adwCleaner S1: Code:
# AdwCleaner v2.101 - Datei am 22/12/2012 um 21:41:53 erstellt
# Aktualisiert am 16/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : +++ - COMPUTER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\+++\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
Datei Gelöscht : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
Datei Gelöscht : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
Datei Gelöscht : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Ordner Gelöscht : C:\Program Files\Common Files\Software Update Utility
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\Users\+++\AppData\Roaming\BrowserCompanion
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Fun Web Products
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyWebSearch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Schlüssel Gelöscht : HKLM\Software\TENCENT
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v17.0.1 (de)
Profilname : default
Datei : C:\Users\+++\AppData\Roaming\Mozilla\Firefox\Profiles\cu07pa9n.default\prefs.js
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://www.searchplusnetwork.com/?sp=vit4&q=");
Profilname : default
Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\7l3ildes.default\prefs.js
Gelöscht : user_pref("browser.search.defaultenginename", "Blekko");
Gelöscht : user_pref("browser.search.selectedEngine", "Blekko");
Gelöscht : user_pref("browser.search.order.1", "Blekko");
Gelöscht : user_pref("keyword.URL", "hxxp://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=EF[...]
-\\ Google Chrome v23.0.1271.97
Datei : C:\Users\+++\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.16] : homepage = "hxxp://www.searchplusnetwork.com/?sp=vit4",
Gelöscht [l.1622] : homepage = "hxxp://www.searchplusnetwork.com/?sp=vit4",
*************************
AdwCleaner[R1].txt - [4039 octets] - [22/12/2012 21:24:30]
AdwCleaner[S1].txt - [3972 octets] - [22/12/2012 21:41:53]
########## EOF - C:\AdwCleaner[S1].txt - [4032 octets] ##########
OTL Log: Code:
OTL logfile created on: 22.12.2012 21:48:31 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\+++\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 57,49% Memory free
5,70 Gb Paging File | 4,52 Gb Available in Paging File | 79,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 11,09 Gb Free Space | 7,70% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 138,30 Gb Free Space | 96,02% Space Free | Partition Type: NTFS
Drive F: | 3,60 Gb Total Space | 1,15 Gb Free Space | 31,90% Space Free | Partition Type: FAT32
Computer Name: COMPUTER | User Name: +++ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\+++Z~1\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Users\+++\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
PRC - C:\Programme\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe (Hewlett-Packard Co.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\CPUCooL\CooLSRV.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\System32\vpnapi.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Programme\Cisco Systems\VPN Client\qt-mt335.dll ()
========== Services (SafeList) ==========
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (CPUCooLServer) -- C:\Programme\CPUCooL\CooLSRV.exe ()
SRV - (LVPrcSrv) -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SBAPIFS) -- C:\Windows\system32\drivers\sbapifs.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (LVPrcMon) -- C:\Windows\system32\drivers\LVPrcMon.sys File not found
DRV - (Lvckap) -- C:\Windows\system32\drivers\Lvckap.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (acsmux) -- C:\Windows\System32\drivers\acsmux.sys (Cisco Systems, Inc.)
DRV - (acsint) -- C:\Windows\System32\drivers\acsint.sys (Cisco Systems, Inc.)
