wieder serve.bannersdontwork.com etc.

schildi0507 · 01.08.2013, 14:27

moin!

ich bin neu hier und habe nicht so viel ahnung vom pc oder trojaner oder vieren etc.
ich glaube nur ich bin von diesem banner- trojaner oder wat auch immer das ist befallen. ich habe dazu schon einen beitrag gelesen und bin soweit vorangekommen, dass ich hier mal den otl- scan gemacht habe und hier mal poste:

(falls ich hier falsch bin, korrigiert das bitte; und erklärt die nachfolgenden schritte idiotensicher

)

1)
_____________________________________________________________________________OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 01.08.2013 15:03:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maddin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,70% Memory free
4,24 Gb Paging File | 2,83 Gb Available in Paging File | 66,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 171,37 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 17,24 Gb Free Space | 11,44% Space Free | Partition Type: NTFS
Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Maddin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Windows\vVX3000.exe (Microsoft Corporation)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Web Assistant) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ClipInc003) -- D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (ClipInc002) -- D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (ClipInc001) -- D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ddxgb) -- C:\Users\Maddin\AppData\Local\Temp\ddxgb.sys ()
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (VX3000) -- C:\Windows\System32\drivers\VX3000.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA_de
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.bild.de/"
FF - prefs.js..extensions.enabledAddons: %7B8E9E3331-D360-4f87-8803-52DE43566502%7D:2.0.0.604
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013.07.31 15:24:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502}: C:\Program Files\Web Assistant\Firefox [2013.07.31 15:24:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.07.03 17:35:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Mozilla Thunderbird\components [2013.03.03 21:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Mozilla Thunderbird\plugins
 
[2010.01.12 23:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Extensions
[2010.01.12 23:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.28 17:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Firefox\Profiles\6c21kh5d.default\extensions
[2010.04.27 22:34:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Maddin\AppData\Roaming\mozilla\Firefox\Profiles\6c21kh5d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007.11.04 16:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Firefox\Profiles\vp5nahrp.default\extensions
[2012.08.31 18:52:32 | 000,002,203 | ---- | M] () -- C:\Users\Maddin\AppData\Roaming\mozilla\firefox\profiles\6c21kh5d.default\searchplugins\MyStart Search.xml
[2007.11.04 15:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2007.11.04 15:59:52 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Program Files\mozilla firefox\extensions\inspector@mozilla.org
[2007.11.04 15:59:52 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2013.07.31 15:24:01 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2006.08.24 23:07:50 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2006.08.24 23:07:50 | 000,001,063 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2006.11.10 13:42:00 | 000,000,998 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.11 00:32:03 | 000,000,815 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ClipIncSrvTray] "D:\Tobit ClipInc\Player\ClipIncTray.exe" File not found
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LifeChat] c:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab (EARTPatchX Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E455C09B-32B4-4207-B28A-7D913F3C5674}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011.08.11 04:04:53 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{ea2200f6-8a17-11dc-b94d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ea2200f6-8a17-11dc-b94d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.13 15:09:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.07.13 15:09:16 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.07.13 15:09:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.07.13 15:09:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.07.13 15:09:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.07.13 15:09:15 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.07.13 15:09:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.07.13 15:09:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.07.13 13:29:02 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.07.13 13:27:53 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013.07.13 13:27:53 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.07.13 13:27:53 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013.07.13 13:27:53 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013.07.13 13:27:53 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013.07.13 13:27:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013.07.13 13:27:53 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013.07.13 13:27:53 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.07.13 13:27:50 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013.07.13 13:27:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
 
