GVU / Bundestrojaner auf Win7-PC (Standrechner)

OTL logfile created on: 7/20/2013 2:29:14 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
Drive C: | 100.00 Mb Total Space | 74.35 Mb Free Space | 74.35% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 39.12 Gb Free Space | 4.20% Space Free | Partition Type: NTFS
Drive H: | 1376.16 Gb Total Space | 1101.86 Gb Free Space | 80.07% Space Free | Partition Type: NTFS
Drive I: | 20.00 Gb Total Space | 11.59 Gb Free Space | 57.97% Space Free | Partition Type: NTFS
Drive J: | 7.49 Gb Total Space | 7.47 Gb Free Space | 99.75% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2013/06/11 22:00:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- H:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/07 08:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- H:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/02 07:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- H:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011/10/23 16:07:34 | 000,630,784 | ---- | M] (FileZilla Project) [Auto] -- H:\Program Files\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2011/07/15 11:06:56 | 001,526,592 | ---- | M] (TuneUp Software) [Disabled] -- H:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/07/15 11:01:04 | 000,029,504 | ---- | M] (TuneUp Software) [Auto] -- H:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/09/21 07:33:02 | 004,867,952 | ---- | M] (Wacom Technology, Corp.) [Auto] -- H:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010/09/21 07:33:02 | 000,414,576 | ---- | M] (Wacom Technology, Corp.) [Auto] -- H:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/06/22 20:23:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/08 19:33:48 | 000,172,032 | ---- | M] (AMD) [Auto] -- H:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/02/06 08:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand] -- H:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/02/06 08:23:36 | 000,727,720 | ---- | M] (ESET) [Auto] -- H:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/02/03 09:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto] -- H:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 05:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand] -- H:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/07/24 06:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- H:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/11/10 05:50:32 | 000,299,144 | ---- | M] (EldoS Corporation) [Kernel | System] -- H:\Windows\System32\drivers\cbfs3.sys -- (cbfs3)
DRV - [2011/06/06 10:03:54 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- H:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/09/15 04:13:46 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2010/09/15 04:03:02 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2010/09/15 04:02:58 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010/07/08 01:17:56 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- H:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/01/08 19:54:44 | 005,191,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010/01/08 18:40:42 | 000,125,440 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/11/18 19:25:04 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/07 17:48:14 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- H:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2009/06/04 22:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- H:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009/05/05 05:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- H:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/02/06 08:24:26 | 000,092,800 | ---- | M] (ESET) [Kernel | Auto] -- H:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/02/06 08:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System] -- H:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/02/06 08:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto] -- H:\Windows\System32\drivers\eamon.sys -- (eamon)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Birgit_ON_H\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=OIE9HP
IE - HKU\Birgit_ON_H\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Birgit_ON_H\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Birgit_ON_H\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\User_ON_H\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=OIE9HP
