TCBHN vom PC runterschmeißen

Feuerherz96 · 22.06.2013, 19:47

Hallo Leute,

ich habe auch das Problem mit dem TCBHN-Trojaner mit der Windows-Fehlermeldung das die .exe nicht mehr funkioniert und geschlossen werden muss.
Leider habe ich keine Ahnung, wie ich den Virus oder was es auch immer ist, von meinem PC schmeißen kann. Kann mir außerdem jemand sagen, welche Auswirkungen das Ding auf meinen Laptop hat?

Danke, schonmal im Voraus

aharonov · 22.06.2013, 19:49

Hi,

das ist wohl eher Adware als Malware.. Aber schauen wir mal rein:

Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.

Doppelklick auf die OTL.exe.
Unter Extra Registry, wähle bitte Use SafeList.
Setze den Haken bei Scan all Users.
Klicke nun auf Run Scan.
Wenn der Scan beendet ist, werden 2 Logfiles (OTL.txt und Extras.txt) erstellt.
Poste den Inhalt dieser Logfiles hier in den Thread.

Feuerherz96 · 28.06.2013, 15:55

Erstmal danke für die Mühe und die schnelle Bearbeitung

Hier ist der Scan:

Otl Txt:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 28.06.2013 16:04:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\tobias\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19437)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 33,94% Memory free
6,19 Gb Paging File | 4,13 Gb Available in Paging File | 66,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 30,42 Gb Free Space | 10,93% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 6,70 Gb Free Space | 33,90% Space Free | Partition Type: FAT32
 
Computer Name: ENGSCHILIES-LAP | User Name: tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2013.06.07 00:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2013.05.27 10:58:08 | 000,016,176 | ---- | M] () -- C:\Windows\System32\jmdp\stij.exe
PRC - [2013.05.21 15:31:12 | 001,167,152 | ---- | M] () -- C:\Windows\System32\dmwu.exe
PRC - [2013.02.18 12:49:58 | 000,590,848 | ---- | M] (Blabbers Communications Ltd) -- C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
PRC - [2012.12.29 10:26:22 | 001,822,136 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.12.29 10:26:22 | 000,873,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.12.29 03:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2012.12.20 18:23:04 | 000,356,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
PRC - [2012.07.02 11:16:06 | 000,695,448 | ---- | M] () -- C:\Users\tobias\AppData\Roaming\BrowserCompanion\tbhcn.exe
PRC - [2012.05.29 14:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 14:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.02.26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.24 18:16:02 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.28 18:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) -- C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013.06.07 00:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013.05.27 10:58:08 | 000,016,176 | ---- | M] () -- C:\Windows\System32\jmdp\stij.exe
MOD - [2013.05.27 10:56:42 | 000,382,976 | ---- | M] () -- C:\Windows\System32\jmdp\lmrn.dll
MOD - [2013.05.07 03:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2013.02.05 09:25:06 | 000,362,029 | ---- | M] () -- C:\Windows\System32\jmdp\sqlite3.dll
MOD - [2012.12.20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012.09.27 17:28:34 | 000,097,072 | ---- | M] () -- C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
MOD - [2012.07.02 11:16:06 | 000,695,448 | ---- | M] () -- C:\Users\tobias\AppData\Roaming\BrowserCompanion\tbhcn.exe
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2013.06.17 19:07:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.21 15:31:12 | 001,167,152 | ---- | M] () [Auto | Running] -- C:\Windows\System32\dmwu.exe -- (IBUpdaterService)
SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.29 12:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.29 03:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2012.12.20 18:23:04 | 000,356,968 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (avp)
SRV - [2012.10.02 21:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.05.29 14:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 14:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2008.02.28 18:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2012.12.29 12:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.11.02 15:48:50 | 000,589,144 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012.10.18 14:50:48 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2012.09.03 18:23:54 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2012.09.03 17:56:58 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2012.08.13 16:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2012.08.02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2012.07.03 17:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012.06.11 23:23:54 | 000,122,752 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tinspusb.sys -- (USBTINSP)
DRV - [2012.05.08 16:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.06.02 14:39:44 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\CSCrySec.sys -- (CSCrySec)
DRV - [2011.06.02 14:39:44 | 000,039,736 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.11.16 15:46:12 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2009.09.16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2009.03.25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009.03.25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009.03.25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009.03.25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009.03.25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.01.19 20:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.08.28 14:27:57 | 000,066,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FPWinIo.sys -- (FPWinIo)
DRV - [2008.08.28 14:27:45 | 000,026,920 | ---- | M] (LTT) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor)
DRV - [2008.07.10 11:12:56 | 001,753,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008.04.28 06:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.01.21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.07.31 11:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2004.01.26 17:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.01.26 17:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2001.05.07 12:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf_.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = 
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.computerbild.de/ie8/start
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.de/ [binary data]
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=66022
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchplusnetwork.com/?sp=vit4
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf_.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\URLSearchHook: {e84cc2c1-b722-48fc-a39c-edb8b525c777} - No CLSID value found
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = 
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109989&babsrc=SP_ss&mntrId=b2971a310000000000000015affb74fc
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=66022
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{94C67F7F-8989-4F5D-A637-7BB62C582995}: "URL" = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\SearchScopes\{CE49690E-D356-4DB8-8D48-F4B198AE844C}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102875&src=crm&q={searchTerms}&locale=&apn_ptnrs=6F&apn_dtid=YYYYYYYYDE&apn_uid=6c55ece1-82d9-4a86-a15c-754f22286a9c&apn_sauid=0928D6F2-08F8-4C0B-9997-7DC2D2C094C9
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1725657719-504870212-71648708-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\tobias\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\tobias\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.15 18:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013.04.10 19:09:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013.04.10 19:09:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013.04.10 19:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013.04.10 19:08:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013.04.10 19:08:55 | 000,000,000 | ---D | M]
 
