Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Skype Virus

Skype Virus


Plagegeister aller Art und deren Bekämpfung: Skype Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.05.2013, 18:22   #1
Bloodwolf
 
Skype Virus - Standard

Skype Virus


Ich habe mir einen Skype Virus gefangen

"Schönes Bild von dir aus Facebook"
Dann habe ich überreagiert und sofort (10 min später) Skype gelöscht !!!

Ist es damit erledigt ???

Bitte antwortet mir schnell

MFG: Daniel

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.05.2013 19:23:03 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sharkoon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,16 Gb Available Physical Memory | 77,01% Memory free
16,00 Gb Paging File | 13,95 Gb Available in Paging File | 87,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 221,00 Gb Free Space | 47,46% Space Free | Partition Type: NTFS
Drive D: | 7,14 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: SHARKOON-PC | User Name: Sharkoon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12070E11-7BF9-42ED-A004-606A853BB970}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1573F98C-4D2A-4AE7-99FF-C67B4149BB6A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1927F1F2-9545-44C9-B4F9-1AB711EF7B0B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{245C1275-7EDE-458E-8B3C-37A1DF064669}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2600F611-B271-4A89-9A95-B46461ABE037}" = rport=137 | protocol=17 | dir=out | app=system | 
"{321280AA-98C6-4CA5-939F-7F2E861EA23C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{338862DA-980B-428B-B0A6-7C2FBB252600}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{543B487D-EA99-4853-8876-00E38CE42414}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5622F08D-F437-4E87-B290-E401A80615A7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5F5BB48C-7F2A-47DF-A323-D2D5DFDC2098}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{73D1FCAA-1509-470D-AEFA-F72D4CCC4E3B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{78B3DED3-DF09-4E32-AB7E-3BD9B4759FF7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{85EBB738-5A45-478E-A2C2-8D99980E8C41}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{907E8A52-BD12-48C1-8A17-BCA49E7C9671}" = rport=139 | protocol=6 | dir=out | app=system | 
"{9E74840E-FFEA-4869-8FB3-07B9DD3D4E74}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C63A3319-A45B-4EA3-BCD9-60B42840FC96}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D7EA85BF-AA51-41B9-B157-1A0B9674BF69}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DE13A302-04D3-4CB1-B9D1-DFFF2DDF4D9A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E6A47A75-9900-4A7B-AAE9-E917B6D97578}" = lport=137 | protocol=17 | dir=in | app=system | 
"{EDF6FC7E-99A1-4E2A-8A19-2E81DE64D97A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{F04F19FC-9270-4D1A-8285-B4438432B83D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C98565-FC0C-4FD4-9BF2-CDCDFDD3A821}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battleforge\battleforge.exe | 
"{0C2303FD-02FD-49FA-889B-D8452E731C1B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{250D618C-36C9-4CC1-A459-E8D74DF51A11}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{29328342-58E9-4791-A465-82AB0ABD0B2C}" = protocol=6 | dir=out | app=system | 
"{2C5EFA3A-6B52-4FBD-A263-2160B1E176FB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{39180499-415E-4C7C-B3B6-6C66E2B9D8B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{39C42556-EDFB-4F6A-B00B-32EEE1B9C307}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{3C94ABDA-AB89-4252-8BB5-A87514B6FFB9}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{3CBB7168-1E62-433A-A101-E4AF400535C7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5230D2FC-A264-428C-A170-618E1D89A704}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{52A8322F-6800-4362-A9A8-C9A4E6A91A9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{55AD9BE8-B036-4042-964D-6BF34F1DE11D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{56469597-93BF-4E14-8E89-0AB13DB02E22}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{566C630F-F09E-45FE-A2F7-AA004A18C686}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battleforge\battleforge.exe | 
"{68D25F4D-DD10-4BA3-A2FC-181FD34C189A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{69D907D8-A4CD-43D5-B983-8AAB8218FD34}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6B072263-56D6-4C55-99D6-B5FD4D5A76E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{73C06602-12B8-4CFF-86C0-BBAF25870CEB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{76741112-0258-4849-B2ED-30CDA3E3CD3F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7BC62EE0-C4D1-4D90-ADA6-BB62BBBA8560}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{94997CF4-04FB-4E71-9F94-FB8D1F734F49}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battleforge\bootstrapper.exe | 
"{95FDAA3D-6611-4D8B-9576-9F95A7666215}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9A84F32F-CEE0-4B90-84DC-1EC2E5BC567F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9F960962-78B4-4AEF-907E-10A406516323}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B207EF06-3AD4-4842-8232-98BD06AD3FF3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B3586757-DA78-41C8-8562-BC3AE70E8531}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B8CA161A-07C7-46C5-9351-5E7A3F9BC6B7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battleforge\bootstrapper.exe | 
