wpbt0.dll - nach GVU Trojaner

========== Files - Modified Within 30 Days ==========

[2013.01.31 19:58:00 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 19:55:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 17:35:10 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 1aa86882-4815-49ac-9277-c482c030ea07.job
[2013.01.31 16:22:04 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 16:22:04 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 16:14:52 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 16:14:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.31 16:14:17 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.31 15:56:20 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.01.31 15:21:28 | 000,000,512 | ---- | M] () -- C:\Users\*****\Desktop\MBR.dat
[2013.01.31 06:45:38 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 291d4281-ed11-4e49-bbff-c42dcccf077f.job
[2013.01.29 18:13:15 | 000,001,034 | ---- | M] () -- C:\windows\SysNative\.crusader
[2013.01.29 17:25:12 | 412,507,637 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013.01.26 15:17:08 | 000,001,016 | ---- | M] () -- C:\Users\*****\Desktop\Dropbox.lnk
[2013.01.14 21:12:19 | 001,617,258 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.14 21:12:19 | 000,695,412 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.01.14 21:12:19 | 000,658,040 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.14 21:12:19 | 000,146,452 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.01.14 21:12:19 | 000,123,034 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.11 06:58:09 | 000,435,224 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.09 13:56:29 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 13:56:29 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.31 15:56:20 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.01.31 15:53:39 | 000,001,110 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 15:53:38 | 000,001,106 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 15:21:28 | 000,000,512 | ---- | C] () -- C:\Users\*****\Desktop\MBR.dat
[2013.01.30 17:35:25 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 291d4281-ed11-4e49-bbff-c42dcccf077f.job
[2013.01.30 17:35:25 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 1aa86882-4815-49ac-9277-c482c030ea07.job
[2013.01.29 18:13:15 | 000,001,034 | ---- | C] () -- C:\windows\SysNative\.crusader
[2013.01.29 17:23:20 | 412,507,637 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012.01.09 19:05:45 | 000,003,584 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 18:50:29 | 000,080,896 | ---- | C] () -- C:\windows\cadkasdeinst01.exe

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
= C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
ThreadingModel = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
= %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
ThreadingModel = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
= C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
ThreadingModel = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
= %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
ThreadingModel = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
= C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
ThreadingModel = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra->Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra->Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra->Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra->Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.4.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0A71D25-1CB2-43AF-8EFC-7A84DB467DC8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- %1 %*
O35:64bit: - HKLM\..exefile [open] -- %1 %*
O35 - HKLM\..comfile [open] -- %1 %*
O35 - HKLM\..exefile [open] -- %1 %*
O37:64bit: - HKLM\...com [@ = comfile] -- %1 %*
O37:64bit: - HKLM\...exe [@ = exefile] -- %1 %*
O37 - HKLM\...com [@ = comfile] -- %1 %*
O37 - HKLM\...exe [@ = exefile] -- %1 %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

OTL Extras logfile created on: 31.01.2013 19:58:49 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,87 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 50,91% Memory free
7,73 Gb Paging File | 5,77 Gb Available in Paging File | 74,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254,14 Gb Total Space | 84,32 Gb Free Space | 33,18% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 21,72 Gb Free Space | 74,92% Space Free | Partition Type: NTFS

