Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Skypevirus wie entfernen?

Skypevirus wie entfernen?


Log-Analyse und Auswertung: Skypevirus wie entfernen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.05.2013, 20:45   #1
NextEpisode
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Hallo Leute ich bitte hier umhilfe,
weil ich mir aus lauter dusslichkeit einen Skype Virus eingefangen habe.
Nun habe ich schon in YT nachgeschaut wie ich diesen loskriege.
Hilft aber nichts kommt immer wieder.
Bin absolut neu hier und hoffe ihr könnt mir helfen.

Alt 24.05.2013, 21:20   #2
aharonov
/// TB-Ausbilder
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Hallo NextEpisode und

Mein Name ist Leo und ich werde dich durch die Bereinigung deines Rechners begleiten.

Eins vorneweg: Ich kann dir keine Garantien geben, dass ich alles finden werde. Bei schwerwiegenden Infektionen ist ein Formatieren und Neuinstallieren meist der schnellere und immer der sicherere Weg.
Wenn du dich für eine Bereinigung entscheidest, dann sollten wir gründlich vorgehen. Bleib also dran, bis ich dir eindeutig mitteile, dass wir fertig sind.
Auch wenn die auffälligen Symptome schon früh verschwinden, bedeutet das nicht, dass dein Rechner dann schon sauber und sicher ist.

Hinweise zum Ablauf
  • Du bekommst von mir jeweils eine individuell auf dich abgestimmte schrittweise Anleitung.
    • Lese diese Anweisungen immer zuerst vollständig durch und frag bei Unklarheiten nach, bevor du beginnst.
    • Arbeite die Anleitungen dann sorgfältig und in der angegebenen Reihenfolge ab und poste deine Rückmeldungen und Logfiles erst zum Schluss gesammelt in einer Antwort.
    • Füge den Inhalt der Logfiles wenn immer möglich innerhalb von Code-Tags in deine Antwort ein.
    • Sollten Probleme auftauchen, dann brich an dieser Stelle ab und schildere sie so gut wie möglich.
  • Es ist wichtig für mich, dass sich der Zustand deines Systems nicht plötzlich unvorhersehbar ändert:
    • Lasse keine Scanner oder Tools ohne Aufforderung laufen. Lösche nichts auf eigene Faust.
    • Installiere oder deinstalliere während der Bereinigung keine Software.

Los geht's:

Mach bitte die folgenden Scans, damit ich mir ein Bild der Lage machen kann:


Schritt 1

Downloade dir bitte defogger (von jpshortstuff) auf deinen Desktop.
  • Starte das Tool mit Doppelklick.
  • Klicke nun auf den Disable Button.
  • Bestätige diese Sicherheitsabfrage mit Ja.
  • Wenn der Scan beendet wurde (Finished), klicke auf OK.
  • Falls Defogger zu einem Neustart auffordert, bestätige dies mit OK.
  • Defogger erstellt auf dem Desktop eine Logdatei mit dem Namen defogger_disable.txt.
  • Nur falls Probleme aufgetreten sind, poste deren Inhalt mit deiner nächsten Antwort.
Klicke den Re-enable Button nicht ohne Anweisung!



Schritt 2

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.



Schritt 3

Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
  • Doppelklick auf die OTL.exe.
  • Unter Extra Registry, wähle bitte Use SafeList.
  • Setze den Haken bei Scan all Users.
  • Klicke nun auf Run Scan.
  • Wenn der Scan beendet ist, werden 2 Logfiles (OTL.txt und Extras.txt) erstellt.
  • Poste den Inhalt dieser Logfiles hier in den Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von Gmer
  • Logs von OTL
__________________

__________________
Alt 24.05.2013, 22:09   #3
NextEpisode
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Code:
ATTFilter
OTL logfile created on: 24.05.2013 22:57:52 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\FickDich\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
10,00 Gb Total Physical Memory | 7,52 Gb Available Physical Memory | 75,19% Memory free
20,00 Gb Paging File | 17,44 Gb Available in Paging File | 87,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 64,94 Gb Free Space | 21,79% Space Free | Partition Type: NTFS
 
