| pkampino | 30.01.2013 21:09 |
Danke, Hier das Ergebnis des otl-scans
OTL Logfile: Code:
OTL logfile created on: 30.01.2013 19:49:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop\TrojanerBoard
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 53,24% Memory free
6,73 Gb Paging File | 5,61 Gb Available in Paging File | 83,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,72 Gb Total Space | 33,23 Gb Free Space | 24,31% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 236,35 Gb Free Space | 79,29% Space Free | Partition Type: NTFS
Drive E: | 161,37 Gb Total Space | 125,43 Gb Free Space | 77,73% Space Free | Partition Type: NTFS
Computer Name: SATURN | User Name: *** | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.28 20:29:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\TrojanerBoard\OTL.exe
PRC - [2012.12.12 10:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Programme\PDF24\pdf24.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.02 20:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.07.03 08:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe
PRC - [2012.02.26 15:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.04 22:09:22 | 000,980,368 | ---- | M] (The Eraser Project) -- C:\Programme\Eraser\Eraser.exe
PRC - [2010.04.13 10:40:20 | 000,110,592 | ---- | M] (Books on Demand) -- C:\Programme\BoD easyPrint\BoDeasyPrint.exe
PRC - [2010.04.13 10:40:20 | 000,028,672 | ---- | M] (Books on Demand) -- C:\Programme\BoD easyPrint\BoDeasyPrint_Monitor.exe
PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfprsrv.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.10 10:05:40 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\0f3b0e826eaa519bd7a3cad3de4fe3f4\Microsoft.VisualBasic.ni.dll
MOD - [2013.01.10 10:01:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.01.10 10:01:24 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013.01.10 10:01:13 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.01.10 10:00:50 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2cbdbc8bb7fcf0d7eb7a8d616e141d79\System.Core.ni.dll
MOD - [2013.01.10 10:00:04 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.01.10 09:59:55 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012.01.08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.12.14 22:51:09 | 000,985,088 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.04.13 10:40:20 | 000,880,128 | ---- | M] () -- C:\Programme\BoD easyPrint\libeay32.dll
MOD - [2010.04.13 10:40:20 | 000,171,520 | ---- | M] () -- C:\Programme\BoD easyPrint\ssleay32.dll
MOD - [2010.04.13 10:40:20 | 000,055,808 | ---- | M] () -- C:\Programme\BoD easyPrint\zlib1.dll
MOD - [2008.02.02 22:08:12 | 001,722,368 | ---- | M] () -- C:\Programme\TUGZip\Plugins\TzArchive10.tgp
MOD - [2007.03.12 22:34:20 | 000,162,304 | ---- | M] () -- C:\Windows\System32\ztvunrar36.dll
MOD - [2007.01.24 17:06:36 | 000,117,248 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\hpzpi4v3.DLL
MOD - [2006.05.14 12:03:54 | 000,655,360 | ---- | M] () -- C:\Programme\TUGZip\TzShell.dll
MOD - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfprsrv.exe
MOD - [2006.05.04 06:58:38 | 001,239,040 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfdialogs100.bpl
MOD - [2006.05.04 06:58:38 | 000,237,056 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\expertpdf4core.bpl
MOD - [2006.05.04 06:58:36 | 003,014,656 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfcore100.bpl
MOD - [2006.05.04 06:58:36 | 001,026,048 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vsvector100.bpl
MOD - [2006.05.04 06:58:36 | 000,230,912 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfeditor100.bpl
MOD - [2006.04.15 06:34:26 | 000,568,320 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\TMSlite100.bpl
MOD - [2006.03.02 20:39:28 | 001,844,224 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\te100.bpl
MOD - [2006.03.02 20:33:18 | 000,444,928 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\VirtualTree100.bpl
MOD - [2006.03.02 20:28:36 | 000,139,776 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\uoolep100.bpl
MOD - [2006.03.02 20:01:50 | 000,071,168 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\VSDesktop100.bpl
MOD - [2006.03.02 19:57:48 | 000,383,488 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\visage100.bpl
MOD - [2006.03.02 19:55:22 | 000,089,088 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vsmisc100.bpl
MOD - [2005.12.26 13:20:52 | 002,098,176 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\PKIECtrl100.bpl
MOD - [2005.02.17 22:15:22 | 000,077,824 | ---- | M] () -- C:\Programme\TUGZip\Plugins\TzImage10.tgp
MOD - [2003.08.22 07:23:16 | 000,225,792 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\sqlite.dll
========== Services (SafeList) ==========