[2012.12.01 16:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.11.05 19:32:57 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.01.07 13:58:13 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.03.04 15:41:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.29 16:34:55 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2007.07.26 14:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.searchplusnetwork.com/?sp=vit4
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\tobias\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin:  (Enabled) = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.1.288_1\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\tobias\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0\
CHR - Extension: Angry Birds = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Ginyas Browser Companion = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Ginyas Browser Companions = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\
CHR - Extension: SciLor's Grooveshark(tm) Unlocker = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob\0.3.3_0\
CHR - Extension: Safe Money = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: Isoball 3 = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: Mercedes SLS AMG Theme (1920x1080) = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlejmcndfcallcmbbcdhbgmdakfkdbho\1_0\
CHR - Extension: Fruit Ninja = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mohoejngfjbgbahhkdnedopomihknphj\1.3.2_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Anti-Banner = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0\
CHR - Extension: Angry Birds = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Ginyas Browser Companion = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Ginyas Browser Companions = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\
CHR - Extension: SciLor's Grooveshark(tm) Unlocker = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob\0.3.3_0\
CHR - Extension: Safe Money = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: Isoball 3 = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: Mercedes SLS AMG Theme (1920x1080) = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlejmcndfcallcmbbcdhbgmdakfkdbho\1_0\
CHR - Extension: Fruit Ninja = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mohoejngfjbgbahhkdnedopomihknphj\1.3.2_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Anti-Banner = C:\Users\tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Ginyas Browser Companion) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O2 - BHO: (Ginyas Browser Companion) - {2d8c4843-765f-4827-bafa-8c318284e4d8} - C:\Program Files\GinyasBrowserCompanions\jsloader.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Elf 1.12 Toolbar) - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf_.dll (Conduit Ltd.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll (Blabbers Communications Ltd)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Elf 1.12 Toolbar) - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\Toolbar\WebBrowser: (Elf 1.12 Toolbar) - {38542454-DFB6-44F5-B052-D4E071A3D073} - C:\Program Files\Elf_1.12\prxtbElf_.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1725657719-504870212-71648708-1001\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1725657719-504870212-71648708-1001..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\tobias\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Download Video - hxxp://www.viloader.net/addon.htm File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.10.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB88A1F5-C5BC-44B1-885B-E3793D634AB9}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C89345ED-110A-4140-8997-576A83E2F234}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D703E242-8C12-4B4D-80A4-39A1AD026B30}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1725657719-504870212-71648708-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\tobias\nina hintergrundbilder\Skyrim3.jpg
O24 - Desktop BackupWallPaper: C:\Users\tobias\nina hintergrundbilder\Skyrim3.jpg
O27 - HKLM IFEO\googleupdater.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\tunngle.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uimain.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\youcam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{0868de95-97d5-11de-b20b-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{0868de95-97d5-11de-b20b-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0868deba-97d5-11de-b20b-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{0868deba-97d5-11de-b20b-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{50c81b19-9ab9-11de-83c3-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{50c81b19-9ab9-11de-83c3-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{50c81b3e-9ab9-11de-83c3-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{50c81b3e-9ab9-11de-83c3-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{50c93529-9560-11de-836e-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{50c93529-9560-11de-836e-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{50c93564-9560-11de-836e-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{50c93564-9560-11de-836e-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{66e68464-fb74-11dd-861f-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{66e68464-fb74-11dd-861f-0015affb74fc}\Shell\AutoRun\command - "" = G:\setup.exe AUTORUN=1
O33 - MountPoints2\{8de15c9a-0a8a-11e0-9e3e-0015affb74fc}\Shell\AutoRun\command - "" = G:\start.bat
O33 - MountPoints2\{8e2ec238-9562-11de-8a05-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{8e2ec238-9562-11de-8a05-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8e2ec25f-9562-11de-8a05-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{8e2ec25f-9562-11de-8a05-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b9af28ac-dfff-11de-a0cc-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{b9af28ac-dfff-11de-a0cc-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b9af28af-dfff-11de-a0cc-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{b9af28af-dfff-11de-a0cc-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d5b6c822-e007-11de-9d47-001f160a458b}\Shell - "" = AutoRun
O33 - MountPoints2\{d5b6c822-e007-11de-9d47-001f160a458b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d5b6c825-e007-11de-9d47-001f160a458b}\Shell - "" = AutoRun
O33 - MountPoints2\{d5b6c825-e007-11de-9d47-001f160a458b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{eddfd417-97d3-11de-a8fd-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{eddfd417-97d3-11de-a8fd-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{eddfd453-97d3-11de-a8fd-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{eddfd453-97d3-11de-a8fd-0015affb74fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f4bcd5a3-8e61-11df-b12c-0015affb74fc}\Shell - "" = AutoRun
O33 - MountPoints2\{f4bcd5a3-8e61-11df-b12c-0015affb74fc}\Shell\AutoRun\command - "" = G:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 360 Days ==========
 