========== Files - Modified Within 30 Days ==========
 
[2013.08.01 14:56:24 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.01 14:23:55 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013.08.01 14:23:46 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.01 14:23:45 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.01 14:23:45 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.01 14:23:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.01 14:23:18 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.21 11:26:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013.07.15 17:14:14 | 000,271,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.13 15:18:19 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.13 15:18:19 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.13 15:18:19 | 000,126,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.13 15:18:19 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.07.23 21:07:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.07.23 20:57:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.07.23 20:57:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.02.06 17:57:19 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.12.15 17:04:55 | 000,000,439 | ---- | C] () -- C:\Windows\wiso.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.24 21:53:25 | 015,321,068 | R--- | C] () -- C:\Users\Maddin\2009-08-24 Nokia N95 8GB.nbu
[2008.09.26 15:51:05 | 000,022,328 | ---- | C] () -- C:\Users\Maddin\AppData\Roaming\PnkBstrK.sys
[2008.08.20 01:40:16 | 000,201,243 | ---- | C] () -- C:\Users\Maddin\AppData\Roaming\NMM-MetaData.db
[2008.05.22 23:19:26 | 000,217,088 | R--- | C] () -- C:\Users\Maddin\AppData\Roaming\MafiaSetup.exe
[2008.04.07 12:57:03 | 000,001,100 | ---- | C] () -- C:\Users\Maddin\AppData\Local\d3d8caps.dat
[2007.12.22 19:08:30 | 000,015,100 | ---- | C] () -- C:\Users\Maddin\AppData\Local\d3d9caps.dat
[2007.11.04 17:37:49 | 000,029,184 | ---- | C] () -- C:\Users\Maddin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
< End of report >

--- --- ---

_____________________________________________________________________________

2)