Computer Name: Z560 | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- %1 %*
cmdfile [open] -- %1 %*
comfile [open] -- %1 %*
exefile [open] -- %1 %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- C:\Windows\System32\rundll32.exe C:\Windows\System32\ieframe.dll,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- C:\Windows\System32\rundll32.exe C:\Windows\System32\mshtml.dll,PrintHTML %1 (Microsoft Corporation)
piffile [open] -- %1 %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- %1
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- %1 /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue %1 ()
Directory [cmd] -- cmd.exe /s /k pushd %V (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue %1 ()
Directory [Winamp.Bookmark] -- C:\Program Files (x86)\Winamp\winamp.exe /BOOKMARK %1 (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- C:\Program Files (x86)\Winamp\winamp.exe /ADD %1 (Nullsoft, Inc.)
Directory [Winamp.Play] -- C:\Program Files (x86)\Winamp\winamp.exe %1 (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- %1 %*
cmdfile [open] -- %1 %*
comfile [open] -- %1 %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe %1,%* (Microsoft Corporation)
exefile [open] -- %1 %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe %1 (Microsoft Corporation)
piffile [open] -- %1 %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- %1
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- %1 /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue %1 ()
Directory [cmd] -- cmd.exe /s /k pushd %V (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue %1 ()
Directory [Winamp.Bookmark] -- C:\Program Files (x86)\Winamp\winamp.exe /BOOKMARK %1 (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- C:\Program Files (x86)\Winamp\winamp.exe /ADD %1 (Nullsoft, Inc.)
Directory [Winamp.Play] -- C:\Program Files (x86)\Winamp\winamp.exe %1 (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
VistaSp1 = 28 4D B2 76 41 04 CA 01 [binary data]
AntiVirusOverride = 0
AntiSpywareOverride = 0
FirewallOverride = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications = 0
EnableFirewall = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications = 0
EnableFirewall = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
DisableNotifications = 0
EnableFirewall = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
{0C4A804D-1AB4-4186-9996-C5F82E1308CD} = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
{113811A8-8A96-4CA8-825A-97ADEDB92304} = lport=2869 | protocol=6 | dir=in | app=system |
{223D22F3-EAD5-40C5-8471-CD73F8B20BEC} = rport=445 | protocol=6 | dir=out | app=system |
{22BA3776-969F-4970-9470-AF941CC80980} = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
{26717517-68CD-4D12-8CA9-50F931106AD1} = rport=138 | protocol=17 | dir=out | app=system |
{295356A8-DA79-41FA-97FF-95F325085268} = rport=139 | protocol=6 | dir=out | app=system |
{2A755BBE-5320-4764-8279-002DC87693BC} = lport=445 | protocol=6 | dir=in | app=system |
{30821B77-5779-48BE-AE1A-255D32EA228D} = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
{32F09E4E-FC29-4747-8362-DB6F00DDB966} = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
{373907C8-CD5B-4498-B89C-EB7E183B7F5F} = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
{47C9B3D0-FDD3-4DF7-A7BD-32CB4993B400} = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
{50C34347-339F-4004-851C-0B52DCACA9B5} = lport=138 | protocol=17 | dir=in | app=system |
{58918CA5-351C-453D-AB8A-E5EC949DA502} = lport=137 | protocol=17 | dir=in | app=system |
{5A518687-EF35-4CDB-97E0-D4365C95233A} = lport=2869 | protocol=6 | dir=in | app=system |
{5F0F6C50-96F1-43A0-B438-196AB46988CB} = lport=139 | protocol=6 | dir=in | app=system |
{613FD252-0BD4-4856-B5C2-91F225B55C9A} = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
{75FC0AC6-2F65-4F9C-8C9E-A9D7F464307C} = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
{7A85DB09-B04F-4826-802D-016D42864F82} = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
{9B95B1C6-F031-4FB8-A3CE-DB544466B99F} = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
{A29A414E-1063-4767-B234-B5B8E1327EB5} = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
{A381FFDC-0DB9-4707-B80A-FFC7C0D868BA} = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
{B6C9E12A-AE33-4285-861B-62C1CE4284C5} = rport=10243 | protocol=6 | dir=out | app=system |
{F5EC5130-625B-4B22-A949-B0622BF12335} = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
{F640B847-8F4A-4EC6-8614-BD0E9554C556} = lport=10243 | protocol=6 | dir=in | app=system |
{F7825901-DF0B-4E6A-ACFB-33186050AA52} = rport=137 | protocol=17 | dir=out | app=system |
{FE08F8F3-1FAB-4C55-BA6C-95D7E325D07F} = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
{018FB98C-AB0C-4E5B-BF12-EA4B9D03388B} = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