IE - HKU\User_ON_H\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\User_ON_H\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\User_ON_H\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\User_ON_H\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: H:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: H:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: H:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: H:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: H:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 09:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/05/27 05:06:50 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Birgit_ON_H\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\User_ON_H\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] H:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [FileZilla Server Interface] H:\Program Files\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
O4 - HKLM..\Run: [StartCCC] H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\Birgit_ON_H..\Run: [ctfmon32.exe] H:\ProgramData\bgt6z.dat (Microsoft Corporation)
O4 - HKU\User_ON_H..\Run: [MobileDocuments]  File not found
O4 - HKU\Birgit_ON_H..\RunOnce: [FlashPlayerUpdate] H:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe (Adobe Systems Incorporated)
O4 - HKU\LocalService_ON_H..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_H..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: H:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ()
O4 - Startup: H:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - H:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - H:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - H:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - H:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/07/19 07:23:06 | 000,221,184 | ---- | C] (Microsoft Corporation) -- H:\ProgramData\ril4do.dat
[2013/07/19 07:23:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- H:\ProgramData\bgt6z.dat
[2013/07/19 07:23:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- H:\ProgramData\rundll32.exe
[2013/06/29 13:18:18 | 000,000,000 | ---D | C] -- H:\Users\User\Desktop\Silvia Playwork
[2013/06/28 08:28:19 | 000,000,000 | ---D | C] -- H:\Users\User\Desktop\ORDNUNGSARCHIV WOHNUNG
[2013/06/28 08:27:52 | 000,000,000 | ---D | C] -- H:\Users\User\Desktop\Neuer Ordner (10)
[2013/06/25 10:53:53 | 000,000,000 | ---D | C] -- H:\Users\User\Desktop\Bewerbungen Hilfen
[4 H:\Users\User\Desktop\*.tmp files -> H:\Users\User\Desktop\*.tmp -> ]
[1 H:\Windows\*.tmp files -> H:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/19 07:25:10 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2013/07/19 07:24:50 | 095,023,320 | ---- | M] () -- H:\ProgramData\z6tgb.pad
[2013/07/19 07:23:40 | 095,023,320 | ---- | M] () -- H:\ProgramData\od4lir.pad
[2013/07/19 07:00:00 | 000,000,884 | ---- | M] () -- H:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/19 06:31:01 | 000,001,094 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/19 04:13:00 | 000,001,022 | ---- | M] () -- H:\Windows\tasks\Google Software Updater.job
[2013/07/19 00:32:00 | 000,002,284 | ---- | M] () -- H:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
[2013/07/18 15:31:00 | 000,001,090 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/18 14:36:55 | 000,010,096 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/18 14:36:54 | 000,010,096 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/18 14:30:24 | 000,458,392 | ---- | M] () -- H:\Windows\System32\FNTCACHE.DAT
[2013/07/18 14:26:15 | 2615,910,400 | -HS- | M] () -- H:\hiberfil.sys
[2013/07/12 09:27:06 | 000,658,988 | ---- | M] () -- H:\Windows\System32\perfh007.dat
[2013/07/12 09:27:06 | 000,620,174 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2013/07/12 09:27:06 | 000,132,558 | ---- | M] () -- H:\Windows\System32\perfc007.dat
[2013/07/12 09:27:06 | 000,108,356 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2013/07/12 09:16:16 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/07/07 06:43:42 | 000,001,964 | ---- | M] () -- H:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk
[4 H:\Users\User\Desktop\*.tmp files -> H:\Users\User\Desktop\*.tmp -> ]
[1 H:\Windows\*.tmp files -> H:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/19 07:23:16 | 095,023,320 | ---- | C] () -- H:\ProgramData\od4lir.pad
[2013/07/19 07:23:15 | 095,023,320 | ---- | C] () -- H:\ProgramData\z6tgb.pad
[2012/12/27 14:22:08 | 000,000,057 | ---- | C] () -- H:\ProgramData\Ament.ini
[2011/06/24 04:28:55 | 000,252,928 | ---- | C] () -- H:\Windows\System32\DShowRdpFilter.dll
[2011/06/08 17:57:22 | 001,929,576 | ---- | C] () -- H:\Windows\System32\HPScanTRDrv_DJ3050A_J611.dll