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 01.08.2013 15:03:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maddin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,70% Memory free
4,24 Gb Paging File | 2,83 Gb Available in Paging File | 66,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 171,37 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 17,24 Gb Free Space | 11,44% Space Free | Partition Type: NTFS
Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: *** |User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BUDNI Fotowelt] -- "C:\Users\Maddin\BUDNI Fotowelt\BUDNI Fotowelt.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Users\Maddin\BUDNI Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{82AC7AAE-8FC5-433E-B89F-D4BFEF0C7BE0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B106B7B7-09DE-4A2B-8F67-1305DD7172CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C2D839-135E-468A-8B04-01FB7DC427EC}" = protocol=17 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx9.exe | 
"{080C8D05-E321-4533-8F15-E673F08C460A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{093AB51B-4DC2-4CB4-B710-1059555BFBF2}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{0F70759F-BF34-420E-962F-D70B02FEC5A3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{12F09C1D-7C3F-4A18-ACBA-FE921F865ED3}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | 
"{16A4DC92-F79A-4BC7-AF82-6EB160883AA3}" = protocol=17 | dir=in | app=d:\ spiele\grand theft auto iv\launchgtaiv.exe | 
"{188FC9A5-8429-48D6-B09D-42EB39D72895}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{1AFC0178-44F3-4A97-AC52-BCA410A6B0F4}" = protocol=6 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx9.exe | 
"{1D6D4527-CE55-4337-9929-FB72F8DD3F9A}" = protocol=17 | dir=in | app=d:\spiele\kane and lynch dead men\kaneandlynch.exe | 
"{1E1EA7AE-E685-41F5-9771-6F298EDA2D1E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{211FE7D9-1444-4CD5-8137-8C0758FFF752}" = protocol=6 | dir=in | app=d:\spiele\world in conflict\wic_ds.exe | 
"{224346CD-7B1D-438F-BFF0-BDE8601E28F2}" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"{2756802D-C1B3-44A5-A299-5118A2FE3A73}" = protocol=6 | dir=in | app=d:\spiele\kane and lynch dead men\kaneandlynch.exe | 
"{2A72617E-DAD4-4958-8BCB-3E22EA6352B8}" = protocol=6 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_launcher.exe | 
"{2F1B6A62-CF62-4486-8805-FB434210EAD8}" = protocol=6 | dir=in | app=d:\ spiele\grand theft auto iv\launchgtaiv.exe | 
"{33E5CAE1-E418-4A9E-80C9-B547D0EAE0A3}" = protocol=17 | dir=in | app=d:\spiele\sid meier's civilization 4\civilization4.exe | 
"{34AC58B2-D6CD-4A77-AEE3-6E9D47DA282A}" = protocol=17 | dir=in | app=d:\spiele\ein quantum trost\jb_liveengine_s.exe | 
"{39111A20-39D7-4A86-A558-E4290CBCAEA9}" = protocol=6 | dir=in | app=d:\spiele\call of duty 5\codwawmp.exe | 
"{3CEF191C-FC36-4162-80DB-91E8C970A6DF}" = protocol=6 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx10.exe | 
"{3FBE7BC3-6C6F-47F1-A363-A37ED630EDCE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{4098CAC4-C76B-42AC-827F-7EF112A58F2E}" = protocol=17 | dir=in | app=d:\spiele\gta 4\rockstar games social club\rgsclauncher.exe | 
"{441F6C15-79DF-4D6B-AF79-9D61869CCE47}" = protocol=17 | dir=in | app=d:\spiele\world in conflict\wic.exe | 
"{4B353425-F9AA-4B27-8012-B72AABC4E474}" = protocol=6 | dir=in | app=d:\spiele\ein quantum trost\jb_liveengine_s.exe | 
"{4EA50AD3-BA6F-459E-911A-0E805E010513}" = protocol=17 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"{5CE0DD52-D6B9-4DF2-AAA8-159AE710172E}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{604084B9-3A2F-4A65-9975-FD5B1149591F}" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"{6F49918D-47D9-4F11-87CD-50877CF41B24}" = protocol=6 | dir=in | app=d:\spiele\zt.exe | 
"{71C05D2E-F286-4B1D-9F02-D6CF529292F7}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{731C04CD-E010-4A31-BAA1-CFAA3A37957A}" = protocol=17 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx10.exe | 
"{74E8D058-FC77-489A-8DA4-B0B647A54DC7}" = protocol=17 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\launchgtaiv.exe | 
"{7E34DC3C-5692-4EB6-9267-B4FE0AA8952E}" = protocol=17 | dir=in | app=d:\spiele\zt.exe | 
"{7EF1CABC-132B-44D0-9EB7-75E428B187DD}" = protocol=6 | dir=in | app=d:\spiele\medal of honor airborne\unrealengine3\binaries\moha.exe | 
"{8002E1E0-A33C-4B72-95C8-1EC4D0089EC0}" = protocol=17 | dir=in | app=d:\spiele\world in conflict\wic_ds.exe | 