{0B090190-02B1-4105-B62B-F961F60F30C4} = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
{0B38122E-0CF2-4312-A0C0-94026E9B8279} = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
{0CEC6EEE-2514-46D5-BEA1-697F06B28304} = dir=out | app=c:\windows\system32\igrssvcs.exe |
{105F6071-29B4-46C8-A043-1CFE5124F5FF} = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
{134291FC-CFE1-4A81-850C-781BB52D9FF2} = protocol=58 | dir=in | [email protected],-28545 |
{14A9BC83-8DDF-4E64-943A-81952E9140E3} = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
{1930045A-4A04-4F6C-8296-A6BACD2C057D} = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
{1950620A-B22C-4D6A-AE74-31AFB1AEE46B} = protocol=6 | dir=out | app=system |
{2788D115-0BDE-49F0-B2AB-0B67FBF4E31A} = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
{2E35FD0A-FC29-4B17-ADD9-F2492D7259E6} = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{2ED58F9C-1A26-424F-AF61-09EF4A3DCEF4} = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
{2FCCEF87-86C8-4278-BEE7-F2224E158BAD} = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
{34622321-7B67-4F66-9D27-FFB86692BB6D} = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
{3550DD3C-E5AC-45F4-954B-C796EF15DD64} = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{374BFDAD-1DA8-42E8-900A-D0BD76222F06} = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
{38E1B9B4-8F89-465F-BC8B-453D6F074638} = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
{3AA63D2F-A1F9-4CC3-A169-974EC983195C} = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
{431D6E06-3A3C-4B08-9A30-05C9D70005A5} = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{432F8490-29E7-47B7-BF0B-3C29EA39B1D0} = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
{4C097949-FE68-4907-8675-54F201AB460A} = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{4C174B98-A2A7-41B0-AAC4-FD93FA53995F} = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{4D193A26-00BE-4844-8756-69B02DFFE520} = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
{4E2A8968-1881-4B31-984F-A749A9CBC96F} = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
{621AD2E5-1DB0-43C1-8B20-69A8ECEF6085} = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
{65A3ED19-59EC-4512-BE86-691B828E07A2} = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
{6B011DB9-56FB-4B64-8579-AC6B6FDC478E} = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
{6B0D4364-7658-4FBC-8C13-A23554E71CBE} = protocol=58 | dir=out | [email protected],-28546 |
{706D40F7-8EB7-4C0B-81AD-7FFF643F48B6} = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{7124B556-350C-44C6-971C-F01B1D1A03D4} = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
{765E105C-6AE1-4DAA-BE15-33DFC25449F9} = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{81C6DAD3-2C5D-4117-8CB5-AA6498964BB2} = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
{8543656D-DE26-46A0-9AB4-B02B63E7AB08} = dir=in | app=c:\program files\lenovo\readycomm\readycom.exe |
{88847BE9-C8CC-4A4A-A9E5-619812121281} = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
{890AC638-A86D-4DF0-AB7F-391E4BC168EF} = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
{A3A63CAF-2EC1-4F03-B47E-1553537981FE} = protocol=1 | dir=in | [email protected],-28543 |
{A55E5FCA-5486-469C-9834-BC9975CDA8F8} = dir=in | app=c:\windows\system32\igrssvcs.exe |
{B2841182-97FB-45FA-B720-43D847364745} = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
{BB7A92B2-9D0D-47B4-965B-FF376CFBC835} = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{C775ED37-1303-4C0F-8E5D-895655585E4A} = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
{CE87D54E-B7FB-4B73-8C78-6BD0B4115811} = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
{D179AAA9-77D4-4265-9347-EE055CC6E2B2} = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
{D17C7211-900A-4537-9476-C6FBAB38E437} = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
{EED30367-3DB7-4838-86E7-A1CC54BEE943} = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
{F36F059F-C94A-44EF-995C-A24F49958FC3} = protocol=1 | dir=out | [email protected],-28544 |
{F71C8F1D-090D-4E8B-8871-0B8E4BABDD4D} = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
TCP Query User{02A15A23-6C8B-4F23-A4F6-1A0237DA0A6A}C:\program files (x86)\winamp\winamp.exe = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
TCP Query User{82C18CFD-EC5A-43B6-B2F6-228CBF67FFA8}C:\program files (x86)\winamp\winamp.exe = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
UDP Query User{2250E930-C38B-40E1-B96D-6E79517F6443}C:\program files (x86)\winamp\winamp.exe = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
UDP Query User{339EA666-4B61-41B2-A335-143088510E7F}C:\program files (x86)\winamp\winamp.exe = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
{071c9b48-7c32-4621-a0ac-3f809523288f} = Microsoft Visual C++ 2005 Redistributable (x64)
{0E5D76AD-A3FB-48D5-8400-8903B10317D3} = iTunes