DRV - (Wdfex) -- C:\Windows\System32\drivers\Wdfex.sys ()
DRV - (sffnt) -- C:\Windows\System32\drivers\sffnt.sys ()
DRV - (rmcast2k) -- C:\Windows\System32\drivers\rmcast2k.sys ()
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ntiopnp) -- C:\Windows\System32\drivers\ntiopnp.sys ()
DRV - (ntiomin) -- C:\Windows\System32\drivers\ntiomin.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0109&m=aspire_5737z
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..\SearchScopes\{51B6D262-638E-432C-86B8-CA03F048A5E5}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=A85A0BA9-FA49-47CD-97AD-048580833938&apn_sauid=0F6248E3-C2E5-41F1-9525-18DDC198BDEC
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de___DE317
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..\SearchScopes\{F871EE47-FFD3-4963-95C3-1FC09F196300}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_de___DE317
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://google.de/"
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: dplauncher@digitalpublishing.de:1.1
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..network.proxy.ftp: "localhost"
FF - prefs.js..network.proxy.ftp_port: 8118
FF - prefs.js..network.proxy.gopher: "localhost"
FF - prefs.js..network.proxy.gopher_port: 8118
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.08 00:21:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.22 21:41:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.08 00:21:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.22 21:41:56 | 000,000,000 | ---D | M]
[2009.03.08 21:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\+++\AppData\Roaming\mozilla\Extensions
[2012.10.24 08:10:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\+++\AppData\Roaming\mozilla\Firefox\Profiles\cu07pa9n.default\extensions
[2010.04.28 01:44:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\+++\AppData\Roaming\mozilla\Firefox\Profiles\cu07pa9n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.25 07:39:13 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- C:\Users\+++\AppData\Roaming\mozilla\Firefox\Profiles\cu07pa9n.default\extensions\dplauncher@digitalpublishing.de
[2012.10.18 23:28:28 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\+++\AppData\Roaming\mozilla\firefox\profiles\cu07pa9n.default\extensions\personas@christopher.beard.xpi
[2012.12.08 00:21:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\+++\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CU07PA9N.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012.12.08 00:21:30 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.02 09:18:01 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.29 18:28:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.02 09:18:01 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.02 09:18:01 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.25 15:26:39 | 000,002,134 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml
[2011.10.02 09:18:01 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.02 09:18:01 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\+++ \u00D6zkan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\+++\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\+++\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Mail = C:\Users\+++\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012.12.21 14:29:54 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [AnyConnect SMC] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000..\Run: [HP Officejet 6600 (NET)] C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPUCooL.lnk = C:\Programme\CPUCooL\CPUCooL.exe ()
O4 - Startup: C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-4054983433-4053488496-1776424855-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62ABE513-6C9E-4AD2-B9CF-72CB4A824E38}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.21 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\temp
[2012.12.21 14:32:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.21 14:29:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.20 18:33:46 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\+++\Desktop\tdsskiller.exe
[2012.12.20 18:33:39 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\+++\Desktop\aswMBR.exe
[2012.12.18 20:14:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\+++\Desktop\OTL.exe