SRV - [2013.01.09 17:20:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Unknown] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Unknown] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Unknown] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Unknown] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.05 09:17:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Unknown] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.02.04 13:10:16 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Unknown] -- C:\Programme\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2010.02.21 00:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.01.12 15:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Disabled | Unknown] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.09.29 16:18:42 | 000,809,736 | ---- | M] (ABBYY) [Disabled | Unknown] -- C:\Programme\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0)
SRV - [2009.04.11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.11.19 19:22:20 | 000,015,872 | ---- | M] () [On_Demand | Unknown] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.11.06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Unknown] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\SMARTVTabletPCx86.sys -- (SMARTVTabletPCx86)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\SMARTVHidMini2000x86.sys -- (SMARTVHidMini2000x86)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\SMARTMouseFilterx86.sys -- (SMARTMouseFilterx86)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Unknown] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.11.19 19:22:36 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2008.06.16 09:31:08 | 000,007,808 | ---- | M] (Secunia) [File_System | On_Demand | Unknown] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2008.05.15 10:15:50 | 000,086,097 | ---- | M] (GMER) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\gmer.sys -- (gmer)
DRV - [2007.11.06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2007.10.11 10:40:00 | 000,022,016 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\MosIrUsb.sys -- (MosIrUsb)
DRV - [2007.02.05 16:10:34 | 001,122,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006.10.30 11:29:36 | 000,201,216 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\G200em.sys -- (G200e)
DRV - [2006.10.01 13:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
DRV - [2006.09.28 04:47:48 | 000,283,776 | ---- | M] (AfaTech ) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2006.06.21 11:36:18 | 000,013,184 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Programme\Softwin\BitDefender Antirootkit\profos.sys -- (Profos)
DRV - [2005.02.23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?barid={DB32BC7C-BA43-11E1-B909-B4C6C954C889}
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\T0rrentBitch\tbT0rr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={DB32BC7C-BA43-11E1-B909-B4C6C954C889}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledAddons: SQLiteManager@mrinalkant.blogspot.com:0.7.7
FF - prefs.js..extensions.enabledAddons: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.9.5.1
FF - prefs.js..extensions.enabledAddons: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.17
FF - prefs.js..extensions.enabledAddons: {9efe12fc-8e7b-41dc-917e-b9341daa31e0}:1.3.4.3
FF - prefs.js..extensions.enabledAddons: inspector@mozilla.org:2.0.13
FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.2.2
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.9
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {9efe12fc-8e7b-41dc-917e-b9341daa31e0}:1.3.4.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}:5.0.13
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.11.12 19:31:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.06 19:35:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.27 12:34:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.27 12:34:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.01.27 12:34:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.27 12:34:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.27 12:34:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.01.27 12:34:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.01.15 16:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.01.15 16:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.11.01 17:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions
[2010.04.27 11:28:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.16 17:44:34 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.12.31 12:43:43 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2011.05.14 15:02:10 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012.09.04 15:04:04 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions\inspector@mozilla.org
[2011.03.28 10:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zzb20yow.default\extensions\nostmp
[2012.11.01 17:45:35 | 002,042,908 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\zzb20yow.default\extensions\firebug@software.joehewitt.com.xpi
[2012.05.23 19:14:51 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\zzb20yow.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