"{80C3C9C4-AA94-428E-896C-BD3F70DD5AE5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{8B09E18A-E42D-4BB0-B85E-F0B64174FCB3}" = protocol=6 | dir=in | app=d:\spiele\world in conflict\wic_online.exe | 
"{8C57024A-E393-4932-8399-219E06B34900}" = protocol=17 | dir=in | app=d:\spiele\call of duty 5\codwaw.exe | 
"{92C20766-F3FB-4BE7-A518-255A34567A40}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{9AE4CCFB-6EC3-464B-8123-5BDE852D1BA7}" = protocol=6 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\launchgtaiv.exe | 
"{AA682179-D14B-4C97-9C59-56433D166011}" = protocol=6 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"{AB3FA699-970E-4D00-9BE8-CF34EE99493C}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{AC905074-F06C-496E-8E08-6ED9AE37E5EE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{AD0D9869-3DEC-4DDD-97E9-68A95356F5C6}" = protocol=6 | dir=in | app=e:\alicecd.exe | 
"{B1ED0B9F-B9C2-4F7A-8D90-2A64516F43CF}" = protocol=17 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_launcher.exe | 
"{BA1ED9BD-4BFC-49C7-BBE3-EF71615709A5}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{BB816250-40E4-4421-9F7F-FD948D88592E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{BFBAC5D2-4891-4027-BC10-394F8BE0ED9C}" = protocol=6 | dir=in | app=d:\spiele\gta 4\rockstar games social club\rgsclauncher.exe | 
"{C021B9F4-69CE-4EF5-9869-6CA4A39DD5CE}" = protocol=17 | dir=in | app=e:\alicecd.exe | 
"{C3AFB358-44BE-471D-B29B-A01EE180A655}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{C9F57CF7-D1CB-4BA0-B783-A069DFB9A402}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{CBAB03C4-176E-4287-9228-D87A5E74B71E}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | 
"{D07E34BF-C8B4-48E9-B47B-738620D014D6}" = protocol=6 | dir=in | app=d:\spiele\sid meier's civilization 4\civilization4.exe | 
"{D3640BA7-F368-457D-829F-C99E4BE532FF}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe | 
"{DBA502FC-0E6E-4925-A5BB-E5B77386337C}" = protocol=17 | dir=in | app=d:\spiele\world in conflict\wic_online.exe | 
"{DE9ED7E6-22EF-4482-A844-F6D2C9C49FAB}" = protocol=6 | dir=in | app=d:\spiele\call of duty 5\codwaw.exe | 
"{DF45B9C3-5688-4172-9DEC-E2D197E8EF14}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{E103E9C2-2825-4F72-8611-AAB7082445BB}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | 
"{E821BD41-D2DD-48BD-87E9-DEAFC75DD6D4}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe | 
"{E8677B9F-7FFC-417D-896D-0D7791BBA5EA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{E947E39C-CF47-4587-860A-6C865ABD0362}" = protocol=6 | dir=in | app=d:\spiele\world in conflict\wic.exe | 
"{EAAAB48E-75DB-4D29-8D7A-0925E7BCB145}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{EB2FCAEA-89FA-4D17-9633-EBC73C9AFB9C}" = protocol=17 | dir=in | app=d:\spiele\call of duty 5\codwawmp.exe | 
"{EC9345A4-7CFA-4F33-B8B0-68070DE35800}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | 
"{EEBB1664-EBE7-4C61-807D-B8729EAE2DA1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{FC75F3A9-17F7-4C4B-90ED-2E3370624CC2}" = protocol=17 | dir=in | app=d:\spiele\medal of honor airborne\unrealengine3\binaries\moha.exe | 
"TCP Query User{03803038-C2F7-4E9A-BB6C-4544E00FB286}D:\tobit clipinc\player\clipinc-player.exe" = protocol=6 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe | 
"TCP Query User{03960696-A232-4B1A-9D73-C4627D159949}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{0D5A2A78-4004-456F-9A8E-8D195606D1DD}D:\spiele\medal of honor pacific assault\mohpa.exe" = protocol=6 | dir=in | app=d:\spiele\medal of honor pacific assault\mohpa.exe | 
"TCP Query User{206C9806-3A48-4225-9B6D-B0AB7E1B4149}C:\users\maddin\desktop\pes2011.exe" = protocol=6 | dir=in | app=c:\users\maddin\desktop\pes2011.exe | 
"TCP Query User{27F7AF23-6BF7-408E-91F2-E66738509811}C:\spiele\gta 4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\gtaiv.exe | 
"TCP Query User{311ABE75-51CB-4549-B757-837A303D1EB5}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{4B1D03B3-665F-4EDF-835E-62B14EB8C946}D:\spiele\pes 2008\pes2008.exe" = protocol=6 | dir=in | app=d:\spiele\pes 2008\pes2008.exe | 
"TCP Query User{570B4F93-091F-4359-83BB-ABF9AB7FF2DE}D:\ spiele\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\ spiele\grand theft auto iv\gtaiv.exe | 
"TCP Query User{6054369A-CECC-4EA3-8949-151CDB7AFF8C}D:\spiele\pro evolution soccer 2009\pes2009.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2009\pes2009.exe | 
"TCP Query User{6934C9CF-82BC-4F9C-BAE3-0EDC62BADC7E}D:\spiele\anno 1701\anno1701addon.exe" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"TCP Query User{815D8194-E2B4-4480-8406-D60A7D6BAA0C}D:\spiele\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\spiele\xfire\xfire.exe | 