[2012.12.12 13:21:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 13:21:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 13:21:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 13:21:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 13:21:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 13:20:58 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 13:20:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 13:20:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 13:17:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.12 13:16:50 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.12 13:16:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.12 13:16:49 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.12 13:16:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.12 13:16:47 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.12 12:59:39 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 12:59:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.12 12:59:37 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 12:59:33 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.12 12:59:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.12 12:59:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.08 00:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\+++\Documents\*.tmp files -> C:\Users\+++\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.22 21:51:23 | 000,676,366 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.22 21:51:23 | 000,633,924 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.22 21:51:23 | 000,147,200 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.22 21:51:23 | 000,118,352 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.22 21:44:16 | 000,135,541 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.12.22 21:44:16 | 000,135,541 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.12.22 21:43:57 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.22 21:43:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 21:43:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 21:43:39 | 320,674,530 | ---- | M] () -- C:\Windows\System32\trkcache.dll
[2012.12.22 21:43:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.22 21:43:28 | 2951,032,832 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.22 21:37:22 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.22 21:21:22 | 000,547,175 | ---- | M] () -- C:\Users\+++\Desktop\adwcleaner.exe
[2012.12.22 19:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.21 14:29:54 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.21 13:48:27 | 000,000,301 | ---- | M] () -- C:\Users\+++\Desktop\ComboFix - Verknüpfung.lnk
[2012.12.20 19:03:27 | 000,192,739 | ---- | M] () -- C:\Users\+++\Desktop\tdss.pdf
[2012.12.20 18:47:01 | 000,000,512 | ---- | M] () -- C:\Users\+++\Desktop\MBR.dat
[2012.12.20 18:32:24 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\+++\Desktop\tdsskiller.exe
[2012.12.20 18:26:14 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\+++\Desktop\aswMBR.exe
[2012.12.18 20:47:20 | 322,391,413 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.18 20:39:54 | 000,302,592 | ---- | M] () -- C:\Users\+++\Desktop\6luezej1.exe
[2012.12.18 20:13:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\+++\Desktop\OTL.exe
[2012.12.18 20:10:36 | 000,000,000 | ---- | M] () -- C:\Users\+++\defogger_reenable
[2012.12.18 17:18:07 | 000,000,894 | ---- | M] () -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012.12.16 17:22:54 | 000,838,141 | ---- | M] () -- C:\Users\+++\Desktop\Scan.jpg
[2012.12.16 17:14:52 | 000,088,955 | ---- | M] () -- C:\Users\+++\Scan.jpg
[2012.12.12 17:56:28 | 000,403,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.12 01:11:47 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 01:11:47 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.09 19:48:59 | 000,295,538 | ---- | M] () -- C:\Users\+++\Desktop\ETICKET_13927_20121207_15545399.PDF
[2012.12.06 00:16:40 | 000,138,524 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012.12.05 23:39:51 | 000,037,888 | ---- | M] () -- C:\Users\+++\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.04 15:47:33 | 000,030,631 | ---- | M] () -- C:\Users\+++\Desktop\klausurplanung_stud_ws_12_133.pdf
[2012.12.01 02:00:15 | 006,138,525 | ---- | M] () -- C:\Users\+++\Desktop\pachisi-4er.jpg
[2012.11.28 01:59:48 | 000,000,000 | -H-- | M] () -- C:\Users\+++\Documents\Default.rdp
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\+++\Documents\*.tmp files -> C:\Users\+++\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.22 21:24:00 | 000,547,175 | ---- | C] () -- C:\Users\+++\Desktop\adwcleaner.exe
[2012.12.22 13:20:47 | 2951,032,832 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.21 13:48:27 | 000,000,301 | ---- | C] () -- C:\Users\+++\Desktop\ComboFix - Verknüpfung.lnk
[2012.12.20 19:03:24 | 000,192,739 | ---- | C] () -- C:\Users\+++\Desktop\tdss.pdf
[2012.12.20 18:47:01 | 000,000,512 | ---- | C] () -- C:\Users\+++\Desktop\MBR.dat
[2012.12.18 20:41:30 | 000,302,592 | ---- | C] () -- C:\Users\+++\Desktop\6luezej1.exe
[2012.12.18 20:10:36 | 000,000,000 | ---- | C] () -- C:\Users\+++\defogger_reenable
[2012.12.18 17:18:07 | 000,000,894 | ---- | C] () -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012.12.16 17:22:52 | 000,838,141 | ---- | C] () -- C:\Users\+++\Desktop\Scan.jpg
[2012.12.16 17:14:51 | 000,088,955 | ---- | C] () -- C:\Users\+++\Scan.jpg
[2012.12.12 13:17:07 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.12 13:17:07 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.09 19:48:58 | 000,295,538 | ---- | C] () -- C:\Users\+++\Desktop\ETICKET_13927_20121207_15545399.PDF
[2012.12.04 15:47:32 | 000,030,631 | ---- | C] () -- C:\Users\+++\Desktop\klausurplanung_stud_ws_12_133.pdf