[2012.06.19 20:08:34 | 000,024,955 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\zzb20yow.default\extensions\{9efe12fc-8e7b-41dc-917e-b9341daa31e0}.xpi
[2012.09.22 18:32:50 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\zzb20yow.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2012.04.02 10:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2007.08.20 14:34:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.01.22 19:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2013.01.22 19:14:16 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\updated\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.01.22 19:14:27 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.01.06 19:35:23 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.08.31 09:13:18 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.25 14:48:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.04 18:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2012.06.08 17:05:30 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 09:13:16 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.08 17:05:30 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.08 17:05:30 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.08 17:05:30 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.08 17:05:30 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (T0rrentBitch Toolbar) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\T0rrentBitch\tbT0rr.dll (Conduit Ltd.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (T0rrentBitch Toolbar) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\T0rrentBitch\tbT0rr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (T0rrentBitch Toolbar) - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - C:\Programme\T0rrentBitch\tbT0rr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BoD easyPrint Printing Device] C:\Program Files\BoD easyPrint\BoDeasyPrint_Monitor.exe (Books on Demand)
O4 - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" File not found
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDK Tray Menu.lnk = File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinMySQLadmin.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} hxxp://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06D50BA1-14EE-4456-898A-F5ABCC489FBA}: DhcpNameServer = 192.109.42.41 192.109.42.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06D50BA1-14EE-4456-898A-F5ABCC489FBA}: NameServer = 192.109.42.41,192.109.42.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D98FFC0-BBC6-404A-AECC-37769FC647FB}: DhcpNameServer = 10.16.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8D5FAC3-48B0-46C0-9615-3E77E4C3DCFC}: NameServer = 192.109.42.41,192.109.42.42
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8caaf098-8d07-11dc-9350-001a4b4d5551}\Shell\AutoRun\command - "" = WD_Windows_Tools\setup.exe
O33 - MountPoints2\{b5b31b21-02be-11e1-b7ed-87c188e0398f}\Shell - "" = AutoRun
O33 - MountPoints2\{b5b31b21-02be-11e1-b7ed-87c188e0398f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.30 19:41:16 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\TrojanerBoard
[2013.01.27 12:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.27 12:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.27 12:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.27 12:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.01.27 12:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.01.27 12:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013.01.26 22:16:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Canneverbe Limited
[2013.01.06 19:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.01.06 19:35:40 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.01.06 19:35:13 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.01.06 19:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.01.06 19:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.01.06 19:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.01.06 19:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013.01.02 15:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.30 19:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.30 18:57:59 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.30 18:56:01 | 000,004,176 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.30 18:56:01 | 000,004,176 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.30 16:56:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.30 14:25:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013.01.30 10:58:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.30 10:12:11 | 3488,952,320 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.27 16:16:52 | 095,023,320 | ---- | M] () -- C:\ProgramData\8246062.pad