[2013.06.28 16:01:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tobias\Desktop\OTL.exe
[2013.06.17 17:53:41 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.06.17 17:53:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.06.17 17:53:26 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.06.17 17:53:26 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.06.17 17:53:25 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013.06.17 17:53:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.06.17 17:53:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.06.17 17:53:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.06.17 17:53:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.06.17 17:53:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.06.17 17:53:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.06.17 17:53:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.06.17 17:53:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.06.17 17:53:24 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.06.17 17:53:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.06.17 17:53:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.06.17 17:53:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.06.17 17:53:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.06.17 17:53:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.06.17 17:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.06.17 17:53:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013.06.17 17:53:02 | 003,603,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.06.17 17:53:01 | 003,551,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.06.17 17:51:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013.06.04 16:06:12 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013.06.04 16:06:12 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013.06.04 16:06:12 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2013.06.04 16:06:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\jmdp
[2013.06.04 16:06:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\ARFC
[2013.06.04 16:06:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\WNLT
[2013.05.16 16:38:28 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.05.16 16:37:29 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 22:30:30 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\gute mucke
[2013.05.09 17:17:45 | 001,354,752 | ---- | C] (Dark Bit - Jorndel) -- C:\Users\tobias\Desktop\IW5M Small Trainer.exe
[2013.05.08 18:20:20 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\uTorrent
[2013.05.07 20:12:53 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Music
[2013.05.06 19:33:56 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\xshCs
[2013.05.02 17:33:32 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Taschenrechner
[2013.05.02 16:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.04.21 20:04:07 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\TeknoGods_TotalKillaz.eu
[2013.04.21 19:44:38 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Modern Warfare 3 neu
[2013.04.14 11:03:58 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\TS3Client
[2013.04.11 19:25:01 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.04.11 19:24:59 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\TeamSpeak 3 Client
[2013.04.11 17:35:39 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.11 17:35:32 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.04.10 19:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2013.04.10 19:11:21 | 000,000,000 | --SD | C] -- C:\Users\tobias\Documents\Passwords Database
[2013.04.10 19:09:26 | 000,039,736 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2013.04.10 19:09:24 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2013.03.21 17:39:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.02.24 17:44:06 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\TI-Nspire
[2013.02.24 17:44:06 | 000,000,000 | ---D | C] -- C:\Users\tobias\Documents\My TI-Nspire CAS Teacher Software
[2013.02.24 17:41:54 | 000,000,000 | ---D | C] -- C:\Users\tobias\Documents\TI-Nspire
[2013.02.24 17:37:39 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\Texas Instruments
[2013.02.24 17:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2013.02.24 17:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\TI-Nspire CAS-TE
[2013.02.24 17:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TI-Nspire-TE
[2013.02.24 17:04:39 | 000,021,456 | ---- | C] (Texas Instruments Incorporated) -- C:\Windows\System32\drivers\SilvrLnk.sys
[2013.02.24 17:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
[2013.02.24 17:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TI Shared
[2013.02.24 17:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\TI Education
[2013.02.24 17:03:51 | 000,000,000 | ---D | C] -- C:\Users\tobias\Documents\MyTIData
[2013.02.18 18:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\GinyasBrowserCompanion
[2013.02.13 19:27:53 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.12 21:44:17 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.02.12 21:44:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.02.12 21:44:16 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.02.12 20:04:12 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2013.02.12 20:03:41 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\PMB Files
[2013.02.12 20:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.02.12 20:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2013.02.12 20:02:28 | 000,000,000 | ---D | C] -- C:\Users\tobias\.swt
[2013.01.29 17:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.01.26 21:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\GinyasBrowserCompanions
[2013.01.26 21:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\GinyasBrowserCompanions
[2013.01.17 17:38:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2013.01.17 17:38:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2013.01.10 18:42:06 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.06 14:52:38 | 012,641,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2013.01.06 14:52:37 | 020,450,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013.01.06 14:52:37 | 008,904,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013.01.06 14:52:37 | 006,263,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013.01.06 14:52:36 | 017,560,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013.01.06 14:52:36 | 007,931,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013.01.06 14:52:36 | 002,720,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013.01.06 14:52:36 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013.01.05 16:10:24 | 000,000,000 | ---D | C] -- C:\Users\tobias\.jordan
[2013.01.04 02:54:51 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\thriXXX
[2013.01.04 02:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\thriXXX