[2011/03/02 13:38:48 | 000,188,872 | -H-- | C] () -- H:\Windows\System32\mlfcache.dat
[2010/05/27 05:46:51 | 000,016,384 | ---- | C] () -- H:\Windows\System32\FileOps.exe
[2010/02/09 05:50:48 | 000,120,200 | ---- | C] () -- H:\Windows\System32\DLLDEV32i.dll
[2010/01/26 11:35:17 | 000,000,000 | ---- | C] () -- H:\Windows\ativpsrm.bin
[2010/01/26 11:04:43 | 000,000,021 | ---- | C] () -- H:\Windows\System32\drivers\VERSION.DAT
[2010/01/26 10:48:27 | 000,073,728 | ---- | C] () -- H:\Windows\System32\RtNicProp32.dll
[2009/11/18 11:11:56 | 000,197,624 | ---- | C] () -- H:\Windows\System32\atiicdxx.dat
[2009/10/26 15:06:06 | 000,001,035 | ---- | C] () -- H:\Windows\System32\atipblag.dat
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- H:\Windows\System32\OGACheckControl.DLL
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- H:\Windows\System32\OGAEXEC.exe
[2009/07/14 04:47:43 | 000,658,988 | ---- | C] () -- H:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- H:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,132,558 | ---- | C] () -- H:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- H:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- H:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,458,392 | ---- | C] () -- H:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,620,174 | ---- | C] () -- H:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- H:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,108,356 | ---- | C] () -- H:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- H:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- H:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- H:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- H:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- H:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- H:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- H:\Windows\System32\mlang.dat
[2009/02/18 14:55:20 | 000,294,912 | ---- | C] () -- H:\Windows\System32\ATIODE.exe
[2009/02/03 17:52:02 | 000,045,056 | ---- | C] () -- H:\Windows\System32\ATIODCLI.exe
[2004/01/27 08:13:02 | 000,421,888 | ---- | C] () -- H:\Windows\System32\OpenQuicktimeLib_dec.dll
 
========== LOP Check ==========
 
[2013/06/11 10:16:47 | 000,000,000 | ---D | M] -- H:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010/05/27 04:19:16 | 000,000,000 | -HSD | M] -- H:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Application Data
[2012/06/08 15:21:30 | 000,000,000 | ---D | M] -- H:\ProgramData\boost_interprocess
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Documents
[2010/05/27 04:19:16 | 000,000,000 | -HSD | M] -- H:\ProgramData\Dokumente
[2010/05/27 05:06:49 | 000,000,000 | ---D | M] -- H:\ProgramData\ESET
[2010/05/27 04:19:16 | 000,000,000 | -HSD | M] -- H:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Favorites
[2010/02/09 05:52:35 | 000,000,000 | ---D | M] -- H:\ProgramData\Hofer Foto Service
[2010/02/09 05:52:16 | 000,000,000 | ---D | M] -- H:\ProgramData\MAGIX
[2012/09/28 21:48:27 | 000,000,000 | ---D | M] -- H:\ProgramData\SMP7
[2011/03/13 17:36:05 | 000,000,000 | ---D | M] -- H:\ProgramData\Sony
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Start Menu
[2010/05/27 04:19:16 | 000,000,000 | -HSD | M] -- H:\ProgramData\Startmenü
[2010/01/29 05:54:03 | 000,000,000 | ---D | M] -- H:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Templates
[2011/08/05 15:40:38 | 000,000,000 | ---D | M] -- H:\ProgramData\TuneUp Software
[2010/05/27 04:19:16 | 000,000,000 | -HSD | M] -- H:\ProgramData\Vorlagen
[2011/08/06 11:26:15 | 000,000,000 | ---D | M] -- H:\ProgramData\WindSolutions
[2010/10/30 19:27:49 | 000,000,000 | ---D | M] -- H:\ProgramData\WinZip
[2011/08/05 15:37:38 | 000,000,000 | -HSD | M] -- H:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/07/26 18:55:25 | 000,000,000 | ---D | M] -- H:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/04/25 03:50:14 | 000,032,640 | ---- | M] () -- H:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> H:\Users\User\Desktop\Samuel2(1).avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> H:\Users\User\Desktop\Samuel(1).avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> H:\Users\User\Desktop\Croco Christmas Kurzversion(1).avi:TOC.WMV
< End of report >
         

OTL Extras logfile created on: 7/20/2013 2:29:14 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
Drive C: | 100.00 Mb Total Space | 74.35 Mb Free Space | 74.35% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 39.12 Gb Free Space | 4.20% Space Free | Partition Type: NTFS