[2013.01.27 12:43:42 | 000,001,670 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.27 12:33:58 | 000,001,732 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.01.25 19:35:01 | 000,666,848 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.25 19:35:01 | 000,627,038 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.25 19:35:01 | 000,136,334 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.25 19:35:01 | 000,112,354 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.25 19:15:02 | 000,002,734 | ---- | M] () -- C:\ProgramData\8246062.js
[2013.01.22 20:17:01 | 287,554,869 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.22 18:03:50 | 000,002,032 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2013.01.10 09:58:47 | 001,756,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.06 19:35:49 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.06 19:35:39 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.01.06 19:30:57 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.01.02 18:21:08 | 1635,976,192 | ---- | M] () -- C:\Users\***\Desktop\Outlook.bak
[2013.01.02 15:47:41 | 000,001,659 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk
[2013.01.02 15:47:41 | 000,001,644 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.26 22:05:38 | 3488,952,320 | -HS- | C] () -- C:\hiberfil.sys
[2013.01.25 19:15:02 | 000,002,734 | ---- | C] () -- C:\ProgramData\8246062.js
[2013.01.25 19:15:00 | 095,023,320 | ---- | C] () -- C:\ProgramData\8246062.pad
[2013.01.06 19:35:49 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.02 15:47:41 | 000,001,659 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk
[2013.01.02 15:47:41 | 000,001,644 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk
[2012.09.10 20:55:29 | 000,001,048 | ---- | C] () -- C:\Users\***\report1.jrxml
[2011.07.08 14:54:18 | 000,015,259 | ---- | C] () -- C:\Windows\System32\compress.exe
[2011.05.23 17:58:11 | 000,000,057 | ---- | C] () -- C:\Users\***\zu_bul_classes.bat
[2011.04.30 18:23:54 | 000,018,805 | ---- | C] () -- C:\Users\***\sybille.jpg
[2011.04.29 13:10:29 | 000,087,140 | ---- | C] () -- C:\Users\***\Mappe1.pdf
[2011.04.29 11:53:51 | 000,058,680 | ---- | C] () -- C:\Users\***\Figure01_BW.jpg
[2011.02.14 12:22:59 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll
[2011.02.02 17:20:36 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2011.01.02 17:21:47 | 000,000,843 | ---- | C] () -- C:\Users\***\books.xml
[2010.06.16 11:45:01 | 000,000,218 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2010.04.24 09:15:02 | 000,000,022 | ---- | C] () -- C:\Users\***\zu_mysql_bin.bat
[2010.04.24 09:12:38 | 000,000,064 | ---- | C] () -- C:\Users\***\zu_mysql_db_vhskurs.bat
[2010.03.12 19:56:20 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2010.02.20 19:47:03 | 000,000,036 | ---- | C] () -- C:\Users\***\.org.eclipse.epp.usagedata.recording.userId
[2009.09.22 15:57:19 | 000,000,003 | ---- | C] () -- C:\Users\***\tray.pid
[2009.09.21 18:22:56 | 000,000,116 | ---- | C] () -- C:\Users\***\.asadminpass
[2009.09.21 18:22:47 | 000,000,794 | ---- | C] () -- C:\Users\***\.asadmintruststore
[2009.01.15 18:45:54 | 000,077,824 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.03.05 16:03:02 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Local\PUTTY.RND
[2007.11.22 22:27:51 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2007.08.11 14:40:23 | 023,402,288 | ---- | C] ( ) -- C:\Users\***\AdbeRdr810_en_US.exe
[2007.07.19 18:32:20 | 000,001,100 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat
[2007.07.13 16:29:44 | 000,002,032 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 13:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.01.26 22:16:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited
[2008.01.29 11:59:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DeepBurner
[2009.11.27 09:07:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DzSoft
[2011.12.16 13:33:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\eXPert PDF Editor
[2008.04.04 18:37:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileOpen
[2012.12.28 21:34:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2010.06.16 11:24:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2008.02.29 09:52:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IBP18599
[2011.04.29 11:44:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Jpeg Resampler
[2011.11.02 18:32:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\KaDonk
[2012.12.06 20:28:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MySQL
[2013.01.25 12:34:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nitro PDF
[2012.06.22 18:00:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
[2011.12.14 22:55:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2008.04.03 14:48:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OSRAM
[2011.03.12 08:17:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SMART Technologies
[2011.03.12 08:17:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SMART Technologies Inc
[2009.10.20 18:40:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Stellarium
[2010.02.25 20:06:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Subversion