"{D5A50434-C016-4A31-89BC-4BA4D174023D}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{DC263411-E546-4CE4-A17E-20758697371D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E7915ACC-F38E-46E9-88F3-E6A334E22FA0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E8771503-C495-4AB4-A622-40B8ABDC5E80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{34CB81D2-EEAB-443E-BCC5-82FEB446F687}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{5E259832-3C28-44AC-8498-6B28A7E8C01E}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{6F043904-BCBF-4260-A05E-7EEBE9C7C920}C:\users\sharkoon\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\sharkoon\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{822A61C0-A2EA-45BC-830C-61AE24693525}C:\program files (x86)\ritual entertainment\heavy metal - fakk2\fakk2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ritual entertainment\heavy metal - fakk2\fakk2.exe | 
"TCP Query User{D215314A-D58A-4CD3-ABBB-232B932522DB}C:\users\sharkoon\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\sharkoon\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{027EB6EF-F2D8-4378-9EC8-309526024987}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{05A0FA5B-427E-426A-82AD-2C99EDB890E9}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{6D6CBA8B-0C5A-4594-89D2-0A1CD9AB8EAD}C:\users\sharkoon\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\sharkoon\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{B38B368C-7F71-4A3C-A4E2-97A4E1A10387}C:\program files (x86)\ritual entertainment\heavy metal - fakk2\fakk2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ritual entertainment\heavy metal - fakk2\fakk2.exe | 
"UDP Query User{CD6EC632-3594-4423-95B3-8F3C970A75DC}C:\users\sharkoon\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\sharkoon\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1C540622-4537-CD83-2050-FCB55D86F6F9}" = ccc-utility64
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{52D318E0-052E-C1FE-A996-170085A687EB}" = AMD Fuel
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E0594B1-AEB0-8CB4-0C08-D0FAAD98421B}" = AMD Catalyst Install Manager
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"CCleaner" = CCleaner
"EPSON SX218 Series" = EPSON SX218 Series Printer Uninstall
"GIMP-2_is1" = GIMP 2.8.4
"HWiNFO64_is1" = HWiNFO64 Version 4.16
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
"Zune" = Zune
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0C37D2D1-09B4-745F-35FA-F62E2692756A}" = Catalyst Control Center
"{1F805738-4F70-4A63-D8A9-EE82BF0DB711}" = CCC Help Hungarian
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{3DDD9BBC-DF3B-0A56-64FF-91EDA87790E2}" = Catalyst Control Center Localization All
"{4A7043DB-4A0E-F865-E712-DC79EC5ED02E}" = CCC Help Chinese Standard
"{4AF39752-A82C-0CDF-2E66-562F5E48F983}" = CCC Help Dutch
"{4BAE4C76-44C3-418F-B715-6BBF5A65323E}" = TL-WN851ND Driver
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5260F670-D1B9-4CB3-188E-9B33390C1B49}" = CCC Help Czech
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{565E4328-B303-8767-2087-AE37FAAC1470}" = CCC Help Norwegian
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5D12B5EE-7528-78C1-1C62-61FA95A331E9}" = CCC Help Swedish
"{5FB90FB1-6ABF-3820-CF49-61533492C2F9}" = CCC Help Turkish
"{6174A901-423D-83CC-B550-C42D62928D46}" = CCC Help Italian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7636F423-291D-1E63-D12A-29B3D38EB724}" = CCC Help Polish
"{82B971B1-6B0F-4D9B-6333-2EDA78C509D0}" = CCC Help Thai
"{832C2AE6-D965-B6E7-3AEB-18BBF80CC752}" = CCC Help Russian
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{88B1A53B-2725-2549-B853-3B606B1F3180}" = CCC Help Danish
"{8A4A80C2-87B1-44FB-BC24-9168930EB150}" = RAIDXpert
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D71FBF0-19F1-0348-8E4C-5ADFA3CC55F1}" = Catalyst Control Center Graphics Previews Common
"{920FD23C-F37B-15F5-AC70-F07FE35F2785}" = CCC Help Spanish
"{9692A29E-CC4A-043C-C4F2-59FF0E108542}" = CCC Help Portuguese
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{ACD51882-DA53-23E7-52C0-F8514773B5EC}" = CCC Help Finnish
"{B2D620CA-9496-7EB2-A130-AAFAC2BF26A4}" = CCC Help Korean
"{B563C32F-E39D-DF6C-3BDD-8639715D9D18}" = CCC Help Japanese
"{B85EE084-4AC9-BD22-113C-3A95937E4777}" = CCC Help French
"{B95FE810-FC05-83A5-503E-41A2D1788DBF}" = CCC Help English
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{D3748ECB-28FA-8A8F-8947-1E499B97F021}" = CCC Help German
"{DB35FFD8-2B55-D0DE-F2CC-00A087500F44}" = CCC Help Chinese Traditional
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EC42C2EB-CB08-5E6D-9764-395A30077301}" = CCC Help Greek
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA176955-8F37-EA7C-B607-76FCA407D3C6}" = Catalyst Control Center InstallProxy
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Combat Arms EU" = Combat Arms EU
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"GTA IV Vehicle Mod Installer v1.2_is1" = GTA IV Vehicle Mod Installer v1.2
"InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}" = RAIDXpert
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PhotoScape" = PhotoScape
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"UT2003" = Unreal Tournament 2003
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.05.2013 07:42:53 | Computer Name = Sharkoon-PC | Source = Application Hang | ID = 1002
Description = Programm Neuz.exe, Version 3.8.22.1 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 5a0    Startzeit: 
01ce4f04c381776a    Endzeit: 337    Anwendungspfad: C:\Users\Sharkoon\Desktop\Final Core
 Client\Neuz.exe    Berichts-ID: 131e4197-baf9-11e2-bb04-fcbe2afc8cfd  
 