[2012.12.01 02:00:05 | 006,138,525 | ---- | C] () -- C:\Users\+++\Desktop\pachisi-4er.jpg
[2012.11.28 01:59:48 | 000,000,000 | -H-- | C] () -- C:\Users\+++\Documents\Default.rdp
[2012.10.07 12:38:29 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.10.05 21:26:59 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2012.04.02 22:17:54 | 000,000,080 | ---- | C] () -- C:\Users\+++\AppData\Local\X-Plane Installer.prf
[2012.04.01 00:08:07 | 000,020,480 | ---- | C] () -- C:\Windows\System32\H@tKeysH@@k.DLL
[2011.11.02 13:13:22 | 000,000,000 | ---- | C] () -- C:\Users\+++\AppData\Local\{0335D1C7-885B-46E5-A40A-132A4D3A5B6D}
[2011.09.10 13:09:57 | 000,000,100 | ---- | C] () -- C:\Windows\lexstat.ini
[2011.09.10 13:09:33 | 000,155,648 | ---- | C] () -- C:\Windows\System32\LEXPING.EXE
[2011.09.10 13:09:31 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2011.09.10 13:09:31 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2011.06.10 19:11:27 | 000,000,600 | ---- | C] () -- C:\Users\+++\PUTTY.RND
[2011.05.06 19:41:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.05.06 19:41:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.05.06 19:41:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.05.06 19:41:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.05.06 19:41:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.06.21 15:50:18 | 000,063,488 | ---- | C] () -- C:\Users\+++\AppData\Roaming\chrtmp
[2010.02.28 23:40:48 | 000,017,408 | ---- | C] () -- C:\Users\+++\AppData\Local\WebpageIcons.db
[2010.01.27 17:52:12 | 000,004,956 | ---- | C] () -- C:\ProgramData\esswogwb.bbd
[2010.01.20 15:25:40 | 000,032,337 | ---- | C] () -- C:\Users\+++\AppData\Roaming\UserTile.png
[2010.01.18 16:31:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.26 15:26:11 | 000,007,592 | ---- | C] () -- C:\Users\+++\AppData\Local\d3d9caps.dat
[2009.11.08 21:43:10 | 000,000,297 | -H-- | C] () -- C:\Users\+++\.picasa.ini
[2009.11.06 20:47:03 | 000,037,888 | ---- | C] () -- C:\Users\+++\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.12 19:19:09 | 000,004,264 | ---- | C] () -- C:\Users\+++\AppData\Roaming\wklnhst.dat
[2009.01.18 12:15:38 | 000,135,541 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.18 12:15:27 | 000,135,541 | ---- | C] () -- C:\ProgramData\nvModes.dat
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:C99F6ECA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6152D44C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:2634FC95
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:7E95B6FD
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:8303F807
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:F65733F1
< End of report >
Extras.txt Log: Code:
OTL Extras logfile created on: 22.12.2012 21:48:31 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\+++\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 57,49% Memory free
5,70 Gb Paging File | 4,52 Gb Available in Paging File | 79,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 11,09 Gb Free Space | 7,70% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 138,30 Gb Free Space | 96,02% Space Free | Partition Type: NTFS
Drive F: | 3,60 Gb Total Space | 1,15 Gb Free Space | 31,90% Space Free | Partition Type: FAT32
Computer Name: COMPUTER | User Name: +++ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4054983433-4053488496-1776424855-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{109381CB-5287-43CD-8E65-5AE9AA132CA9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7EBF16AD-A5E0-4B2A-B9D4-3988506B22DE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{A6ADBED8-D28D-4F2A-81CE-5EB09B974C6A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{AD5C894B-5738-4E0D-B1F1-D08107310F7C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BF062D50-8DE5-43F7-A2E3-6C46D31A58AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E4C8FD06-106D-4BC0-8994-A9574C2EDE62}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0623DA36-3FF1-4501-B28D-4F4DAB9046D6}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{0789DA1A-0F7E-4F9D-803D-FC5C262DEB26}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{0BF6AB42-FD69-4766-A8FE-A9448414C1C5}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\devicesetup.exe |
"{0CDC3CE1-8E88-4210-8125-65A1C956DB9F}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{0DCA4DDF-70B3-49B1-855E-72F65022E245}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{1325DB89-3D3A-42B4-8C4E-C64623401029}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{13448D9C-E3BC-4227-831D-8B370ACDBB51}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1650AEAF-C237-47BD-B252-1AD12BE2DBE0}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{178A4EFE-592E-4B27-A89D-4B60D73FD840}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1E6D3831-F687-4C68-8657-45C415FCA54F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{204E6FEE-8C69-4274-8309-398ADAA7393E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{3205B093-8A49-47A7-9DCE-278B5D5FD566}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{328D2496-2B54-4440-99A9-C5F50BD3F2D4}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\hpnetworkcommunicator.exe |