{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series = Canon MP560 series MP Drivers
{1280E900-35DA-4E08-A700-B79A5B2B8532} = Microsoft Antimalware Service DE-DE Language Pack
{26A24AE4-039D-4CA4-87B4-2F86416023FF} = Java(TM) 6 Update 23 (64-bit)
{26A24AE4-039D-4CA4-87B4-2F86417004FF} = Java(TM) 7 Update 4 (64-bit)
{46F4D124-20E5-4D12-BE52-EC177A7A4B42} = Lenovo OneKey Recovery
{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} = Bonjour
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} = Microsoft Silverlight
{90140000-002A-0000-1000-0000000FF1CE} = Microsoft Office Office 64-bit Components 2010
{90140000-002A-0407-1000-0000000FF1CE} = Microsoft Office Shared 64-bit MUI (German) 2010
{95120000-00B9-0409-1000-0000000FF1CE} = Microsoft Application Error Reporting
{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD} = Microsoft SQL Server Native Client
{9E9D49A4-1DF4-4138-B7DB-5D87A893088E} = Lenovo Bluetooth with Enhanced Data Rate Software
{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} = Microsoft Visual C++ 2005 Redistributable (x64)
{B636C9B9-A3F2-4DCE-ADCC-72E095018385} = Microsoft SQL Server VSS Writer
{B6E3757B-5E77-3915-866A-CCFC4B8D194C} = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4} = Microsoft Security Client
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} = SUPERAntiSpyware
{D70884EA-E2CE-4539-91DB-4766CC1E5F5F} = Apple Mobile Device Support
{DC911ADF-7B60-40F2-A112-FB1EB6402D07} = Microsoft Security Client DE-DE Language Pack
0A4175B489A1B4A6E07E11B063A6263480C51D71 = Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
3BA80AB4C7E9F8497C115C844953A3D4BEB84D21 = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1 = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
6B8550A319DDC8B17F35F4A89988705E4592349B = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
CNXT_AUDIO_HDA = Conexant HD Audio
Lenovo EasyCamera = Lenovo EasyCamera
Microsoft .NET Framework 4 Client Profile = Microsoft .NET Framework 4 Client Profile
Microsoft Security Client = Microsoft Security Essentials
NVIDIA Drivers = NVIDIA Drivers
SynTPDeinstKey = Synaptics Pointing Device Driver
WinRAR archiver = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
{01FB4998-33C4-4431-85ED-079E3EEFE75D} = CyberLink YouCam
{0CE226F3-EB27-4ECD-BBF5-F088716779FD} = Energy Management
{17542DBF-E17C-4562-BC4D-FA3EF3076C45} = Lenovo ReadyComm 5
{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} = YTD Video Downloader 3.9
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{205C6BDD-7B73-42DE-8505-9A093F35A238} = Windows Live-Uploadtool
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} = MSVCRT
{26A24AE4-039D-4CA4-87B4-2F83216035FF} = Java(TM) 6 Update 37
{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
{2BA722D1-48D1-406E-9123-8AE5431D63EF} = Windows Live Fotogalerie
{3B4E636E-9D65-4D67-BA61-189800823F52} = Windows Live Communications Platform
{3E29EE6C-963A-4aae-86C1-DC237C4A49FC} = Intel(R) Rapid Storage Technology
{3EFEF049-23D4-4B46-8903-4592FEA51018} = Windows Live Movie Maker
{40BF1E83-20EB-11D8-97C5-0009C5020658} = Power2Go
{41E654A9-26D0-4EAC-854B-0FA824FFFABB} = Windows Live Messenger
{4A03706F-666A-4037-7777-5F2748764D10} = Java Auto Updater
{4cb9f93c-9edc-4be9-ae61-af128ddbecfa} = Business Contact Manager für Outlook 2007 SP2
{50120000-1105-0000-0000-0000000FF1CE} = Microsoft Office 2007 Primary Interop Assemblies
{52B97218-98CB-4B8B-9283-D213C85E1AA4} = Windows Live Anmelde-Assistent
{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} = Microsoft SQL Server Setup Support Files (English)
{5FC68772-6D56-41C6-9DF1-24E868198AE6} = Windows Live Call
{65153EA5-8B6E-43B6-857B-C6E4FC25798A} = Intel(R) Management Engine Components
{65DA2EC9-0642-47E9-AAE2-B5267AA14D75} = Activation Assistant for the 2007 Microsoft Office suites
{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} = Microsoft Visual C++ 2005 Redistributable
{76618402-179D-4699-A66B-D351C59436BC} = Windows Live Sync
{76C66170-C538-4E77-B54D-48E136B5B533} = Lenovo ReadyComm 5.0 Service
{770657D0-A123-3C07-8E44-1C83EC895118} = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} = Apple Software Update
{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
{8833FFB6-5B0C-4764-81AA-06DFEED9A476} = Realtek Ethernet Controller Driver For Windows 7
{8991E763-21F5-4DEA-A938-5D9D77DCB488} = Broadcom 802.11 Wireless Driver
{8A74E887-8F0F-4017-AF53-CBA42211AAA5} = Microsoft Sync Framework Runtime Native v1.0 (x86)
{90140000-0011-0000-0000-0000000FF1CE} = Microsoft Office Professional Plus 2010
{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-0015-0407-0000-0000000FF1CE} = Microsoft Office Access MUI (German) 2010
{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-0016-0407-0000-0000000FF1CE} = Microsoft Office Excel MUI (German) 2010
{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-0018-0407-0000-0000000FF1CE} = Microsoft Office PowerPoint MUI (German) 2010