Error - 12.05.2013 10:08:52 | Computer Name = Sharkoon-PC | Source = Application Hang | ID = 1002
Description = Programm Neuz.exe, Version 3.8.22.1 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 8d4    Startzeit: 
01ce4f11d29d66c8    Endzeit: 441    Anwendungspfad: C:\Users\Sharkoon\Desktop\Final Core
 Client\Neuz.exe    Berichts-ID: 770f761e-bb0d-11e2-bb04-fcbe2afc8cfd  
 
Error - 17.05.2013 10:00:05 | Computer Name = Sharkoon-PC | Source = Application Hang | ID = 1002
Description = Programm Neuz.exe, Version 3.8.22.1 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 11a8    Startzeit:
 01ce53068de8c10a    Endzeit: 300    Anwendungspfad: C:\Users\Sharkoon\Desktop\Inside Flyff
 v20 german client\Inside Flyff v20 german client\Neuz.exe    Berichts-ID: 11d0d4ab-befa-11e2-bca0-844ccfd91cb9

 
Error - 17.05.2013 12:23:31 | Computer Name = Sharkoon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
 0x48762a8a  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0x4d4  Startzeit der fehlerhaften Anwendung: 0x01ce5311887845c4  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Euro Truck Simulator\game.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: 1cdf2770-bf0e-11e2-bca0-844ccfd91cb9
 