[2013.01.04 02:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.01.04 02:17:10 | 000,067,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapo32v.dll
[2013.01.04 02:17:10 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2013.01.04 02:17:07 | 000,889,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2013.01.03 17:18:56 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.01.03 15:08:32 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Musikk
[2012.12.31 01:11:30 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\IW4M
[2012.12.29 03:54:24 | 000,550,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2012.12.24 17:27:58 | 000,000,000 | ---D | C] -- C:\Users\tobias\Documents\Aspyr
[2012.12.21 19:28:16 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 19:28:16 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.20 19:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2012.12.20 19:26:06 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\Aspyr
[2012.12.13 21:44:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.13 21:44:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.13 21:44:04 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.13 21:44:04 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.13 21:44:03 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.13 21:44:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.13 18:07:38 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.13 18:07:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.13 18:06:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.01 16:21:07 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2012.12.01 15:50:25 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.12.01 15:50:24 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.12.01 15:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.12.01 15:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012.12.01 15:48:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.12.01 15:48:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.11.24 15:08:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.02 15:48:54 | 000,075,096 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klflt.sys
[2012.11.02 15:48:50 | 000,589,144 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012.10.18 14:50:48 | 000,043,608 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\kltdi.sys
[2012.10.14 17:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2012.10.12 02:26:39 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Diverse Worddokumente
[2012.10.12 02:26:18 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Sonstige Programme
[2012.10.10 17:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.10.10 16:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012.10.10 16:57:41 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\Microsoft Help
[2012.10.10 16:57:09 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.10.08 23:27:51 | 000,000,000 | ---D | C] -- C:\Users\tobias\Documents\Tunngle
[2012.10.08 23:27:51 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\Tunngle
[2012.10.08 23:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012.10.08 23:27:49 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\Windows\System32\drivers\tap0901t.sys
[2012.10.08 23:27:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012.10.08 23:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012.10.08 23:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle
[2012.10.08 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\TeknoGods
[2012.09.10 18:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012.09.10 18:21:23 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\InstallShield
[2012.09.10 07:23:22 | 001,257,816 | ---- | C] (SweetIM Technologies Ltd.) -- C:\Windows\System32\simboapp[1].exe
[2012.09.07 20:31:33 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\DDMSettings
[2012.09.03 19:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra
[2012.09.03 19:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\GeoGebra
[2012.09.03 18:23:54 | 000,025,944 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klmouflt.sys
[2012.09.03 17:56:58 | 000,025,944 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klkbdflt.sys
[2012.09.02 15:04:16 | 000,000,000 | ---D | C] -- C:\Users\tobias\Desktop\Schule
[2012.08.13 16:49:44 | 000,144,344 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\kneps.sys
[2012.08.12 15:37:32 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Local\Messenger_Plus_Live
[2012.08.12 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\BrowserCompanion
[2012.08.12 15:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserCompanion
[2012.08.12 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
[2012.08.11 17:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
[2012.08.11 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Engelmann Media
[2012.08.11 17:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D
[2012.08.11 17:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ogg+WebM
[2012.08.11 17:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HDX4
[2012.08.11 17:18:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\fstrainer2011
[2012.08.11 17:17:41 | 000,581,632 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\Control.dll
[2012.08.11 17:17:41 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2012.08.11 17:17:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msado27.tlb
[2012.08.11 17:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
[2012.08.11 17:15:55 | 000,000,000 | ---D | C] -- C:\Program Files\Franzis
[2012.07.17 17:37:17 | 000,000,000 | ---D | C] -- C:\Users\tobias\Documents\Z-Software
[2012.07.17 17:37:17 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\Z-Software
[2012.07.17 17:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Z-Software
[2012.07.05 11:33:31 | 000,000,000 | ---D | C] -- C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012.07.04 09:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2011.04.18 22:51:20 | 000,653,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\MSVCR90.dll
[2011.04.18 22:51:20 | 000,569,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\MSVCP90.dll
[2010.12.16 21:39:36 | 000,302,592 | ---- | C] (Google) -- C:\Program Files\Common Files\webmmux.dll
[2010.12.16 21:39:16 | 000,701,440 | ---- | C] (Google) -- C:\Program Files\Common Files\vp8encoder.dll
[2010.12.16 21:39:16 | 000,412,672 | ---- | C] (Google) -- C:\Program Files\Common Files\vp8decoder.dll
[2010.12.16 21:39:14 | 000,292,352 | ---- | C] (Google) -- C:\Program Files\Common Files\webmsplit.dll
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\tobias\Desktop\*.tmp files -> C:\Users\tobias\Desktop\*.tmp -> ]
[2 C:\Users\tobias\*.tmp files -> C:\Users\tobias\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 360 Days ==========
 
