012.05.05 10:59:20 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\driveridentifier
[2012.05.28 00:29:50 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\GetRightToGo
[2012.05.05 10:59:20 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\MOBackup
[2012.05.09 00:17:56 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\Nokia
[2012.04.10 13:31:38 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\OCS
[2012.05.04 10:14:00 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\OpenCandy
[2012.04.10 13:31:40 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\Opera
[2012.05.08 23:01:26 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\PC Suite
[2012.05.05 10:59:19 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\PDF Experte 7
[2012.05.05 10:59:19 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\PDF Experte 7 Professional 7
[2011.04.20 12:16:39 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\PriceGong
[2010.11.21 21:16:45 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\RapidSolution
[2012.05.03 17:27:07 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\Systweak
[2011.07.29 13:44:26 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\TeamViewer
[2012.05.29 11:13:32 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\TuneUp Software
[2012.04.11 15:49:07 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\WebApp
[2012.05.29 10:49:14 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\ShadowExplorer.com - About
[2012.05.28 00:04:03 | 000,000,000 | ---D | M] -- C:\Users\RS\AppData\Roaming\YourFileDownloader
[2012.05.20 15:42:58 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 31.05.2012 09:15:49 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\RS\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,21 Gb Available Physical Memory | 77,58% Memory free
16,00 Gb Paging File | 14,01 Gb Available in Paging File | 87,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,51 Gb Total Space | 263,23 Gb Free Space | 70,66% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 465,76 Gb Total Space | 17,65 Gb Free Space | 3,79% Space Free | Partition Type: NTFS
Drive H: | 152,66 Gb Total Space | 144,82 Gb Free Space | 94,87% Space Free | Partition Type: NTFS
Computer Name: RS-PC1TERMINAL | User Name: RS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{095C3635-7554-48B5-B4AC-0FF9DF88A921}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{0D3DEE54-29BE-4500-8F88-A7E5C15A6F12}" = lport=137 | protocol=17 | dir=in | app=system |
"{13B049B6-04A6-4548-99F7-0A60F231981C}" = lport=1900 | protocol=17 | dir=in | name=upnp device discovery (udp 1900) |
"{1E64AC78-8727-4816-AE3B-F14618B51A9C}" = lport=2869 | protocol=6 | dir=in | name=upnp device discovery (tcp 2869) |
"{1EEEE385-1624-4305-B320-22087A6C4EE2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{26486E09-4E5A-4898-B1A1-5A61A7C635C7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{27BF9E75-2675-43D4-8503-99C84900EEA1}" = rport=139 | protocol=6 | dir=out | app=system |
"{29989691-3B92-4C7D-904F-B8B3D5C07A47}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AB2A8D6-23C1-4BB2-A2BB-94244FD622F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CCEDAA6-0242-4217-9F32-3C7B96EBC7A9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2DD3798D-1ACD-440F-9032-7A6EABAA5E1E}" = rport=137 | protocol=17 | dir=out | app=system |
"{33AC9654-CF64-4806-9F5D-2939A1D1461A}" = lport=139 | protocol=6 | dir=in | app=system |
"{33C04EA3-DC47-4615-9A1C-7A8524C55453}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{53B54A8A-0422-43B0-B3F9-A9B4E11B5BD2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57818F3A-834F-4BDA-A528-2074952D17A0}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{57DE27C9-5D90-4F43-9CF2-8EBAE8990886}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62CAFB34-72A1-4296-A46B-A42C898EAF8D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{63A0FBE5-1337-4776-9DC7-28629DBB7A0E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E649934-5621-4787-8287-9DCD197B429E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{70EACCB2-96FB-415B-9B0D-5B59FEE9CFF3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77F19058-BFA4-4074-9776-C4718AB01BB8}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{79870624-4C0B-4258-A42E-A71722A241BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{7FE41D14-F3B3-4F3B-B21C-A25E06B4972A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{87448457-4D21-40C4-B2CF-8ECE36C46D86}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8957D492-D2B2-4B7D-83FC-EAAAB52FF2E4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8B3CF40B-0A37-4651-A6A1-9109B2318163}" = rport=445 | protocol=6 | dir=out | app=system |