Drive H: | 1376.16 Gb Total Space | 1101.86 Gb Free Space | 80.07% Space Free | Partition Type: NTFS
Drive I: | 20.00 Gb Total Space | 11.59 Gb Free Space | 57.97% Space Free | Partition Type: NTFS
Drive J: | 7.49 Gb Total Space | 7.47 Gb Free Space | 99.75% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- H:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- H:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- H:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{10010089-120F-4B71-A245-261A11D234FF}" = Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten
"{1433046A-BAE7-EBC6-4CAE-9A7BD0C3A35D}" = CCC Help Finnish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{25DE52ED-9E51-4C50-AE16-E258836ADF83}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2DC240EA-51B1-4CC4-A0E5-4E4399CD7302}" = Serif PagePlus X4
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4D66F66A-D5FA-15A2-F6E5-5589BD7E29AA}" = Catalyst Control Center InstallProxy
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{54873998-9F2C-4D2F-2CC1-BEE8D9D9FC73}" = ccc-utility
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5E7E074B-B5D0-422B-975C-4F3F80001A87}" = Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6E0E4D61-11EC-11E0-B454-0013D3D69929}" = Vegas Pro 10.0
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77A2EA4C-F1DD-BBA7-F816-BD76EA3C08DF}" = CCC Help French
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hilfe
"{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{88A34D88-1A75-8C9D-A26E-F283436AC0A6}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1969E4-3533-3735-B5DF-82F24164203C}" = CCC Help Japanese
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Hilfe
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C516706-B1CC-EBFC-A0CB-02E1FF5FC0FC}" = CCC Help Danish
"{9D8004FF-B214-18C6-4473-4993230B11D5}" = CCC Help Norwegian
"{9E3C6E9F-26C9-F771-36B5-2065515AA7C2}" = CCC Help Dutch
"{A81FC45F-6431-CFD2-2FEF-B259C3B8DEB4}" = Catalyst Control Center Graphics Light
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACCC042D-A515-F15A-44DC-B8916D269A53}" = Catalyst Control Center Localization All
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA67EF42-DC5C-18EE-5DB4-7EB3987589BC}" = Catalyst Control Center Core Implementation
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BC37B94A-1C40-D769-0E53-157C3FF481C6}" = CCC Help German
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C170B7B5-9720-C191-F5FA-981C3FACAED6}" = CCC Help English
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5346D3C-C9FF-A4FD-FDDB-A36DE137A513}" = CCC Help Italian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CB5167B0-61DF-D5EA-E1C4-438D869D0B4A}" = ccc-core-static
"{CC55FFE0-DF05-413C-B86D-C548FE557A44}" = HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D2592F05-6715-4454-B37C-088EA1F9E20A}" = ESET NOD32 Antivirus
"{D443CF18-21ED-8648-CB98-B338EF0D8A51}" = CCC Help Swedish
"{D8104EB7-EA8D-08D1-9A69-717E2F2E86F9}" = Catalyst Control Center Graphics Full New
"{D8D76911-AA3A-62C8-8E1B-F94A518BD27D}" = Catalyst Control Center Graphics Previews Vista
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EC27B0C8-F3B7-95BD-96B8-A8D8C78A94B8}" = Catalyst Control Center Graphics Full Existing
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F92DBD0E-7769-3E62-3526-45ED37E0A921}" = CCC Help Spanish
"3ivx D4 4.5.1 Decoder" = 3ivx D4 4.5.1 Decoder (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AudibleDownloadManager" = Audible Download Manager
"FileZilla Server" = FileZilla Server
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.0.0.1228
"FTP Voyager_is1" = FTP Voyager 15.2
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hofer Foto Manager Free D" = Hofer Foto Manager Free
"Hofer Foto Service D" = Hofer Foto Service
"Hofer Fotodruck Service" = Hofer Fotodruck Service 4.5
"Hofer Online Druck Service D" = Hofer Online Druck Service
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"Inkscape" = Inkscape 0.48.2
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"MEDION Fotos auf CD & DVD SE Hofer D" = MEDION Fotos auf CD & DVD SE Hofer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MozBackup" = MozBackup 1.4.10
"Pen Tablet Driver" = Bamboo
"Personal Backup 5_is1" = Personal Backup 5.1
"Stop Motion Pro v7 Action! HD Trial Edition_is1" = Stop Motion Pro v7 Action! HD Trial Edition
"The Passage" = The Passage
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\User_ON_H\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"STANLY Track" = STANLY Track
 
< End of report >