[2013.06.28 16:10:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
[2013.06.28 16:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.28 16:05:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Stats Report.job
[2013.06.28 16:01:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tobias\Desktop\OTL.exe
[2013.06.28 15:57:05 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job
[2013.06.28 15:47:27 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job
[2013.06.28 15:45:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Chrome Watcher.job
[2013.06.28 15:36:59 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Runner.job
[2013.06.28 15:28:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1725657719-504870212-71648708-1001UA.job
[2013.06.28 15:11:24 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Update Checker.job
[2013.06.28 15:06:40 | 000,002,247 | ---- | M] () -- C:\Users\tobias\Desktop\Steam.lnk
[2013.06.28 14:51:30 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job
[2013.06.28 14:51:30 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job
[2013.06.28 14:51:24 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions FireFox Watcher.job
[2013.06.28 14:50:56 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2013.06.28 14:50:56 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.06.28 14:50:47 | 000,078,848 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2013.06.28 14:50:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.28 14:50:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.28 14:50:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.26 15:40:12 | 000,006,396 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.06.25 23:57:13 | 000,000,215 | ---- | M] () -- C:\Users\tobias\Desktop\Arma 2 Operation Arrowhead.url
[2013.06.25 23:56:57 | 000,000,215 | ---- | M] () -- C:\Users\tobias\Desktop\Arma 2.url
[2013.06.25 18:28:06 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1725657719-504870212-71648708-1001Core.job
[2013.06.23 07:01:53 | 000,047,496 | ---- | M] () -- C:\Users\tobias\Desktop\971062_465305693563549_1536655601_n.jpg
[2013.06.23 04:10:50 | 000,094,005 | ---- | M] () -- C:\Users\tobias\Desktop\995687_480327982047010_2090726201_n.jpg
[2013.06.22 19:33:04 | 000,002,096 | ---- | M] () -- C:\Users\tobias\Desktop\Google Chrome.lnk
[2013.06.17 19:07:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.17 19:07:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.06.06 20:44:21 | 004,332,198 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.06 20:44:21 | 001,346,106 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.30 23:09:25 | 000,000,213 | ---- | M] () -- C:\Users\tobias\Desktop\Alien Swarm.url
[2013.05.28 17:12:47 | 002,594,816 | ---- | M] () -- C:\Users\tobias\Desktop\FD1 Elite Trainer.exe
[2013.05.26 17:52:48 | 335,681,186 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.05.21 15:31:12 | 001,167,152 | ---- | M] () -- C:\Windows\System32\dmwu.exe
[2013.05.21 15:28:38 | 000,027,136 | ---- | M] () -- C:\Windows\System32\ImHttpComm.dll
[2013.05.17 16:58:21 | 000,454,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.17 05:50:31 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.17 05:46:32 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013.05.17 05:45:57 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.17 05:45:57 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.05.17 05:45:15 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.05.17 05:45:01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.17 05:44:52 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.17 05:44:39 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.17 05:44:39 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.17 05:44:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.17 05:44:37 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.05.17 05:44:37 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.17 05:44:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.05.17 04:06:08 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.05.17 02:20:05 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.17 02:19:54 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.17 02:18:49 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.05.17 02:18:12 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.16 17:39:24 | 000,000,213 | ---- | M] () -- C:\Users\tobias\Desktop\Dota 2.url
[2013.05.15 22:26:00 | 000,001,324 | ---- | M] () -- C:\Users\tobias\Desktop\MW3.lnk
[2013.05.09 17:17:47 | 001,354,752 | ---- | M] (Dark Bit - Jorndel) -- C:\Users\tobias\Desktop\IW5M Small Trainer.exe
[2013.05.03 00:03:36 | 003,603,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.05.03 00:03:36 | 003,551,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.05.02 06:03:42 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.04.24 06:00:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.04.24 03:46:29 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.04.22 20:45:43 | 000,025,600 | ---- | M] () -- C:\Users\tobias\AppData\Local\WebpageIcons.db
[2013.04.17 14:30:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013.04.13 12:56:44 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.04.11 19:25:02 | 000,001,066 | ---- | M] () -- C:\Users\tobias\Desktop\TeamSpeak 3 Client.lnk
[2013.04.09 03:36:18 | 002,049,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.03.17 19:54:21 | 000,602,112 | ---- | M] () -- C:\Users\tobias\Documents\Database1.accdb
[2013.03.09 05:45:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.03.08 05:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.02.12 03:57:27 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.02.05 09:25:04 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013.02.05 09:25:04 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013.02.05 09:25:04 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2013.02.05 09:25:02 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2013.02.05 09:25:02 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2013.01.30 07:51:52 | 000,006,375 | ---- | M] () -- C:\Users\tobias\AppData\Local\recently-used.xbel
[2013.01.12 04:30:38 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.01.12 04:30:33 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.01.05 13:40:44 | 000,113,152 | ---- | M] () -- C:\Users\tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.31 01:31:54 | 000,000,985 | ---- | M] () -- C:\Users\tobias\Desktop\Play IW4M (Modern Warfare 2).lnk
[2012.12.31 00:47:12 | 000,603,330 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.31 00:47:12 | 000,004,698 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.29 12:26:54 | 020,450,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012.12.29 12:26:54 | 017,560,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012.12.29 12:26:54 | 015,129,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2012.12.29 12:26:54 | 012,641,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2012.12.29 12:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012.12.29 12:26:54 | 007,931,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012.12.29 12:26:54 | 006,263,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2012.12.29 12:26:54 | 002,720,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012.12.29 12:26:54 | 002,504,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2012.12.29 12:26:54 | 001,985,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012.12.29 12:26:54 | 001,017,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012.12.29 12:26:54 | 000,889,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2012.12.29 12:26:54 | 000,013,153 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2012.12.29 10:26:22 | 004,129,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2012.12.29 10:26:22 | 003,001,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2012.12.29 10:25:57 | 002,557,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2012.12.29 10:25:57 | 000,108,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2012.12.29 10:25:57 | 000,062,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2012.12.29 03:54:24 | 000,550,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2012.12.16 15:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 12:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.02 16:25:38 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.11.20 06:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.11.17 22:50:42 | 000,828,671 | ---- | M] () -- C:\Users\tobias\AppData\Local\Tempmusic.ogg