"{938EBD58-963E-43A9-87E2-F0CA88F99F13}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{96B12C97-B71F-4A20-B361-16E91AC6C041}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B570023-1495-4940-8E3C-FD4D0EC08E70}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A60F6850-8C28-4410-8A12-E1261ABE5B42}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{B398E632-AA4F-4D15-90C9-A030EB10D826}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B652FA61-61B3-4D82-B7CE-24FF653825A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{B9732959-D8AD-40F4-8BC9-67E35FCDB427}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA3F8555-4C9A-4DAA-9764-CBF1E8159BD3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C47EAD3D-E350-488F-9AD7-CA4BA122889D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C49DFDF1-5450-4A83-AB17-8038506B1716}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C898A906-0385-487A-A95E-08413B317F2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D53C679B-CAA6-4788-96BF-2B200841EB68}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{D6C9C4F2-ECC3-4690-93D4-C517021B9731}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D8520F72-41E0-48A3-8249-BC1C87F86920}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DB45B716-EEF0-4E71-B6D9-4E4AEB15C4D2}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{DC70B3BA-09E9-4F65-AB59-638341F1C16E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4999D36-208D-4B50-BE04-006917E49B7E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F8A43918-1068-4595-93EC-398E7F00EBA8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD490058-051F-4C8E-9050-C6D3595DCE10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FDB88CED-EC99-457F-9616-B0B3FDFFB620}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0537F403-3615-4238-9473-4A3BD8CF765A}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{069780A8-945B-431B-BFB3-F9BCAD3F9385}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{07FE9A02-4148-4BD7-8AFA-4376D0584F06}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{0854BCD8-E2C0-46BA-9213-F6FAE77D56C5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0A16B6C0-D0C2-4C02-AF97-7F2A8640D401}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{0A206DF3-B24C-44BB-B308-6B2FBC2861F5}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{0A5BCD10-3867-4A98-8047-4F9A7E1A55E2}" = protocol=6 | dir=out | app=system |
"{0C248A46-659C-424C-8991-7564B8AEB3F9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{0F948CA1-E625-4D65-84DB-FA289EB2E593}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0FF8147D-2051-4838-81C0-F9527D39602C}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{10EE3379-8B8B-4AAF-AAE7-9AEC5D896BB9}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{110939C9-AB5B-407F-A4B3-AC135FEAFFEB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{16480BE5-ECF5-4C3F-8346-BA1F7EF0AF2F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{181E3626-1C0C-4213-A6EF-D0F540AE03D7}" = dir=in | app=c:\program files (x86)\rapidsolution\audials 9\audials.exe |
"{18F50AED-FC45-4989-9664-F18C83456457}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1A1878AF-2D48-4A18-9749-FE0E2084ACB6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1CD5CB97-9F58-4C3A-A852-8CB7821A98EF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{1F769212-6D02-407B-8EBC-6DAA6193B691}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{235927AA-3FCF-45EA-A2E3-AC3741F2A3F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{241553A3-BEE4-467C-A44E-DA384A47A844}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{267BC45D-16BE-45B2-907D-93B5F7EA64CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D5DD6BD-57D3-4289-8891-C414A5D9F4D2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3052BDCA-B6FB-4AFD-8C32-FA8906F58DF6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{31563D3D-FC0A-4297-BC17-9D0BFE60DFB5}" = dir=in | app=c:\program files (x86)\common files\pctv systems\streamingserver\strmserver.exe |
"{3514DCA9-7206-4F51-85DB-6270EC7B2968}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{38463D22-2378-4613-B0D7-7E0CBF98A7BA}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{3926EE61-5210-4AFB-B90D-3FD90681E0D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{39DC35FA-D32D-40E1-81CF-F34A4B305940}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{3A4D88B5-292E-41D3-889B-17AC2C5B8980}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{3A6C7B42-F385-4648-ADB6-48ADBFC2A188}" = dir=in | app=c:\program files (x86)\common files\pctv systems\pvr\videocontrol.exe |