[2010.12.28 16:11:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2010.01.15 16:18:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2012.01.15 02:34:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Webocton - Scriptly
========== Purity Check ==========
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 30.01.2013 19:49:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop\TrojanerBoard
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 53,24% Memory free
6,73 Gb Paging File | 5,61 Gb Available in Paging File | 83,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,72 Gb Total Space | 33,23 Gb Free Space | 24,31% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 236,35 Gb Free Space | 79,29% Space Free | Partition Type: NTFS
Drive E: | 161,37 Gb Total Space | 125,43 Gb Free Space | 77,73% Space Free | Partition Type: NTFS
Computer Name: SATURN | User Name: *** | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = UltraEdit.html] -- "C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe" "%1"
.js [@ = UltraEdit.js] -- "C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe" "%1"
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{35191EE8-2CA9-4593-BA31-28632246C208}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5EC8D42B-6EAA-4DE0-9C7E-CCBEC376C05C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5EF8205C-00BF-44B1-B7C5-703FD3D79A21}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5F7A4D94-CA06-4685-8EB0-A377E15DFE47}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{65A26AAD-30BB-4BE7-9004-46511141EAA2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA4BE73F-9C5F-40A0-9A2D-62A121BA8AE8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8A8B5DA-4300-4766-887E-15EF57C936BC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{CD3F2825-405D-4CF2-8E7A-3D8B69099AA3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F151A762-33B6-4DDF-ACD4-221F136ED842}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{086A75D8-A946-4EBC-950F-60CF5DA2F2A2}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0F47D1E3-539F-430B-9D9A-19D5825E5DD2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{16D7D3BF-D9CF-4448-A111-B1ECC07AC256}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1925CFF7-B3A5-4655-B6CF-731AC203FFD1}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{213290BB-AA97-4EFC-A506-F6507EB909A6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{37E543A1-C2BB-493A-8B2A-493E878154AC}" = protocol=17 | dir=in | app=c:\program files\smart technologies\smart product drivers\ucservice.exe |
"{3B5292B8-66D8-4469-8EED-C8D3A8D3CA7F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3DE045F9-C87E-4697-8741-BEEC88408C7B}" = protocol=17 | dir=in | app=c:\program files\smart technologies\smart product drivers\smartsnmpagent.exe |
"{5255C7BA-B908-47BE-977A-68867FCFA659}" = protocol=17 | dir=in | app=c:\program files\torrentbitch\torrentbitch.exe |
"{5FCFC91F-0BE8-4FC6-8A45-94F3333736A7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{640E3787-3C03-4ACD-AA99-61E945FA1961}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6B86E2F7-666E-470E-95DD-519A3653665E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6DB74172-CDB2-44ED-8593-B51439D3222F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7D83A412-7EA9-4B7B-9195-DFDFC9C8597B}" = protocol=6 | dir=in | app=c:\program files\smart technologies\education software\vantageservice.exe |
"{A5534E85-9261-48E1-8717-04C77EC9D4F1}" = protocol=6 | dir=in | app=c:\program files\torrentbitch\torrentbitch.exe |
"{A7E8142D-DB9F-460D-83A9-E9802C131ED2}" = protocol=6 | dir=in | app=c:\program files\smart technologies\smart product drivers\ucgui.exe |
"{B4ACF2D4-9901-429F-85B5-F01FA8F99EAC}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{C3436C84-57FC-4D80-B287-43F3CB27369D}" = protocol=17 | dir=in | app=c:\program files\smart technologies\smart product drivers\ucgui.exe |
"{CE888278-764C-43F2-BD16-4D0CFD5B88FD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D10F69ED-83A1-47A3-B89A-AEC81715A656}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{D268F066-5E6F-48D2-A048-1A58E4D6A887}" = protocol=6 | dir=in | app=c:\program files\smart technologies\smart product drivers\smartsnmpagent.exe |
"{D99002B4-505C-44A7-A0F1-B811B6751BF5}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{EAD3B270-B339-4BAF-AE1F-CB4EBE7240EB}" = protocol=17 | dir=in | app=c:\program files\smart technologies\education software\vantageservice.exe |
"{EB92C2EE-7B7C-465B-8EE9-E1CF10228734}" = protocol=6 | dir=in | app=c:\program files\smart technologies\smart product drivers\ucservice.exe |
"TCP Query User{0D8C29D5-4086-4BA2-9C18-78E8AC272000}D:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"TCP Query User{12072F46-4799-4E38-8592-6B25B400A050}C:\users\***\appdata\local\temp\java_ee_sdk-5_07-jdk-6u16-windows-ml.exe2\package\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\temp\java_ee_sdk-5_07-jdk-6u16-windows-ml.exe2\package\jre\bin\javaw.exe |