[2012.11.13 03:29:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.11.02 15:48:54 | 000,075,096 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klflt.sys
[2012.11.02 15:48:50 | 000,589,144 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012.11.02 12:18:17 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.11.02 10:26:06 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.10.18 14:50:48 | 000,043,608 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\kltdi.sys
[2012.10.10 17:21:44 | 000,647,168 | ---- | M] () -- C:\Windows\AutoKMS.exe
[2012.10.10 17:21:44 | 000,000,184 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2012.09.25 18:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.09.10 19:16:44 | 000,000,957 | ---- | M] () -- C:\Users\tobias\Desktop\Assassin's Creed.lnk
[2012.09.10 07:24:01 | 001,257,816 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Windows\System32\simboapp[1].exe
[2012.09.07 20:52:21 | 000,000,215 | ---- | M] () -- C:\Users\tobias\Desktop\The Elder Scrolls V Skyrim.url
[2012.09.03 18:23:54 | 000,025,944 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klmouflt.sys
[2012.09.03 17:56:58 | 000,025,944 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klkbdflt.sys
[2012.08.13 16:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\kneps.sys
[2012.08.12 15:37:30 | 000,002,087 | ---- | M] () -- C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
[2012.08.09 23:39:20 | 000,135,168 | ---- | M] () -- C:\Users\tobias\LaunchIW5M.exe
[2012.08.09 23:39:14 | 000,061,952 | ---- | M] () -- C:\Users\tobias\DBNetwork.Indigo.dll
[2012.08.02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klim6.sys
[2012.07.26 07:26:30 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
[2012.07.26 05:39:21 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.07.26 05:26:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
[2012.07.26 05:20:40 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.07.26 05:20:40 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.07.26 05:20:40 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.07.26 04:46:47 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.07.03 17:25:21 | 000,028,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2012.07.03 17:25:20 | 000,067,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapo32v.dll
[2012.07.03 17:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\tobias\Desktop\*.tmp files -> C:\Users\tobias\Desktop\*.tmp -> ]
[2 C:\Users\tobias\*.tmp files -> C:\Users\tobias\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.25 23:57:13 | 000,000,215 | ---- | C] () -- C:\Users\tobias\Desktop\Arma 2 Operation Arrowhead.url
[2013.06.25 23:56:57 | 000,000,215 | ---- | C] () -- C:\Users\tobias\Desktop\Arma 2.url
[2013.06.23 07:01:52 | 000,047,496 | ---- | C] () -- C:\Users\tobias\Desktop\971062_465305693563549_1536655601_n.jpg
[2013.06.23 04:10:46 | 000,094,005 | ---- | C] () -- C:\Users\tobias\Desktop\995687_480327982047010_2090726201_n.jpg
[2013.06.04 16:06:12 | 001,167,152 | ---- | C] () -- C:\Windows\System32\dmwu.exe
[2013.06.04 16:06:12 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll
[2013.05.30 23:09:25 | 000,000,213 | ---- | C] () -- C:\Users\tobias\Desktop\Alien Swarm.url
[2013.05.28 17:12:27 | 002,594,816 | ---- | C] () -- C:\Users\tobias\Desktop\FD1 Elite Trainer.exe
[2013.05.16 17:39:24 | 000,000,213 | ---- | C] () -- C:\Users\tobias\Desktop\Dota 2.url
[2013.05.08 15:12:50 | 000,001,324 | ---- | C] () -- C:\Users\tobias\Desktop\MW3.lnk
[2013.05.07 21:00:53 | 000,135,168 | ---- | C] () -- C:\Users\tobias\LaunchIW5M.exe
[2013.05.07 21:00:53 | 000,061,952 | ---- | C] () -- C:\Users\tobias\DBNetwork.Indigo.dll
[2013.04.27 16:46:49 | 335,681,186 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.04.11 19:25:02 | 000,001,066 | ---- | C] () -- C:\Users\tobias\Desktop\TeamSpeak 3 Client.lnk
[2013.03.17 18:41:28 | 000,602,112 | ---- | C] () -- C:\Users\tobias\Documents\Database1.accdb
[2013.02.18 18:04:01 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanion Runner.job
[2013.02.18 18:04:00 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job
[2013.02.18 18:03:57 | 000,001,040 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job
[2013.02.18 18:03:53 | 000,001,040 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job
[2013.02.18 18:03:50 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job
[2013.01.30 07:51:52 | 000,006,375 | ---- | C] () -- C:\Users\tobias\AppData\Local\recently-used.xbel
[2013.01.26 21:05:55 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanions Update Checker.job
[2013.01.26 21:05:51 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanions Stats Report.job
[2013.01.26 21:05:47 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanions Chrome Watcher.job
[2013.01.26 21:05:43 | 000,001,004 | ---- | C] () -- C:\Windows\tasks\GinyasBrowserCompanions FireFox Watcher.job
[2012.12.31 01:32:44 | 000,000,985 | ---- | C] () -- C:\Users\tobias\Desktop\Play IW4M (Modern Warfare 2).lnk
[2012.12.31 01:11:35 | 000,000,985 | ---- | C] () -- C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play IW4M (Modern Warfare 2).lnk
[2012.12.13 21:44:22 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.13 21:44:22 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.01 15:50:21 | 000,001,893 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.11.06 18:32:33 | 000,828,671 | ---- | C] () -- C:\Users\tobias\AppData\Local\Tempmusic.ogg
[2012.10.10 17:21:45 | 000,000,202 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2012.10.10 17:21:44 | 000,647,168 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012.10.10 17:21:44 | 000,000,202 | ---- | C] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012.10.10 17:21:44 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.10.10 17:19:52 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2012.09.10 19:16:44 | 000,000,957 | ---- | C] () -- C:\Users\tobias\Desktop\Assassin's Creed.lnk
[2012.09.07 20:52:21 | 000,000,215 | ---- | C] () -- C:\Users\tobias\Desktop\The Elder Scrolls V Skyrim.url
[2012.08.12 15:37:30 | 000,002,087 | ---- | C] () -- C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
[2012.08.11 17:17:41 | 000,347,136 | ---- | C] () -- C:\Windows\System32\unicows.pdb
[2012.05.11 14:16:16 | 000,171,520 | ---- | C] () -- C:\Program Files\Common Files\dsfOggDemux2.dll
[2012.01.20 15:10:52 | 000,311,296 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll
[2011.12.10 17:08:34 | 000,000,090 | ---- | C] () -- C:\Program Files\open-for-update-patch.bat
[2011.12.10 14:16:29 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.01.12 02:00:44 | 000,030,208 | ---- | C] () -- C:\Program Files\Common Files\wmpinfo.dll
[2011.01.12 02:00:42 | 000,240,128 | ---- | C] () -- C:\Program Files\Common Files\dsfVorbisDecoder.dll
[2011.01.12 02:00:42 | 000,146,944 | ---- | C] () -- C:\Program Files\Common Files\dsfFLACDecoder.dll
[2011.01.12 02:00:40 | 000,221,184 | ---- | C] () -- C:\Program Files\Common Files\dsfFLACEncoder.dll
[2011.01.12 02:00:40 | 000,204,800 | ---- | C] () -- C:\Program Files\Common Files\dsfNativeFLACSource.dll
[2010.06.20 19:41:01 | 000,025,600 | ---- | C] () -- C:\Users\tobias\AppData\Local\WebpageIcons.db
[2010.02.22 17:00:40 | 000,000,680 | ---- | C] () -- C:\Users\tobias\AppData\Local\d3d9caps.dat
[2009.12.10 17:04:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.27 19:13:48 | 000,113,152 | ---- | C] () -- C:\Users\tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