"TCP Query User{8BC28FC7-591C-4ECC-A1D1-79A6A7B55A1B}D:\spiele\pes 2011\pes2011.exe" = protocol=6 | dir=in | app=d:\spiele\pes 2011\pes2011.exe | 
"TCP Query User{8E215009-52A5-4BCC-BF2B-5132F20B9B98}D:\spiele\pro evolution soccer 6\pes6.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 6\pes6.exe | 
"TCP Query User{93253A28-EB58-40FD-9D0A-E73C6618345B}D:\spielemohaa\mohaa.exe" = protocol=6 | dir=in | app=d:\spielemohaa\mohaa.exe | 
"TCP Query User{9E2B75FA-183F-4400-ADFD-F246FB431299}D:\spiele\call of duty 4\iw3mp.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"TCP Query User{A323390C-0FDB-47DD-A2C4-BFE733084E4D}D:\spiele\anno 1701\anno1701.exe" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701.exe | 
"TCP Query User{A3A3B5F6-23D2-444B-873C-6576569AE6C0}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{AE26583F-B90F-4741-82F4-3AFC77E81534}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{B394BE51-FB2E-4F60-948F-31240C92E8B7}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"TCP Query User{BC844D6F-B99B-4821-A786-14C83136136F}D:\spiele\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=d:\spiele\far cry\bin32\farcry.exe | 
"TCP Query User{C2FEE5FE-B101-40E9-878F-9860ADF0F134}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C41AC622-7DE2-4134-87C1-5A90067C1FBC}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"TCP Query User{D29E1C3C-4BF7-4721-AE5D-D2898A077CA1}D:\spiele\hidden & dangerous 2\hd2.exe" = protocol=6 | dir=in | app=d:\spiele\hidden & dangerous 2\hd2.exe | 
"TCP Query User{D42D0CDB-B3C3-4FD5-99FA-27DFD1EB4F58}D:\spiele\call of duty 4\admin\modernrcon_v0.8.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 4\admin\modernrcon_v0.8.exe | 
"TCP Query User{E454FD91-BAE0-4701-A6E5-29C62570AA09}D:\spiele\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=d:\spiele\battlefield 1942\bf1942.exe | 
"UDP Query User{0F8D42EB-C37B-4892-8CDE-399C9929249C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{1A4B4D7B-E067-40A3-9CED-5C7D0FF2D399}D:\spiele\anno 1701\anno1701addon.exe" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"UDP Query User{20565B86-C15E-4B87-BD66-21A822F40116}C:\spiele\gta 4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\gtaiv.exe | 
"UDP Query User{29045E5C-271B-4272-81FC-9734050511FC}D:\ spiele\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\ spiele\grand theft auto iv\gtaiv.exe | 
"UDP Query User{2C198860-E282-46E2-AD7D-FBEB0C9F4D7F}D:\spiele\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=d:\spiele\far cry\bin32\farcry.exe | 
"UDP Query User{32BB6747-0314-42EF-BBD0-F90DAB902196}D:\spiele\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\spiele\xfire\xfire.exe | 
"UDP Query User{41725B82-B5C0-4AE4-A34A-B7869BD6E06B}D:\spiele\medal of honor pacific assault\mohpa.exe" = protocol=17 | dir=in | app=d:\spiele\medal of honor pacific assault\mohpa.exe | 
"UDP Query User{46F9ACF4-97D7-465A-9A7F-11828461FF63}D:\spiele\call of duty 4\admin\modernrcon_v0.8.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 4\admin\modernrcon_v0.8.exe | 
"UDP Query User{52B681E8-30DE-41C7-BDDD-C3D162FB565A}D:\spiele\pes 2011\pes2011.exe" = protocol=17 | dir=in | app=d:\spiele\pes 2011\pes2011.exe | 
"UDP Query User{5A20F2E0-7C25-47E3-86F9-3347E336577C}D:\spiele\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=d:\spiele\battlefield 1942\bf1942.exe | 
"UDP Query User{60B7F24E-6E46-4BA9-9382-A7E52870B1D7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{61DD9F0F-AE2B-4A24-84E0-43BC5BE80864}D:\spiele\call of duty 4\iw3mp.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"UDP Query User{6DB1A4F4-76E0-4A4D-B78E-0061D3A9794A}D:\spielemohaa\mohaa.exe" = protocol=17 | dir=in | app=d:\spielemohaa\mohaa.exe | 
"UDP Query User{6F5FABCE-1AE1-482B-843A-BBE7F95F75E6}D:\spiele\pro evolution soccer 2009\pes2009.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2009\pes2009.exe | 
"UDP Query User{777F1ED2-2685-4AA9-B50A-CA43C0E0974E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{8DD4F691-2184-4A30-9885-8A74F377B0DA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{8E36D74D-2494-4002-A324-A0B74B7C46B8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{A0698C70-7ED7-4F4C-9328-7B89FF0E8AB3}D:\spiele\pes 2008\pes2008.exe" = protocol=17 | dir=in | app=d:\spiele\pes 2008\pes2008.exe | 
"UDP Query User{BC16AC66-2F4D-4FD5-9F24-82557C7626CF}D:\spiele\pro evolution soccer 6\pes6.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 6\pes6.exe | 