"{3BF7DCFF-ACD5-4887-9D12-5DFC0DDE9E7F}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{4549C043-9347-4249-96E4-34FC8CADF2A8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{4DCBA270-64D9-4476-A86D-00AE69A45F80}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{4E9CC381-8CB5-4F4A-BC1A-9E1E1E150E17}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{50653E48-5A4D-488B-B0EF-1D5DD69723D6}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{50E4CB21-5571-431B-95E3-E7DC7F430A0C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{5219863E-63C5-425F-AFB7-BA022682D1C5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{52DF4689-DAED-4BB5-9C25-6362DD7E0E0C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{5368A294-8C75-425C-A3E1-869AB3813FC1}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{54DFFB17-B7B8-4AA1-8890-5E2DAD16E6DA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{582A0A46-D51D-4B08-9FC6-6D86988F60A3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{59AB141F-54B5-4E50-B81E-2D561E93BE3A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5A9D1986-BFCC-4AB4-9ACD-52C14ADA2B40}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{5C48E633-D152-4B22-9273-6C67D425255A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5CE65999-53F5-4E55-B28C-DD86A9D636CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{630B1449-3723-42DE-B7BF-19A3FD1CDFA1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{645D87AB-90CC-4CD4-9757-201CFC065D41}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{66D56368-A1C8-4CF1-9F0C-5DD1F4A04F33}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6701CB79-0BC3-4060-8377-B7C9CE157780}" = dir=in | app=c:\windows\ehome\ehrecvr.exe |
"{6AAA3E9C-15BC-4CDB-B89E-A5346E989C4F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6DF6169E-5B98-4933-97F9-8D5BF964811D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6FCB404E-63B0-4444-8E16-F3F638ED0CEC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{7035430C-F33E-48CC-93A0-97064F15DA0B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{715AD1AF-A28F-400B-ADCE-7B35C2596ADE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74638EAE-0A76-41AD-AD29-B5160A82CCEE}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{7AD8B864-C6CE-4286-A5F5-66EC1D687BC8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7AF53B37-90F8-4CFD-AF73-96BAE501D426}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{7D24DBF9-6702-4A0E-A67D-9C15FCC30830}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{81546DB7-A036-42F6-8305-EE8E04CD4C2C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{87D01E7B-9FFB-4658-8DB5-8D4020787986}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{8F09FD2A-BB51-421B-944E-5CC40714675C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9045B192-9429-4608-817D-746426E19FF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{90F0ED00-2FF6-47D6-A3C7-55C8F8F18BED}" = dir=in | app=c:\users\rs\appdata\local\temp\7zs604c\ojj4600_full_13\setup\hpznui40.exe |
"{944FC345-ED1A-458D-91D9-451CD656610F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{949A5630-5746-4251-805E-88C6C411E3D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{9557F186-40C0-49C8-8E5A-0E7F9D37F3DF}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{95D42DCA-B77B-4FCA-A449-0B9DDBDCDC56}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{965A73F8-CC60-4D65-9545-0B95DCC4D261}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{977FFE44-9976-4E18-B9E4-35C22B8E2EE9}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{9E0735E6-8861-4E03-8499-094A89747251}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{A5D488C6-8C95-4289-88BA-C597496112BE}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{AD81C985-7675-42D1-A773-620C76E1E9EC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AE92C26B-6F54-4BAD-B66D-89B974584043}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AF1E8FF6-AD98-4C4C-BBCE-BAF38A25399C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B0F8A133-3543-42E1-819C-B145D977663B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B37B5A74-976C-4635-A0C7-4FEE057B1908}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B535488B-BEEF-4918-A6E6-66D82A085A8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{BBB7EA2E-7430-48B3-A616-222F77D4063D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BFA1646C-3321-45F0-BD4F-A7DAA8A7C5AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C165D25E-5988-40CB-8662-2D1A4E627A31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C254C737-5CE4-4BEF-BBA0-31AC3F28AFEC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{CB658745-1B7D-423C-BE46-568FDFE7B736}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{CE7A4340-C22A-411F-82B4-D65DA11EFC57}" = dir=in | app=c:\program files (x86)\pctv systems\tvcenter\tvcenter.exe |