Error - 17.05.2013 13:31:17 | Computer Name = Sharkoon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
 0x48762a8a  Name des fehlerhaften Moduls: game.exe, Version: 1.0.0.0, Zeitstempel:
 0x48762a8a  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000d661  ID des fehlerhaften Prozesses:
 0xa7c  Startzeit der fehlerhaften Anwendung: 0x01ce531d8ef37035  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Euro Truck Simulator\game.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Euro Truck Simulator\game.exe  Berichtskennung: 945c5782-bf17-11e2-bca0-844ccfd91cb9
 
Error - 18.05.2013 10:26:17 | Computer Name = Sharkoon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
 0x48762a8a  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0x63c  Startzeit der fehlerhaften Anwendung: 0x01ce53d356034d44  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Euro Truck Simulator\game.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: e6b5d759-bfc6-11e2-9764-db6366220cf9
 
Error - 18.05.2013 11:46:13 | Computer Name = Sharkoon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
 0x48762a8a  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0x1080  Startzeit der fehlerhaften Anwendung: 0x01ce53d4cd5f46bd  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Euro Truck Simulator\game.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: 115337a5-bfd2-11e2-9764-db6366220cf9
 
Error - 20.05.2013 05:09:40 | Computer Name = Sharkoon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.7.0, Zeitstempel:
 0x4bd9efbe  Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.7.0, Zeitstempel:
 0x4bd9efbe  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0039ee4d  ID des fehlerhaften Prozesses:
 0x408  Startzeit der fehlerhaften Anwendung: 0x01ce5536fbe0e68d  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Rockstar Games\Grand Theft Auto
 IV\GTAIV.exe  Berichtskennung: ffe22a09-c12c-11e2-ba5d-eb4a51a355fa
 
Error - 20.05.2013 06:01:17 | Computer Name = Sharkoon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.7.0, Zeitstempel:
 0x4bd9efbe  Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.7.0, Zeitstempel:
 0x4bd9efbe  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0019a260  ID des fehlerhaften Prozesses:
 0x470  Startzeit der fehlerhaften Anwendung: 0x01ce5539db14807a  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Rockstar Games\Grand Theft Auto
 IV\GTAIV.exe  Berichtskennung: 366ae6ba-c134-11e2-ba5d-eb4a51a355fa
 
Error - 21.05.2013 12:48:02 | Computer Name = Sharkoon-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Sharkoon\Downloads\SoftonicDownloader_fuer_surgeon-simulator-2013.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
[ System Events ]
Error - 01.05.2013 05:17:00 | Computer Name = Sharkoon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 01.05.2013 11:36:34 | Computer Name = Sharkoon-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?05.?2013 um 17:35:03 unerwartet heruntergefahren.
 
Error - 04.05.2013 02:12:01 | Computer Name = Sharkoon-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 07.05.2013 10:42:50 | Computer Name = Sharkoon-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 07.05.2013 10:42:50 | Computer Name = Sharkoon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 10.05.2013 02:43:31 | Computer Name = Sharkoon-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Zune Windows Mobile Connectivity Service" wurde unerwartet
 beendet. Dies ist bereits 1 Mal passiert.
 
Error - 12.05.2013 06:42:24 | Computer Name = Sharkoon-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 19.05.2013 09:13:04 | Computer Name = Sharkoon-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 20.05.2013 03:26:25 | Computer Name = Sharkoon-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 21.05.2013 13:16:40 | Computer Name = Sharkoon-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?05.?2013 um 19:15:10 unerwartet heruntergefahren.
 