"{345D70FA-8C72-4CAD-A85B-15062DC509E2}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{522BC05F-739A-4383-956D-F115985347A1}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{546884CE-9B63-41D0-9C12-C56D65ECE17C}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{64032F33-C6E3-443E-BBBA-1C8735D937CE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7053158B-C205-43B0-8049-C4E9BC7B6367}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{81D758BF-0451-4E49-9938-389AB7F3D9D5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8F87F181-D213-46B4-B95E-72FC40ACED22}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{94888DEE-4D15-4FC9-8EA6-1F2E7DBBCFD6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9CA04072-D4AE-48F7-B8AA-A1975D8F3B2D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9EED1018-2401-4A19-9E58-67CFA3E04368}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{B0B0F756-D64D-479B-B3C8-F6272DD08D5F}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{B737E5B8-BFC5-4F96-8F01-1660C5D7A5D6}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{BAA57022-F637-4450-9B75-4D742C532244}" = protocol=6 | dir=in | app=c:\program files\cisco systems\vpn client\vpngui.exe |
"{CA105E04-9340-47C0-BE1D-7081708658CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{E1541ADB-00E4-4D0A-8564-B77F1565CACE}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{E1F0F3DA-A0B0-4EB0-B907-67EEBBF5BFC5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{ED52D154-1F60-4CA4-82C3-93F83AD75BD2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F0F57812-A9F8-4284-96F0-7B3132BE2AD6}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{F2D5B411-24B8-46B2-A040-A713BB506B70}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{F3C16E14-FCAE-4FF3-B8DC-BA2FBFB2E428}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F4495F57-DFF4-4344-A307-0806B07785CA}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{FE66AC60-ED48-4008-B2F9-27346C32FAC9}" = protocol=17 | dir=in | app=c:\program files\cisco systems\vpn client\vpngui.exe |
"TCP Query User{0AE476EF-1794-46F2-BFA3-C8789A2B2464}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{8C32645B-D014-4C4B-BCD3-4709E9908241}C:\program files\microsoft games\age of empires ii trial\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii trial\empires2.exe |
"TCP Query User{D49C472A-C10A-4B2D-9906-D19E0CACBB74}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{F22FEA7E-CDF9-489E-90A3-FCA08B2585B0}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{1A34F3E4-3524-464F-A448-B6D68465241F}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{30F2FB40-813B-4E3C-B6E8-418198134FB0}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{CC01E924-7ADA-4F1D-80D7-0587219D08B3}C:\program files\microsoft games\age of empires ii trial\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii trial\empires2.exe |
"UDP Query User{F4456E9D-C07E-43F9-BB52-FE9AF590E86F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E325417-AE9C-4EE1-A158-13DF451A5987}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.9.1
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AFC7E833-668A-4962-9332-54F08C039586}" = Cisco AnyConnect Start Before Login Module
"{B0A92733-C870-415C-A494-DF72C2C58402}" = BlackBerry Device Software Updater
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE09DD64-706D-4975-8034-E561C270D1E5}" = HP Officejet 6600 - Grundlegende Software für das Gerät
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C818BA3A-226F-4ED0-9CEF-96A0DF300211}" = HP Officejet 6600 Hilfe
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{E032556E-5E88-4CD3-8FD8-15832713708F}" = Cisco AnyConnect Secure Mobility Client
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"CPUCooL" = CPUCooL (remove only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Lexmark 1200 Series" = Lexmark 1200 Series
"LManager" = Launch Manager
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TMM70" = TELL ME MORE
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.12.2012 03:16:56 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 03:26:51 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 03:49:33 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 03:57:35 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 03:57:39 | Computer Name = Computer | Source = VSS | ID = 12310
Description =
Error - 20.12.2012 03:57:39 | Computer Name = Computer | Source = VSS | ID = 12298
Description =
Error - 20.12.2012 03:59:45 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 04:01:47 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 09:17:17 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
Error - 20.12.2012 09:20:17 | Computer Name = Computer | Source = VSS | ID = 12289
Description =
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 22.12.2012 16:42:29 | Computer Name = Computer | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.