"TCP Query User{221A1EA6-68B8-4A20-9324-9AB6CD978044}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{2B867D9E-C854-4974-B5EA-F82A76B87417}D:\eclipse_all_in_one\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=d:\eclipse_all_in_one\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe |
"TCP Query User{2DB33002-AE49-457B-930B-E9D7F6BFDC49}D:\eclipse_all_in_one\zend-eclipse-php-galileo-sr1-win32-x86\eclipse\eclipse.exe" = protocol=6 | dir=in | app=d:\eclipse_all_in_one\zend-eclipse-php-galileo-sr1-win32-x86\eclipse\eclipse.exe |
"TCP Query User{36DE16DB-6889-4F52-91B0-E91D0F0D3659}D:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"TCP Query User{3EC6D41D-4D43-4566-81A1-A431E648F911}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"TCP Query User{444D5E6B-0093-4CB2-9688-4B0E88F2BDB9}C:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe |
"TCP Query User{46055730-E33D-409E-BB44-9F824CB87D13}D:\inter_in\html_php_editore\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe" = protocol=6 | dir=in | app=d:\inter_in\html_php_editore\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe |
"TCP Query User{4F30FDDA-2544-4D4D-B10E-105B79C8739B}D:\eclipse_php_galileo\eclipse\eclipse.exe" = protocol=6 | dir=in | app=d:\eclipse_php_galileo\eclipse\eclipse.exe |
"TCP Query User{6777681A-8E4A-42A9-B4B6-1580BC995A32}D:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=d:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{71D7CB2F-AE9E-4209-A3DE-0EB5FDE6D45B}C:\inter_in\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\inter_in\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe |
"TCP Query User{896C860E-D22A-4970-AB16-A824E6559C43}D:\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=d:\xampp\mercurymail\mercury.exe |
"TCP Query User{9CE1701D-4FE0-46E0-B47F-435034691AC8}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{9EB4796B-58B2-4261-B97D-3844E529795D}C:\java\jdk1.6.0_24\bin\java.exe" = protocol=6 | dir=in | app=c:\java\jdk1.6.0_24\bin\java.exe |
"TCP Query User{AEB770C8-6FCF-4255-B846-5257DD8F79E8}C:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipsec.exe" = protocol=6 | dir=in | app=c:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipsec.exe |
"TCP Query User{BB7D5F10-0A41-4666-80EA-302808D77FEE}C:\program files\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"TCP Query User{BBBDDE77-982D-4C78-BD53-A7EEE1A9207E}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{CC7DD9A9-6614-4C6B-A38C-4231AC8D536C}D:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=d:\xampp\apache\bin\apache.exe |
"TCP Query User{DE0AF920-44EA-424F-AD87-D410E1A435DF}C:\program files\dzsoft\php editor\dzphped.exe" = protocol=6 | dir=in | app=c:\program files\dzsoft\php editor\dzphped.exe |
"UDP Query User{2C74AF42-5DCD-495D-8103-607948E69C56}D:\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=d:\xampp\mercurymail\mercury.exe |
"UDP Query User{2ECE8037-E2C9-431B-8EB2-78CE66E2017E}C:\users\***\appdata\local\temp\java_ee_sdk-5_07-jdk-6u16-windows-ml.exe2\package\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\java_ee_sdk-5_07-jdk-6u16-windows-ml.exe2\package\jre\bin\javaw.exe |
"UDP Query User{305CE335-E010-4D69-9CA4-E16DE843A0E9}D:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"UDP Query User{32F92040-29B5-4AE3-A583-CD76B3380559}D:\eclipse_php_galileo\eclipse\eclipse.exe" = protocol=17 | dir=in | app=d:\eclipse_php_galileo\eclipse\eclipse.exe |
"UDP Query User{40940D64-D224-4E2A-AF23-E2F62375C05E}C:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe |
"UDP Query User{494FA570-0837-4ED2-8946-D50943A939EA}D:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=d:\xampp\apache\bin\apache.exe |
"UDP Query User{4B2F54C4-485C-4ED7-8FA0-2A14F038DF2C}C:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipsec.exe" = protocol=17 | dir=in | app=c:\inter_in\php_editoren\eclipse\eclipse-php-galileo-sr1-win32\eclipse\eclipsec.exe |
"UDP Query User{55CC745E-1A5A-4665-94A2-79B60DA54238}D:\inter_in\html_php_editore\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe" = protocol=17 | dir=in | app=d:\inter_in\html_php_editore\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe |
"UDP Query User{5B8B2969-6772-4439-A555-FD8281ED861B}C:\java\jdk1.6.0_24\bin\java.exe" = protocol=17 | dir=in | app=c:\java\jdk1.6.0_24\bin\java.exe |
"UDP Query User{64C1D447-A291-4C85-9EBE-0D9CE1EFADBA}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"UDP Query User{6F6A1BBA-4465-4421-9C24-B10133C7D25B}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{79C85FBF-CBBB-4DF7-AFEC-CEE299DB0BC4}C:\program files\dzsoft\php editor\dzphped.exe" = protocol=17 | dir=in | app=c:\program files\dzsoft\php editor\dzphped.exe |
"UDP Query User{9D26D4E9-BE7A-473D-A863-F1BF48ABEC9F}D:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=d:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{B46FA156-0DB5-4144-92FC-E2522E646E60}C:\inter_in\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\inter_in\php_editoren\eclipse\pdt-2.1.0-win32-x86\eclipse\eclipse.exe |