{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-0019-0407-0000-0000000FF1CE} = Microsoft Office Publisher MUI (German) 2010
{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-001A-0407-0000-0000000FF1CE} = Microsoft Office Outlook MUI (German) 2010
{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-001B-0407-0000-0000000FF1CE} = Microsoft Office Word MUI (German) 2010
{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-001F-0407-0000-0000000FF1CE} = Microsoft Office Proof (German) 2010
{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-001F-0409-0000-0000000FF1CE} = Microsoft Office Proof (English) 2010
{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-001F-040C-0000-0000000FF1CE} = Microsoft Office Proof (French) 2010
{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-001F-0410-0000-0000000FF1CE} = Microsoft Office Proof (Italian) 2010
{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-002C-0407-0000-0000000FF1CE} = Microsoft Office Proofing (German) 2010
{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-0044-0407-0000-0000000FF1CE} = Microsoft Office InfoPath MUI (German) 2010
{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-006E-0407-0000-0000000FF1CE} = Microsoft Office Shared MUI (German) 2010
{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-00A1-0407-0000-0000000FF1CE} = Microsoft Office OneNote MUI (German) 2010
{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90140000-00BA-0407-0000-0000000FF1CE} = Microsoft Office Groove MUI (German) 2010
{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601} = Microsoft Office 2010 Service Pack 1 (SP1)
{90A40407-6000-11D3-8CFE-0150048383C9} = Microsoft Office 2003 Web Components
{96AE7E41-E34E-47D0-AC07-1091A8127911} = Realtek USB 2.0 Card Reader
{9BE518E6-ECC6-35A9-88E4-87755C07200F} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
{A617953D-210A-4523-B63B-0E34D5C93A27} = YTD Toolbar v6.7
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} = Google Update Helper
{A939D341-5A04-4E0A-BB55-3E65B386432D} = Microsoft Office Small Business Connectivity Components
{AC76BA86-7AD7-1031-7B44-A90100000001} = Adobe Reader 9.0.1 - Deutsch
{AC76BA86-7AD7-5670-0000-900000000003} = Korean Fonts Support For Adobe Reader 9
{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} = QuickTime
{B2164CCB-C002-4B80-8550-7535D80DF237} = Lenovo DirectShare
{B3DAF54F-DB25-4586-9EF1-96D24BB14088} = Windows Movie Maker 2.6
{B4089055-D468-45A4-A6BA-5A138DD715FC} = Bing Bar
{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} = Microsoft Sync Framework Services Native v1.0 (x86)
{C4D738F7-996A-4C81-B8FA-C4E26D767E41} = Windows Live Mail
{CCE825DB-347A-4004-A186-5F4A6FDD8547} = Apple Application Support
{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E} = Intel(R) Turbo Boost Technology Driver
{DFB19121-0609-49C1-92B1-546E5A940FE8} = Onekey Theater
{E0A4805D-280A-4DD7-9E74-3A5F85E302A1} = Windows Live Writer
{E2DFE069-083E-4631-9B6C-43C48E991DE5} = Junk Mail filter update
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} = Microsoft SQL Server 2005 Compact Edition [ENU]
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} = Microsoft Choice Guard
{F8A9085D-4C7A-41a9-8A77-C8998A96C421} = Intel(R) Control Center
{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F} = Windows Live Essentials
{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D} = Lenovo EasyCamera
Activation Assistant for the 2007 Microsoft Office suites = Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player Plugin = Adobe Flash Player 11 Plugin
AudibleManager = AudibleManager
Avira AntiVir Desktop = Avira Antivirus Premium
Business Contact Manager = Business Contact Manager für Outlook 2007 SP2
Canon MP560 series Benutzerregistrierung = Canon MP560 series Benutzerregistrierung
CanonMyPrinter = Canon Utilities My Printer
CanonSolutionMenu = Canon Utilities Solution Menu
Easy-PhotoPrint EX = Canon Utilities Easy-PhotoPrint EX
ESET Online Scanner = ESET Online Scanner v3
Google Chrome = Google Chrome
InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} = CyberLink YouCam
InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} = Lenovo OneKey Recovery
InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} = Lenovo DirectShare
Malwarebytes' Anti-Malware_is1 = Malwarebytes Anti-Malware Version 1.70.0.1100
McAfee Security Scan = McAfee Security Scan Plus
Microsoft SQL Server 2005 = Microsoft SQL Server 2005
Mozilla Firefox 15.0.1 (x86 de) = Mozilla Firefox 15.0.1 (x86 de)
MozillaMaintenanceService = Mozilla Maintenance Service
MP Navigator EX 3.0 = Canon MP Navigator EX 3.0
Office14.PROPLUS = Microsoft Office Professional Plus 2010
VeriFace = VeriFace
VLC media player = VLC media player 1.1.7
Winamp = Winamp
WinLiveSuite_Wave3 = Windows Live Essentials
XMind = XMind