"{CFB0DF51-1B6D-48CE-8543-9C7160F48EAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D429B465-4D6C-4D5F-9229-95641FED6830}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D52715E9-1815-4986-97B5-D7B5BE7237F3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D8006926-36A2-4D67-9032-5957459A0B40}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{DB28E2FD-3617-4845-A4AA-6475A79A13D3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DCDAAC7A-A3E0-49E4-9A35-070C69F79D8A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E06B1E0F-07BA-47BF-992E-292E3AA35094}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{E4F6E2F5-0DFF-4D98-A38A-3C2B091DED91}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E51E9A38-7E0F-4A4F-94A2-37BDEC14EF3C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E8C252C2-A6C6-431C-84CE-B528392BE529}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{EE8E2B52-C76B-4CD1-AB64-1734493FF208}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F35FE8A9-6ADA-4E82-88DA-9182B3B8FE8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F43211F4-59D6-412C-A568-96652346F34C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F50687D1-5D60-430E-85FC-E2DD893D661E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6AB039D-9A4E-4AFC-9B65-A9AE73580D85}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{F849FF66-7B21-465A-80C5-9414B1A61A59}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{FA63F13E-3A7F-4F63-97F2-078174E3A2EF}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"TCP Query User{735D8C00-B4F1-4A73-BEF1-8E2BEB9D2C2F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{8B3BB1E9-8F1C-4274-BFE0-18123FFBE06C}C:\program files (x86)\codemasters\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt\dirt.exe |
"TCP Query User{B9300405-6296-4D52-A9F5-DF620718D603}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe |
"TCP Query User{E09C2FD7-A6F4-418D-A339-1E66872AF9DE}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"UDP Query User{59B63014-C07D-4ADB-BC1B-E5E850C91C59}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"UDP Query User{BA0A8C2C-5D08-4E01-AFC0-C588B80AE2AB}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe |
"UDP Query User{C332C034-7796-4EAF-BC7D-437420513689}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{E99DC2EA-2688-4826-8128-3A40FD7FD8B6}C:\program files (x86)\codemasters\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt\dirt.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{18F703C3-32EC-4E5C-BC3C-C1BD72D35F5B}" = TVCenter
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{266CCC48-9AA1-404E-A1CB-558E8CC46F69}" = Windows OEM Preinstallation Kit
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AB3FDAEC-7702-3A47-655B-4A34714CBEFA}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF43C18E-693D-4126-B190-8F55E3623D5D}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBB03C04-9E78-6758-94C9-5D128401CFF8}" = WMV9/VC-1 Video Playback
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8C633FD-8719-448F-9A55-F04CFDD53E67}" = Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten
"{E974638C-9F47-48C4-672C-B9C65F2BAD62}" = AMD Drag and Drop Transcoding
"{F3FEB53B-0BD3-F481-A8F9-51BA46466A6A}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"PCSU-SL_is1" = PC Beschleunigen - Vollständige Deinstallation
"SearchAnonymizer" = SearchAnonymizer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0032D29F-7E8F-40E5-AD12-8857AAB0DBFF}" = Catalyst Control Center - Branding
"{034C3647-3240-B744-D10B-637197A1E5B1}" = Catalyst Control Center InstallProxy
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E549A13-2B3D-4633-BA41-DC88C2D6F9A3}" = ProductContext
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Hilfe
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2C440596-FD75-9EA6-5472-B2EDBF5D222B}" = ccc-core-static
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1" = DriverIdentifier 3.9
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}" = Marketsplash Schnellzugriffe
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7ACEE78A-537D-2857-1A64-72198BC4A67D}" = Catalyst Control Center Graphics Previews Vista
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CD82818-18F2-E4D5-A502-9D1F16C8DF9C}" = Catalyst Control Center Graphics Previews Common
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8A76CFCA-4BEC-C88E-3A7B-7CD18E3B86EA}" = CCC Help English
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A2C7C34A-AA73-48AB-9A06-6880F9906640}" = GloboFleet CC Plus
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Movie ThemePack 4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF1EC979-D1D4-11D5-B96B-0050BA1B9371}" = USB Storage Device v1.14e035
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B82157D3-6D31-4650-93B4-FC39BB08D6CE}" = AAVUpdateManager
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DA078193-6951-49D6-9702-0E92B569E182}" = Audials
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Movie ThemePack 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F7DAC756-8358-484B-928C-457F4E0E4B82}" = Cherry Smart Device Package V1.10 Build 4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = PDF Experte 7 Professional
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"7-Zip" = 7-Zip 9.20
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"AVMWLANCLI" = AVM FRITZ!WLAN