Error - 22.12.2012 16:43:42 | Computer Name = Computer | Source = acvpnagent | ID = 67108866
Description = Function: Directory::ReadDir File: .\Utility\Directory.cpp Line: 156
Invoked
Function: ::FindNextFile Return Code: 18 (0x00000012) Description: Es sind keine
weiteren Dateien vorhanden.
Error - 22.12.2012 16:43:42 | Computer Name = Computer | Source = acvpnagent | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_fcs0.8682811717\DaVinci_fcs\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 22.12.2012 16:43:42 | Computer Name = Computer | Source = acvpnagent | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_fcs0.8682811717\DaVinci_fcs\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 22.12.2012 16:43:42 | Computer Name = Computer | Source = acvpnagent | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_fcs0.8682811717\DaVinci_fcs\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 22.12.2012 16:44:21 | Computer Name = Computer | Source = acvpnui | ID = 67108866
Description = Function: Directory::ReadDir File: .\Utility\Directory.cpp Line: 156
Invoked
Function: ::FindNextFile Return Code: 18 (0x00000012) Description: Es sind keine
weiteren Dateien vorhanden.
Error - 22.12.2012 16:44:21 | Computer Name = Computer | Source = acvpnui | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_fcs0.8682811717\DaVinci_fcs\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 22.12.2012 16:44:21 | Computer Name = Computer | Source = acvpnui | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_fcs0.8682811717\DaVinci_fcs\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 22.12.2012 16:44:22 | Computer Name = Computer | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4095
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
Daten mehr verfügbar.
Error - 22.12.2012 16:44:24 | Computer Name = Computer | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1025 NULL object. Cannot establish a connection at this time.
[ OSession Events ]
Error - 08.03.2011 06:58:23 | Computer Name = Computer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 06.06.2009 19:03:35 | Computer Name = wonderland-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 212.201.87.247 für die Netzwerkkarte mit der Netzwerkadresse
001EECE040A1 wurde durch den DHCP-Server 129.70.182.24 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 07.06.2009 04:53:33 | Computer Name = wonderland-PC | Source = HTTP | ID = 15016
Description =
Error - 07.06.2009 04:55:12 | Computer Name = wonderland-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.06.2009 08:03:28 | Computer Name = wonderland-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 212.201.87.37 für die Netzwerkkarte mit der Netzwerkadresse
001EECE040A1 wurde durch den DHCP-Server 129.70.182.24 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 07.06.2009 14:23:46 | Computer Name = wonderland-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 212.201.87.128 für die Netzwerkkarte mit der Netzwerkadresse
001EECE040A1 wurde durch den DHCP-Server 129.70.182.24 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 07.06.2009 20:09:04 | Computer Name = wonderland-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 212.201.87.182 für die Netzwerkkarte mit der Netzwerkadresse
001EECE040A1 wurde durch den DHCP-Server 129.70.182.24 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 08.06.2009 02:05:39 | Computer Name = wonderland-PC | Source = HTTP | ID = 15016
Description =
Error - 08.06.2009 02:07:20 | Computer Name = wonderland-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.06.2009 06:00:53 | Computer Name = wonderland-PC | Source = HTTP | ID = 15016
Description =
Error - 08.06.2009 06:02:36 | Computer Name = wonderland-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
Textbox. 