 
< End of report >
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.05.2013 19:23:03 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sharkoon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,16 Gb Available Physical Memory | 77,01% Memory free
16,00 Gb Paging File | 13,95 Gb Available in Paging File | 87,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 221,00 Gb Free Space | 47,46% Space Free | Partition Type: NTFS
Drive D: | 7,14 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: SHARKOON-PC | User Name: Sharkoon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sharkoon\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Sharkoon\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\Sharkoon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Fraps\fraps.exe (Beepa P/L)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\SysWOW64\WinMsgBalloonClient.exe (AMD)
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
PRC - C:\Windows\SysWOW64\WinMsgBalloonServer.exe (AMD)
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe (AMD)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Sharkoon\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AMD_RAIDXpert) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
SRV - (ZuneWlanCfgSvc) -- C:\Programme\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Programme\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Programme\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (HWiNFO32) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (AODDriver4.2) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=34B4A0F3C182DF1E
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E DA 73 D3 7F 37 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=120519&babsrc=SP_ss&mntrId=34B4A0F3C182DF1E
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.04.12 15:17:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharkoon\AppData\Roaming\mozilla\Extensions
[2013.04.21 18:24:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharkoon\AppData\Roaming\mozilla\Firefox\Profiles\5wh39cxd.default\extensions
[2013.04.21 18:21:18 | 000,001,294 | ---- | M] () -- C:\Users\Sharkoon\AppData\Roaming\mozilla\firefox\profiles\5wh39cxd.default\searchplugins\delta.xml
[2013.05.19 18:06:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.19 18:06:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.04.21 18:21:11 | 000,006,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [cafbbebffbdsacfsfdsf] C:\ProgramData\cafbbebffbdsacfsfdsf.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Sharkoon\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Sharkoon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6E3D00E-7DA6-474F-9745-3115E8D238D9}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.10 09:50:04 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{be69f3bc-a36f-11e2-a245-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{be69f3bc-a36f-11e2-a245-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.11.10 09:50:04 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.21 17:14:27 | 000,000,000 | ---D | C] -- C:\Download
[2013.05.21 17:14:21 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2013.05.19 18:13:30 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Desktop\Musik
[2013.05.19 18:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.17 17:02:40 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Documents\Euro Truck Simulator
[2013.05.17 17:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator
[2013.05.17 17:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator
[2013.05.17 16:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator
[2013.05.16 17:02:08 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\Spotify
[2013.05.16 17:01:50 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Spotify
[2013.05.15 17:25:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.15 17:25:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.15 17:25:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 17:25:26 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.15 17:25:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.15 17:25:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 17:25:26 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.15 17:25:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.15 17:25:25 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 17:25:25 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.15 17:25:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.15 17:25:25 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 17:25:24 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 17:25:24 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 17:25:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.15 16:16:38 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 16:16:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 16:16:32 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 16:16:32 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 16:16:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 16:16:32 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 16:16:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.10 19:46:05 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.05.10 19:46:05 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.05.10 19:46:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.05.10 19:46:05 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.05.10 19:46:05 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.05.10 19:46:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.05.10 19:46:05 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.05.10 19:46:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.05.10 19:46:04 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.05.10 19:46:04 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.05.10 19:46:04 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.05.10 19:46:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.05.10 19:46:04 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.05.10 19:46:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.05.10 19:46:04 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.05.10 19:46:04 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.05.10 19:46:04 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.05.10 19:46:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.05.10 19:46:04 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.05.10 19:46:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.05.10 19:46:03 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.05.10 19:46:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.05.10 19:46:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.05.10 19:46:03 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.05.10 19:46:03 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.05.10 19:46:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.05.10 19:46:02 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.05.10 19:46:02 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.05.10 19:46:02 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.05.10 19:46:02 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.05.10 19:46:02 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.05.10 19:46:02 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.05.10 19:46:02 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.05.10 19:46:02 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.05.10 19:46:02 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.05.10 19:46:01 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.05.10 19:46:01 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.05.10 19:46:01 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.05.10 19:46:01 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.05.10 19:46:01 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.05.10 19:46:01 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.05.10 19:46:00 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.05.10 19:46:00 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.05.10 19:46:00 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.05.10 19:46:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.05.10 19:46:00 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.05.10 19:45:59 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.05.10 