--- --- ---

Feuerherz96 · 28.06.2013, 15:56

Und die Extras.txt:OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 28.06.2013 16:04:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\tobias\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19437)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 33,94% Memory free
6,19 Gb Paging File | 4,13 Gb Available in Paging File | 66,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 30,42 Gb Free Space | 10,93% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 6,70 Gb Free Space | 33,90% Space Free | Partition Type: FAT32
 
Computer Name: ENGSCHILIES-LAP | User Name: tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1725657719-504870212-71648708-1001]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04FC2E14-9765-44B1-96FD-37F82223AD48}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0DCA91F3-094C-4664-B054-297A31CE3671}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2908FFA7-26AA-4171-8844-CBF020ED348B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{2DF9BED2-1393-4F18-BCAE-C7FF51B97043}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3D38027B-2723-4AD0-AC62-28BC6B00E24A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5777A87D-00FC-448A-A240-4CE29F1951B1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{67934119-83B2-4E39-967B-0F0D6F047644}" = rport=138 | protocol=17 | dir=out | app=system | 
"{68A7E8A0-A016-4B46-8F30-81EF5B21D0D2}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6A5B3AB7-2F16-440B-8311-FD3A1C2DFD8A}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6B3FB9E8-7485-4A21-AD68-15D1281637E1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{7349F879-3BF3-4D05-A94F-D39B4C268A1D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{74CC6F6F-1C79-4103-86BA-BC7B3DDBFDAD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9063272C-D070-4008-9CA6-03DAE112F3E7}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{98A84F90-8AF6-438B-A2C7-DDBB7DCDF4CE}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9EDB5449-88DF-46F0-9317-143E4AB6214E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C06210D9-ECFF-4F3C-A0D9-9E5D84148FA4}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D36869D8-1C1E-4994-8A92-DC51285331AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DA540880-BBA5-456D-8563-28F95585C262}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F1E3312F-7AB8-4F00-9D19-38E93C3C2527}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FB68B3C2-4DF7-4F60-813F-6D51D1029763}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011BA15B-D17E-4FD0-9CA6-80F6ADD0E94A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{02A988A0-32A2-4F98-90F5-931D9CAE2103}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{02FF97FE-183A-4C2C-A226-F7B4CEC5FD93}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{044B5DF3-A320-4ADE-BA59-57F51546178D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{066369E9-B25E-4864-ACA4-7A53D1CF625A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{09666068-62A5-4DB5-BBB0-4BDE0A14C361}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{106ECCFD-2872-41DF-89E7-C5D9536172DB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{1071CC81-0FD5-4DB2-AF30-65920D7F5858}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{10CE57B8-8DEE-4A21-BA35-8D17C8C11411}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe | 
"{17AD20BE-D1A4-4DD9-B179-4326166E1F30}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{1A1CCFC2-5876-4653-9663-99FB61118FD2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1E9DC2CF-6409-4538-A792-30B6160FBB47}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2C14CE93-0B5C-4588-A436-0E60C938CD7E}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{31E40A45-A587-4B5D-8787-95F2569F928A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{31EF6EDA-D068-44C9-A360-69735C4781B7}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | 
"{3239A9D4-C853-44D4-B0AC-B6269525A920}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | 
"{34CC7AC3-EF12-403B-A3BF-8247DE57B8D9}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{36CC721E-313F-45F1-8A8B-FC4DADC286DB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3843162C-FEC1-46C9-821C-8B0EEEFECFAA}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{38BF6FE5-16FC-4AEB-8CE8-614835D386F4}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\anno5.exe | 
"{38DDD188-741A-4484-BDBC-8BE773EC5E20}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3909D8E5-BD61-4FD3-B1BA-2BEFF08073B8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | 
"{397AA899-7A31-446D-9D19-46B129873D52}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{3A5DFDA7-B1C5-42D2-8938-A61C0E2B0611}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{3A710A15-3657-4D28-91FA-EF9A35C01C84}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{3ACEDAD0-5B8F-45C5-86DE-A1AF0111D54E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{3BE5113B-4570-4A9B-979A-C2B7C05FD297}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | 
"{3C1C3CF0-7ACB-42BA-829B-7118E29405EC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3FAEB131-93DD-41EB-8A0B-8A4B1131CF11}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3FC5F8A9-CE99-4170-99D4-297201E3C70B}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{44E67FF5-4356-44EF-846C-CDAD3C10DD5B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{468E6D6F-5DF3-46C1-B1D2-999659D571C7}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe | 
"{4A250A59-6457-4CDE-B591-AFC5ECD1905A}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{4B6D81D7-4C43-475B-B32A-97394254E5A5}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{4CC78A46-B74F-4938-8B8D-1048DC2B097F}" = protocol=6 | dir=out | app=system | 
"{4E557A2D-11EE-482F-A6D5-86B55EDCCE67}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | 
"{51528E2D-3D95-4530-A348-E0BC4EF4B310}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{51E77CE5-ABF7-46EE-8BFE-91369113A8EC}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{51E82ADA-576B-45C6-9194-097C40E944F0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\anno5.exe | 
"{527B2FD3-3757-459E-8BA4-2FE52355D6D5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{54F65098-3C07-4133-8DAE-0AE0E17DB714}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5598C7D5-000E-4FBA-9382-CBE2EA65E0D1}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{5608FD20-01BA-4DCC-99D1-9A03E66DA883}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{5DBFA1C7-4A8A-45BA-BF91-C6C7E1A013D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5E24A009-A254-487E-AD29-F6806C3F62EC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5F9F1433-95D3-4D3E-A4D1-4AEDCFF0235F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6275DC9D-55EF-4EB2-9001-671DAF2164B7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{64AF8960-4199-45E2-957A-884FB2CFD952}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6583B8E3-6D34-41EA-9048-2A4F7BBFF0E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6684D9F0-EBB4-402D-947F-52B60B672875}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe | 
"{69E38DE4-459C-4BAF-A975-6B7A04D9501A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{70961783-6688-4788-A1FF-82964828A5CD}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe | 
"{7609B5DA-5918-4E25-9F76-DD5FC8A72702}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7E8D7620-E00F-4B22-8B9F-7888DAD2B0B4}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{82A4E7C4-A113-41CF-B1C6-3D9A0E951243}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{85AB6427-E956-41F0-B656-4CAB8BCB024A}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | 
"{860E2223-0B85-442A-890B-5A9BC5F4FA3E}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\initengine.exe | 
"{88DEAE73-1416-4A33-82D1-2C6FB5E55B00}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{89E53AC3-519C-45EF-BDC7-023A3E6507B2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{94D48CC5-D075-41F3-A1B5-506173DB93C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{94D4E240-DF65-4B36-86E3-27513C9C8C09}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9BCCA5DB-9639-47B2-AF7C-0B0BD1D5C48B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{A21736AC-2C48-4F73-9D35-65B980659DA8}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{A55C6921-963A-480D-9342-F42D5E0D702C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{A6F2EF2C-9F86-417B-9CA3-1931EBB20059}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{AC4EE172-27EA-45C1-A7B6-B01045182AF8}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{B5B09984-D2BC-4ED1-B417-D571DC27465F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B8881EB9-2164-44BE-AE03-BA8ED686082D}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | 
"{B9F0B253-3195-48AB-A1E8-F9F4B1035299}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | 