"UDP Query User{BC32C23C-85E9-4296-8BF4-8B8AF0CFFE92}D:\eclipse_all_in_one\zend-eclipse-php-galileo-sr1-win32-x86\eclipse\eclipse.exe" = protocol=17 | dir=in | app=d:\eclipse_all_in_one\zend-eclipse-php-galileo-sr1-win32-x86\eclipse\eclipse.exe |
"UDP Query User{DB6AE46A-DC38-4F07-B2AB-65C66F40A13C}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{E3BD74CF-0FEE-42CF-AFED-39358D6F57E3}C:\program files\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"UDP Query User{E42CE8B1-7165-4FC9-A8F5-531FF9D3F09E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{EE02E6DA-0115-4D43-984E-D1E3FE13EE3C}D:\eclipse_all_in_one\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=d:\eclipse_all_in_one\eclipse-php-galileo-sr1-win32\eclipse\eclipse.exe |
"UDP Query User{F96A0570-6A80-41B2-B644-F92D563A5439}D:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0034E9B7-20C1-4700-815D-DEC1F1181142}_is1" = TorrentBitch 0.3.6.0 Beta
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08139608-C4CD-40C1-B08C-BC9E77293CAE}" = ConceptDraw Project 4
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{32A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24
"{392A74D0-4DFE-49F7-87C3-8A61708F8856}" = Eraser 6.0.8.2273
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415CD877-0970-4CB6-B178-1E72F7DC60E7}" = MyScript HWR (German)
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48963B63-7A10-49D6-8B08-61E6132453D0}" = ViewSonic Monitor Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6E1205BF-25BC-44A5-B10E-34402BFF5D45}" = PHP 5.2.6
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AE8768A-5C84-4EC6-9504-A2D37A8C6E99}" = Nitro PDF Reader
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRJPRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUSR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRJPRO_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUSR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRJPRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUSR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}_PRJPRO_{C8D442F2-CF33-486E-8079-A704A2E80A39}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3DF5B33-FB8B-43FE-A943-A24CF6030F61}" = NETGEAR Print Server Software
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 4
"{A77664F3-63DC-440B-A3A9-8984F18BB9E3}" = LiveProject
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA30010-8E01-11D8-BBDA-0002B308455F}" = BoD easyPrint DE
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B1B669F9-B9FE-486D-924F-D6678FDB0FD5}" = Adobe Setup
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B75932F6-EC0A-4E3A-AA7A-11AAC267B8A3}" = Adobe Creative Suite 3 Design Premium
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEEFF670-EEE6-44CC-A190-289895518E96}" = BUL-Client
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C576C82C-EE87-11D6-B031-0000CB597465}" = A.F.7 Merge your files 1.3
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E21D6DB6-6DAB-3A63-8C09-CB6606D7403B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FC47C7A5-BE63-11D5-B7C9-005004566E4D}" = ViewSonic Windows XP Signed Files
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_dba14d7ef3aa07282d2b5a7a98d902a" = Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen
"avast" = avast! Free Antivirus
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DALI EASY WBT" = DALI EASY WBT 1.0
"Der Schreibtrainer" = Der Schreibtrainer 3.7
"Dia" = Dia (nur entfernen)
"DzSoftPhpEditor_is1" = DzSoft PHP Editor 4.2.4
"ECOS" = ECOS
"ExamGear 2000" = ExamGear 2000
"ExpertDebugger_is1" = Expert Debugger 3.2
"filehippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.5.3
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FreeOCR.net" = FreeOCR.net
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Graph_is1" = Graph 4.3
"HijackThis" = HijackThis 2.0.2
"ImageConverter" = ImageConverter 2.0
"Inkscape" = Inkscape 0.46
"iReport-4.7.0.exe" = iReport 4.7.0
"Matrox Graphics Uninstaller" = Matrox Graphics Software (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"nbi-nb-base-6.8.0.0.0" = NetBeans IDE 6.8
"nbi-nb-base-7.0.0.0.0" = NetBeans IDE 7.0
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PRJPROR" = Microsoft Project Professional 2010
"OpenVPN" = OpenVPN 2.1_rc15
"phase5" = phase5
"PRJPRO" = Microsoft Office Project Professional 2007
"PROPLUSR" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"Secunia PSI (RC3)" = Secunia PSI (RC3)
"SmartTRAK" = SmartTRAK
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Stellarium_is1" = Stellarium 0.10.2
"T0rrentBitch Toolbar" = T0rrentBitch Toolbar
"TeamViewer 5" = TeamViewer 5
"TUGZip_is1" = TUGZip 3.5
"VLC media player" = VLC media player 2.0.1
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.6
"WinPcapInst" = WinPcap 4.0.2
"Wireshark" = Wireshark 1.0.0
"xampp" = XAMPP 1.7.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"Security Task Manager" = Security Task Manager 1.7i
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
--- --- --- |