19:45:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.05.10 19:45:59 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.05.10 19:45:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.05.10 19:45:59 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.05.10 19:45:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.05.10 19:45:58 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.05.10 19:45:58 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.05.10 19:45:58 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.05.10 19:45:58 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.05.10 19:45:58 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.05.10 19:45:58 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.05.10 19:45:58 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.05.10 19:45:58 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.05.10 19:45:57 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.05.10 19:45:57 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.05.10 19:45:57 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.05.10 19:45:57 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.05.10 19:45:57 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.05.10 19:45:57 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.05.10 19:45:57 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.05.10 19:45:57 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.05.09 21:06:53 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Desktop\Final Core Client
[2013.05.09 11:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.05.09 11:50:54 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\DVDVideoSoft
[2013.05.09 11:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.05.09 11:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.05.09 10:58:18 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\NVIDIA
[2013.05.08 14:40:37 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Desktop\PhotoScape
[2013.05.07 18:26:41 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\.thumbnails
[2013.05.07 18:25:02 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\fontconfig
[2013.05.07 18:25:01 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\gegl-0.2
[2013.05.07 18:25:01 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\.gimp-2.8
[2013.05.07 18:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.05.07 18:06:27 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\Programs
[2013.05.07 16:46:54 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.05.05 18:39:16 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\AMD
[2013.05.05 18:39:10 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\ATI
[2013.05.05 18:39:10 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\ATI
[2013.05.05 18:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.05.05 18:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.05.05 18:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.05.05 18:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.05.05 18:36:47 | 000,000,000 | ---D | C] -- C:\AMD
[2013.05.05 13:48:41 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\TS3Client
[2013.05.05 13:47:13 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.05.05 13:47:10 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\TeamSpeak 3 Client
[2013.05.05 09:54:06 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Desktop\Inside Flyff v20 german client
[2013.05.05 08:43:33 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Skype
[2013.05.05 08:43:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.05.01 11:18:34 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Documents\gothic3
[2013.05.01 11:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gothic III
[2013.04.27 13:18:42 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Sierra
[2013.04.27 13:18:42 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Documents\Empire Earth II
[2013.04.27 12:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2013.04.27 12:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra
[2013.04.22 20:13:42 | 000,000,000 | R--D | C] -- C:\Users\Sharkoon\Podcasts
[2013.04.22 20:13:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013.04.22 20:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2013.04.22 20:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2013.04.22 20:09:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.04.22 19:51:14 | 000,000,000 | ---D | C] -- C:\output
[2013.04.22 19:40:02 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\PhotoScape
[2013.04.22 19:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013.04.22 19:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.21 19:25:09 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 19:25:09 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 19:16:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.21 19:16:34 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.21 19:15:35 | 000,091,136 | ---- | M] () -- C:\ProgramData\cafbbebffbdsacfsfdsf.exe
[2013.05.21 19:15:33 | 000,071,680 | ---- | M] () -- C:\ProgramData\B442.exe
[2013.05.21 19:11:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.21 19:01:18 | 000,071,680 | ---- | M] () -- C:\ProgramData\A87F.exe
[2013.05.21 19:00:33 | 000,071,680 | ---- | M] () -- C:\ProgramData\F7D6.exe
[2013.05.21 18:49:31 | 000,000,936 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Dokument.rtf
[2013.05.21 18:46:19 | 000,071,680 | ---- | M] () -- C:\ProgramData\EC32.exe
[2013.05.21 18:45:33 | 000,071,680 | ---- | M] () -- C:\ProgramData\3B5B.exe
[2013.05.21 18:31:18 | 000,071,680 | ---- | M] () -- C:\ProgramData\2FC6.exe
[2013.05.21 18:30:33 | 000,071,680 | ---- | M] () -- C:\ProgramData\7E72.exe
[2013.05.21 18:18:13 | 000,000,574 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Bewerbungs-Deckblatt.rtf
[2013.05.21 17:43:10 | 000,001,630 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2013.05.21 17:14:21 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2013.05.21 17:14:21 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat
[2013.05.19 17:05:59 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.19 17:05:59 | 000,698,688 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.19 17:05:59 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.19 17:05:59 | 000,148,828 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.19 17:05:59 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.17 17:00:01 | 000,001,159 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Euro Truck Simulator.lnk
[2013.05.16 17:02:07 | 000,001,823 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Spotify.lnk
[2013.05.15 20:13:50 | 000,003,072 | -H-- | M] () -- C:\Users\Sharkoon\Desktop\photothumb.db
[2013.05.15 20:11:13 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 20:11:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.15 19:38:31 | 000,274,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.11 18:02:19 | 000,024,227 | ---- | M] () -- C:\Users\Sharkoon\Documents\Unbenannt.png
[2013.05.11 18:02:19 | 000,009,050 | ---- | M] () -- C:\Users\Sharkoon\AppData\Local\recently-used.xbel
[2013.05.10 15:33:40 | 000,000,222 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2013.05.09 11:51:00 | 000,001,398 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Free YouTube to MP3 Converter.lnk
[2013.05.07 16:46:43 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.05.05 18:38:56 | 000,007,604 | ---- | M] () -- C:\Users\Sharkoon\AppData\Local\Resmon.ResmonCfg
[2013.05.05 13:47:14 | 000,001,219 | ---- | M] () -- C:\Users\Sharkoon\Desktop\TeamSpeak 3 Client.lnk
[2013.05.01 11:18:13 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.05.01 11:18:13 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.05.01 11:15:22 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III starten.lnk
[2013.04.27 12:59:59 | 000,000,920 | ---- | M] () -- C:\Users\Public\Desktop\EMPIRE EARTH 2 starten.lnk
[2013.04.22 20:14:52 | 000,003,584 | ---- | M] () -- C:\Users\Sharkoon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.22 20:10:48 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2013.04.22 20:06:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2013.04.22 20:06:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.04.22 19:39:58 | 000,001,031 | ---- | M] () -- C:\Users\Sharkoon\Desktop\PhotoScape.lnk
 