"{BA76578A-90EC-4F31-99FA-82A6233FC19D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BACA03DB-00C9-4782-831A-B6BCB5E49767}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BAD2FA6F-D8F2-4579-99B1-1B856458802E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BB9BB517-D3B5-41B0-ADEC-197ED8ED577A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{BC0BC82C-039C-4139-8853-B49E43A2339B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BF3C36AE-4609-4A2A-8809-6429FF33E713}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe | 
"{C146C0AC-36A8-4596-B270-C75A7C51C8FE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C3AA09A7-D0B9-48A6-A7E5-C8C7A5D121B5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C426A272-4FF3-4DD3-83E7-B36D6563C2E5}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{C47D252A-B348-42D2-9847-F220DE2DE49C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C4F5267E-190A-4EB9-B136-5C4DFF5CDDBB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{C5A77C77-E866-404E-A00F-4844FCAEFB33}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C6FD9C69-FB4D-4D0D-A883-DCA434E036F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CA44E78F-1D91-4E9E-90A6-E0125304B602}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CD728A3A-F63F-44C0-85B9-8A1B637B6137}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CE8AF1CA-C075-4D2B-BCB4-6BF467EBDAD4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D6CE97D0-BA57-4637-A8FD-36A54F0DC695}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe | 
"{D6F673A3-B347-40A6-81A5-A1B9D87739D3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe | 
"{DA5CAB73-AB0B-47FD-99DC-124A38E1969C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{DD9A8926-84C4-4060-9223-5CF757685E9E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe | 
"{DE56A3DD-604B-462D-8A6F-16B8C32FBA83}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe | 
"{E1089F7B-3C05-423A-BC72-A54195B4DA6B}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{E1A8E4A0-DB7D-408B-BD3D-64D1038ADEA4}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\utorrent\utorrent.exe | 
"{E2BCD507-8A51-40E0-AE45-DC3405C9A337}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{E2D79AE1-5028-46DC-9170-2BBDFC6DC298}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold\stronghold.exe | 
"{E4CD7BA3-6328-46A5-B1FA-57BCAC4CC5D8}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{E6E2C000-57BC-4C73-BAFB-D390BDB2B7E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E8096E5A-B1EE-45D0-9F69-46238A890793}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold\stronghold.exe | 
"{E8495FD4-088A-4ED8-AF13-FE5790603729}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{E94168A8-4530-48EE-82F2-20DDABEEE674}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EBFA087F-800C-4D14-AEE1-C8B0F5420C4E}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{ED2F4788-D8CE-4008-BA5A-64F56538464A}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe | 
"{F1748078-7456-4492-A11F-02939FE10FB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{F18DDE37-7DE0-4353-970E-31094D0B8C62}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F497E817-CC01-4F6B-B534-90A13655C8C0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{F71393FB-1304-4C35-8596-4DD2BAA54468}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F844F05D-8530-4630-B58D-A0035AED139C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F97A336D-D781-4124-8082-0A371E722554}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\utorrent\utorrent.exe | 
"{FE6B131B-79A6-4435-9120-70E7224BE9D5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FEDC7BE4-9E5F-4542-9FA5-E57F9C14A70B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FF0A7A12-DB0D-42F4-B489-ABED97E4B2C6}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\initengine.exe | 
"TCP Query User{7DB869A0-403D-43F1-A8E7-91C388E0A48A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{A361847A-C923-4B1A-9B75-E2F0A1A4A26C}C:\program files\left4dead2 2011\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\left4dead2 2011\left4dead2.exe | 
"UDP Query User{9E643F7A-08A7-4FC7-B26B-043BBEFF7241}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{BC65C39C-D6DB-4B3A-9267-C910B5945847}C:\program files\left4dead2 2011\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\left4dead2 2011\left4dead2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{10A5FC84-CB84-4CC1-A0EC-C7598A04AA0A}" = TI-Nspire(TM) Teacher Software
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2
"{17BADF87-3597-46FE-8D74-69C4FA78883E}" = Gothic 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 11
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Foxlink Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}" = Marketsplash Schnellzugriffe
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Hilfe
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B04CAE1-EA70-4768-A985-6E682FA1B77D}" = Bejeweled 3  
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98C7891F-4BA8-48D3-0001-D4DD055B2886}" = Formatwandler 2013
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A38C6459-06E0-4290-B423-9399FB27CD95}" = Studie zur Verbesserung von HP Officejet Pro 8500 A910 Produkten
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DEDF2885-0086-4534-9912-F9B97377ED07}" = AGEIA GAME System Software
"{E0091C29-DEE8-4B24-BF65-8C35B5940D77}" = Letstrade
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E2E25F53-EB64-4BC1-8A9E-B970BBEF8C1C}" = HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"BabylonToolbar" = Babylon toolbar on IE
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"BrowserCompanion" = BrowserCompanion
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"conduitEngine" = Conduit Engine
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"DivX Setup" = DivX-Setup
"Downhill PAKOON! 2.Many Unlimited 2009" = Downhill PAKOON! 2.Many Unlimited 2009
"Drakensang_is1" = Drakensang
"Drakensang_TRoT_is1" = Drakensang - Am Fluss der Zeit
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Elf_1.12 Toolbar" = Elf 1.12 Toolbar
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"ffs2011_is1" = Franzis Führerschein Trainer
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"Free Audio Converter_is1" = Free Audio Converter version 5.0.17.903
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free Studio_is1" = Free Studio version 4.8
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.17.903
"Free YouTube Download_is1" = Free YouTube Download version 3.1.35.903
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.31.916
"FreeHideIP" = Free Hide IP
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"GeoGebra" = GeoGebra
"GIMP-2_is1" = GIMP 2.8.0
"GinyasBrowserCompanion" = GinyasBrowserCompanion
"GinyasBrowserCompanions" = GinyasBrowserCompanions
"GLtron_is1" = GLtron version 0.70
"Google Updater" = Google Updater
"HaaliMkx" = Haali Media Splitter
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"LetsTrade" = LetsTrade Komponenten
"Mafia II_is1" = Mafia II
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies  
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealMedia" = RealMedia (remove only)
"SHOUTcast Source" = SHOUTcast Source (remove only)
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 570" = Dota 2
"Steam App 630" = Alien Swarm
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SystemRequirementsLab" = System Requirements Lab
"TIPP10_is1" = TIPP10 Version 2.0.3
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WNLT" = IB Updater Service
"X10Hardware" = X10 Hardware(TM)
"Zattoo4" = Zattoo4 4.0.5
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
"ZoomPlayer" = Zoom Player (remove only)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1725657719-504870212-71648708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
Error: Unable to start EventLog service!
 
< End of report >

--- --- ---

aharonov · 29.06.2013, 14:12

Hallo,

dein Microsoft Office ist keine legal erworbene Version, ist das korrekt?

Dann kommst du in den Genuss einer brandneuen Regeländerung hier. Bis kürzlich haben wir den Support in solchen Fällen eingestellt. Neu erhältst du die Möglichkeit, sämtliche unsaubere Software und Keygens etc jetzt komplett zu entfernen. Sobald alles gelöscht ist, fahren wir hier fort. Sollte später trotzdem nochmals sowas auftauchen, wird der Support eingestellt.

Gib mir bitte Bescheid, wenn (und ob) es hier weitergeht.

aharonov · 05.07.2013, 00:39

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.

05.07.2013, 00:39	#6
aharonov /// TB-Ausbilder	TCBHN vom PC runterschmeißen Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen. __________________ --> TCBHN vom PC runterschmeißen

TCBHN vom PC runterschmeißen

Plagegeister aller Art und deren Bekämpfung: TCBHN vom PC runterschmeißen