"conduitEngine" = Conduit Engine
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Mail Recovery" = Easy Mail Recovery
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"Google Chrome" = Google Chrome
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"McAfee Security Scan" = McAfee Security Scan Plus
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Vollversion)
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Nokia Suite" = Nokia Suite
"Office14.SingleImage" = Microsoft Office Professional 2010
"Router Installationsprogramm und Monitor_is1" = Router Installationsprogramm und Monitor
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.97-9
"xvid" = XviD MPEG-4 Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2647101694.www.pcspeedup.com" = PCSpeedUp
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.11.2011 07:01:02 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 09.11.2011 07:30:52 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 10.11.2011 04:59:52 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 14.11.2011 03:21:07 | Computer Name = RS-PC1Terminal | Source = Windows Backup | ID = 4104
Description =
Error - 16.11.2011 08:58:33 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 21.11.2011 08:46:03 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 22.11.2011 06:59:23 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 25.11.2011 11:17:17 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 28.11.2011 05:14:55 | Computer Name = RS-PC1Terminal | Source = Windows Backup | ID = 4104
Description =
Error - 01.12.2011 04:50:34 | Computer Name = RS-PC1Terminal | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
[ Media Center Events ]
Error - 04.05.2012 19:13:56 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 01:13:56 - Fehler beim Herstellen der Internetverbindung. 01:13:56
- Serververbindung konnte nicht hergestellt werden..
Error - 04.05.2012 20:14:02 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 02:14:02 - Fehler beim Herstellen der Internetverbindung. 02:14:02
- Serververbindung konnte nicht hergestellt werden..
Error - 14.05.2012 17:47:49 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 23:47:49 - Fehler beim Herstellen der Internetverbindung. 23:47:49
- Serververbindung konnte nicht hergestellt werden..
Error - 14.05.2012 18:47:55 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 00:47:55 - Fehler beim Herstellen der Internetverbindung. 00:47:55
- Serververbindung konnte nicht hergestellt werden..
Error - 14.05.2012 19:48:00 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 01:48:00 - Fehler beim Herstellen der Internetverbindung. 01:48:00
- Serververbindung konnte nicht hergestellt werden..
Error - 14.05.2012 20:48:05 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 02:48:05 - Fehler beim Herstellen der Internetverbindung. 02:48:05
- Serververbindung konnte nicht hergestellt werden..
Error - 25.05.2012 17:57:15 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 23:57:15 - Fehler beim Herstellen der Internetverbindung. 23:57:15
- Serververbindung konnte nicht hergestellt werden..
Error - 25.05.2012 18:57:22 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 00:57:22 - Fehler beim Herstellen der Internetverbindung. 00:57:22
- Serververbindung konnte nicht hergestellt werden..
Error - 25.05.2012 19:57:27 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 01:57:27 - Fehler beim Herstellen der Internetverbindung. 01:57:27
- Serververbindung konnte nicht hergestellt werden..
Error - 25.05.2012 20:57:32 | Computer Name = RS-PC1Terminal | Source = MCUpdate | ID = 0
Description = 02:57:32 - Fehler beim Herstellen der Internetverbindung. 02:57:32
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 30.05.2012 14:09:17 | Computer Name = RS-PC1Terminal | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
EIO_XP
Error - 30.05.2012 14:09:54 | Computer Name = RS-PC1Terminal | Source = DCOM | ID = 10016
Description =
Error - 31.05.2012 02:14:33 | Computer Name = RS-PC1Terminal | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 31.05.2012 02:14:33 | Computer Name = RS-PC1Terminal | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 31.05.2012 02:14:34 | Computer Name = RS-PC1Terminal | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 31.05.2012 02:14:34 | Computer Name = RS-PC1Terminal | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 31.05.2012 02:14:36 | Computer Name = RS-PC1Terminal | Source = SCardSvr | ID = 602
Description =
Error - 31.05.2012 02:14:36 | Computer Name = RS-PC1Terminal | Source = SCardSvr | ID = 602
Description =
Error - 31.05.2012 02:15:06 | Computer Name = RS-PC1Terminal | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
EIO_XP
Error - 31.05.2012 02:15:42 | Computer Name = RS-PC1Terminal | Source = DCOM | ID = 10016
Description =
< End of report >
--- --- --- |