========== Files Created - No Company Name ==========
 
[2013.05.21 19:15:33 | 000,071,680 | ---- | C] () -- C:\ProgramData\B442.exe
[2013.05.21 19:01:18 | 000,071,680 | ---- | C] () -- C:\ProgramData\A87F.exe
[2013.05.21 19:00:33 | 000,071,680 | ---- | C] () -- C:\ProgramData\F7D6.exe
[2013.05.21 18:49:31 | 000,000,936 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Dokument.rtf
[2013.05.21 18:46:18 | 000,071,680 | ---- | C] () -- C:\ProgramData\EC32.exe
[2013.05.21 18:45:33 | 000,071,680 | ---- | C] () -- C:\ProgramData\3B5B.exe
[2013.05.21 18:31:18 | 000,071,680 | ---- | C] () -- C:\ProgramData\2FC6.exe
[2013.05.21 18:30:32 | 000,071,680 | ---- | C] () -- C:\ProgramData\7E72.exe
[2013.05.21 18:30:30 | 000,091,136 | ---- | C] () -- C:\ProgramData\cafbbebffbdsacfsfdsf.exe
[2013.05.21 18:17:36 | 000,000,574 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Bewerbungs-Deckblatt.rtf
[2013.05.21 17:43:10 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2013.05.21 17:14:21 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat
[2013.05.17 17:00:01 | 000,001,159 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Euro Truck Simulator.lnk
[2013.05.16 17:02:08 | 000,001,809 | ---- | C] () -- C:\Users\Sharkoon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.05.16 17:02:07 | 000,001,823 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Spotify.lnk
[2013.05.11 18:02:19 | 000,024,227 | ---- | C] () -- C:\Users\Sharkoon\Documents\Unbenannt.png
[2013.05.11 18:02:19 | 000,009,050 | ---- | C] () -- C:\Users\Sharkoon\AppData\Local\recently-used.xbel
[2013.05.10 15:33:40 | 000,000,222 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2013.05.09 11:51:00 | 000,001,398 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Free YouTube to MP3 Converter.lnk
[2013.05.07 18:06:53 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.05.05 18:38:56 | 000,007,604 | ---- | C] () -- C:\Users\Sharkoon\AppData\Local\Resmon.ResmonCfg
[2013.05.05 13:47:14 | 000,001,219 | ---- | C] () -- C:\Users\Sharkoon\Desktop\TeamSpeak 3 Client.lnk
[2013.05.01 11:15:22 | 000,001,948 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III starten.lnk
[2013.05.01 11:14:46 | 000,088,480 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.05.01 11:14:46 | 000,046,400 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.04.27 12:59:59 | 000,000,920 | ---- | C] () -- C:\Users\Public\Desktop\EMPIRE EARTH 2 starten.lnk
[2013.04.22 20:14:52 | 000,003,584 | ---- | C] () -- C:\Users\Sharkoon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.22 20:10:48 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2013.04.22 20:06:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2013.04.22 20:06:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.04.22 19:42:37 | 000,003,072 | -H-- | C] () -- C:\Users\Sharkoon\Desktop\photothumb.db
[2013.04.22 19:39:58 | 000,001,031 | ---- | C] () -- C:\Users\Sharkoon\Desktop\PhotoScape.lnk
[2013.04.12 20:39:44 | 001,591,896 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.12 15:36:00 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\BeepApp.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2004.01.26 17:15:29 | 000,233,472 | R--- | C] () -- C:\Users\Sharkoon\AppData\Roaming\MafiaSetup.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
--- --- ---