"UDP Query User{C2556B6A-B4A0-43BB-9C5E-FBD6C68DF75A}D:\spiele\anno 1701\anno1701.exe" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701.exe | 
"UDP Query User{D49E23FD-4938-4B1E-84E3-BB8BFBFE665A}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"UDP Query User{D4C87391-964C-4794-AC9C-260D2CA029F6}D:\tobit clipinc\player\clipinc-player.exe" = protocol=17 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe | 
"UDP Query User{E7D3BC8A-F145-4F79-AAFA-B9419FA7E15C}D:\spiele\hidden & dangerous 2\hd2.exe" = protocol=17 | dir=in | app=d:\spiele\hidden & dangerous 2\hd2.exe | 
"UDP Query User{ECB0F7A5-6FD3-48CA-8417-9021B7E4FB43}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"UDP Query User{FD9EFF5E-8800-48EB-9186-D328672DC9DC}C:\users\maddin\desktop\pes2011.exe" = protocol=17 | dir=in | app=c:\users\maddin\desktop\pes2011.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D33BCF7-B5B6-4148-B888-9CC2EC208556}" = Konz 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.604
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE2F517-3EAC-4155-A832-EA969628FEC1}" = IronStorm
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}" = Steuer 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{66039B36-96AE-40D1-8A32-071F7A61B738}" = Microsoft LifeChat
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6E5BC38E-F22B-4197-00A2-CD8E58EF139C}" = Fussball Manager 2004
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{726DBFE3-BE2B-4FFA-9787-D6495765CFD2}" = Microsoft LifeCam
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{934528B2-09B3-C6E5-288A-4E554E6DF2B9}" = ATI Catalyst Install Manager
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{96E94E18-54D6-42C1-8FC4-24DACEDC3395}" = Nokia NSeries System Utilities
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A8C856AD-63CD-4613-AA29-E6C85607EA06}" = Nokia Software Launcher
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}" = Activision(R)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier
"{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager
"{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlecraft 19422.1" = Battlecraft 1942
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BUDNI Fotowelt" = BUDNI Fotowelt
"Cradle of Rome" = Cradle of Rome (remove only)
"Diablo II" = Diablo II
"F1CB0AC2D40DDCFCA6933082B115073476C155DE" = Windows-Treiberpaket - Nokia Modem (08/03/2007 3.2)
"Google Updater" = Google Updater
"Hidden & Dangerous 2 Patch" = Hidden & Dangerous 2 Patch
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}" = Konz 2012
"InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}" = Ein Quantum Trost(TM)
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mafia Game" = Mafia Game
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"MDT" = Battlefield Mod Development Toolkit 2.0 Beta
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ModernRcon v0.8" = ModernRcon v0.8
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Photo Viewer_is1" = Photo Viewer 2.0.2.5
"Poker Superstars II" = Poker Superstars II (remove only)
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky [v1.0004]
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tobit ClipInc Server" = Tobit.Software ClipInc.
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.0
"Virtual Villagers" = Virtual Villagers (remove only)
"Xfire" = Xfire (remove only)
"Zoo Tycoon 2" = Zoo Tycoon 2
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:05 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
[ System Events ]
Error - 16.07.2013 09:33:45 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 16.07.2013 09:33:45 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 17.07.2013 09:49:25 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 17.07.2013 09:49:25 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 21.07.2013 04:33:35 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 21.07.2013 04:33:35 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 31.07.2013 09:24:52 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 31.07.2013 09:24:52 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 01.08.2013 08:25:04 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 01.08.2013 08:25:04 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >

--- --- ---

wieder serve.bannersdontwork.com etc.

Plagegeister aller Art und deren Bekämpfung: wieder serve.bannersdontwork.com etc.

wieder serve.bannersdontwork.com etc.

Ähnliche Themen: wieder serve.bannersdontwork.com etc.