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
Dropbox = Dropbox
Mozilla Firefox 18.0.1 (x86 de) = Mozilla Firefox 18.0.1 (x86 de)
Winamp Detect = Winamp Erkennungs-Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.03.2012 10:44:22 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11263

Error - 10.03.2012 10:44:22 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11263

Error - 10.03.2012 10:44:23 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10.03.2012 10:44:23 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12262

Error - 10.03.2012 10:44:23 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12262

Error - 10.03.2012 10:44:24 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10.03.2012 17:17:16 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13401

Error - 10.03.2012 17:17:16 | Computer Name = Z560 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13401

Error - 11.03.2012 06:54:12 | Computer Name = Z560 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe. Fehler in Manifest- oder Richtliniendatei
C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture=AMD64,type=win32,version=1.0.0.1.
Definition:
WLMFDS,processorArchitecture=x86,type=win32,version=1.0.0.1. Verwenden Sie
das Programm sxstrace.exe für eine detaillierte Diagnose.

Error - 11.03.2012 06:54:14 | Computer Name = Z560 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe. Fehler in Manifest- oder Richtliniendatei
C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture=AMD64,type=win32,version=1.0.0.1.
Definition:
WLMFDS,processorArchitecture=x86,type=win32,version=1.0.0.1. Verwenden Sie
das Programm sxstrace.exe für eine detaillierte Diagnose.

[ System Events ]
Error - 31.01.2013 10:42:21 | Computer Name = Z560 | Source = Service Control Manager | ID = 7001
Description = Der Dienst Avira Email Schutz ist vom Dienst Avira Echtzeit-Scanner
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 31.01.2013 10:42:21 | Computer Name = Z560 | Source = Service Control Manager | ID = 7001
Description = Der Dienst Avira Browser-Schutz ist vom Dienst Avira Echtzeit-Scanner
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 31.01.2013 10:43:16 | Computer Name = Z560 | Source = DCOM | ID = 10016
Description =

Error - 31.01.2013 10:44:44 | Computer Name = Z560 | Source = Service Control Manager | ID = 7000
Description = Der Dienst ReadyComm.DirectRouter wurde aufgrund folgenden Fehlers
nicht gestartet: %%2

Error - 31.01.2013 11:14:36 | Computer Name = Z560 | Source = Service Control Manager | ID = 7024
Description = Der Dienst Avira Planer wurde mit folgendem dienstspezifischem Fehler
beendet: %%305.

Error - 31.01.2013 11:14:37 | Computer Name = Z560 | Source = Service Control Manager | ID = 7024
Description = Der Dienst Avira Echtzeit-Scanner wurde mit folgendem dienstspezifischem
Fehler beendet: %%303.

Error - 31.01.2013 11:14:45 | Computer Name = Z560 | Source = Service Control Manager | ID = 7001
Description = Der Dienst Avira Email Schutz ist vom Dienst Avira Echtzeit-Scanner
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 31.01.2013 11:14:45 | Computer Name = Z560 | Source = Service Control Manager | ID = 7001
Description = Der Dienst Avira Browser-Schutz ist vom Dienst Avira Echtzeit-Scanner
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 31.01.2013 11:15:42 | Computer Name = Z560 | Source = DCOM | ID = 10016
Description =

Error - 31.01.2013 11:17:01 | Computer Name = Z560 | Source = Service Control Manager | ID = 7000
Description = Der Dienst ReadyComm.DirectRouter wurde aufgrund folgenden Fehlers
nicht gestartet: %%2


< End of report >