 

Themen zu Skype Virus
bild, black, daniel, erledigt, facebook, gelöscht, grand theft auto, install.exe, min, richtlinie, schönes bild von dir aus facebook, skype, skype virus, sofort, spotify web helper, virus, worte


« Ist da.feedsportal.com Malware? | Der GVU...... »


Ähnliche Themen: Skype Virus


  1. Skype Virus "Your skype does not support extended icons"
    Log-Analyse und Auswertung - 10.10.2014 (15)
  2. Skype Zertifikat Problem a248.e.akamai.net wegen Werbung in Skype?
    Plagegeister aller Art und deren Bekämpfung - 05.03.2014 (3)
  3. Skype.exe wird ausgeführt obwohl Skype gar nicht installiert ist
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (4)
  4. Skype virus
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (11)
  5. Skype Virus
    Alles rund um Mac OSX & Linux - 27.06.2013 (8)
  6. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (69)
  7. Skype virus
    Log-Analyse und Auswertung - 23.05.2013 (61)
  8. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (3)
  9. Probleme mit Skype, Dev-C ++ und Internet, z.B. friert der Bildschirm während der Benutzung von Skype ein
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (17)
  10. TR/Crypt.ZPACK.Gen2 Virus in Program Files (x86)/Skype/Phone/Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (1)
  11. TR/Crypt.ZPACK.Gen 2 in C:\Programm Files (x86)\Skype\Phone\Skype.exe
    Log-Analyse und Auswertung - 27.02.2013 (15)
  12. Avira meldet: 'TR/Crypt.ZPACK.Gen2' [trojan] in der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
    Plagegeister aller Art und deren Bekämpfung - 08.12.2012 (2)
  13. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 04.12.2012 (8)
  14. Virus in Skype
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (4)
  15. TR/Crypt.ZPACK.Gen2 in C:\Program Files\Skype\Phone\Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 27.07.2012 (2)
  16. TR/Crypt.ZPACK.Gen2 - in Programme/Skype/Phone/Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 12.10.2011 (9)
  17. TR/Crypt.XPACK.Gen in C:\Programme\Skype\Phone\Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 24.10.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Skype Virus - Ich habe mir einen Skype Virus gefangen "Schönes Bild von dir aus Facebook" Dann habe ich überreagiert und sofort (10 min später) Skype gelöscht !!! Ist es damit erledigt ??? - Skype Virus...
Archiv
Du betrachtest: Skype Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131