Computer Name: FICKDICH-PC | User Name: FickDich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.24 22:42:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FickDich\Downloads\OTL.exe
PRC - [2013.05.10 22:07:36 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.03.03 22:15:36 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.10.23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.15 08:14:35 | 013,136,776 | ---- | M] () -- C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
MOD - [2013.05.10 22:07:36 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013.03.02 20:45:13 | 000,107,520 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.03.28 22:30:42 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.27 23:59:07 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.04.12 19:02:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.03 22:15:36 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.17 15:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012.12.10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.09.06 15:22:54 | 000,018,944 | ---- | M] (Hercules®) [Auto | Running] -- C:\Programme\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE -- (HerculesDJControlMP3)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012.04.26 11:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Programme\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.05.11 11:53:34 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.04.12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.03.02 20:44:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.10.30 15:49:32 | 000,238,960 | ---- | M] (© Guillemot R&D, 2012. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJBulk.sys -- (Bulk)
DRV:64bit: - [2012.10.30 15:49:30 | 000,271,216 | ---- | M] (© Guillemot R&D, 2012. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJMidi.sys -- (HDJMidi)
DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012.07.06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012.06.07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.05.22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012.04.18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012.04.18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011.12.15 20:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.11.03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.07.25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.22 03:00:00 | 001,293,824 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb4.sys -- (fwlanusb4)
DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009.08.21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.05.22 10:31:26 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130524.003\ex64.sys -- (NAVEX15)
DRV - [2013.05.22 10:31:26 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130524.003\eng64.sys -- (NAVENG)
DRV - [2013.05.10 14:53:10 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.05.10 14:53:10 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.05.09 15:38:12 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130523.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013.05.03 00:16:48 | 001,390,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www2.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=DACB00FFFEADF006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B D0 6F 73 9E 1E CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www2.delta-search.com/?q={searchTerms}&affID=119816&tt=gc_&babsrc=SP_ss&mntrId=DACB00FFFEADF006
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: toolbar_MYC3%40apn.ask.com:12.44960
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2013.05.11 11:29:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2013.05.24 11:33:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 19:02:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 19:02:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.03.05 20:36:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FickDich\AppData\Roaming\mozilla\Extensions
[2013.05.22 19:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FickDich\AppData\Roaming\mozilla\Firefox\Profiles\j4hrbad9.default\extensions
[2013.05.11 19:36:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\FickDich\AppData\Roaming\mozilla\Firefox\Profiles\j4hrbad9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013.03.10 19:39:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\FickDich\AppData\Roaming\mozilla\Firefox\Profiles\j4hrbad9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.04.26 09:13:04 | 000,436,015 | ---- | M] () (No name found) -- C:\Users\FickDich\AppData\Roaming\mozilla\firefox\profiles\j4hrbad9.default\extensions\toolbar_MYC3@apn.ask.com.xpi
[2013.05.10 16:56:03 | 000,006,505 | ---- | M] () -- C:\Users\FickDich\AppData\Roaming\mozilla\firefox\profiles\j4hrbad9.default\searchplugins\babylon.xml
[2013.05.10 16:56:16 | 000,001,294 | ---- | M] () -- C:\Users\FickDich\AppData\Roaming\mozilla\firefox\profiles\j4hrbad9.default\searchplugins\delta.xml
[2013.04.12 19:02:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.05.24 16:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions
[2013.05.24 16:41:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.04.12 19:02:30 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www2.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=DACB00FFFEADF006
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Google Docs = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: GFACE Experience Plugin = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol\0.29.0_0\
CHR - Extension: Norton Identity Protection = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.13.5_0\
CHR - Extension: Google Mail = C:\Users\FickDich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [cbfcdaeededcfsacfsfdsf] C:\ProgramData\cbfcdaeededcfsacfsfdsf.exe ()
O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72F9EB3D-4200-4378-A366-774DDFF4CD9E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3d575962-8346-11e2-9702-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3d575962-8346-11e2-9702-806e6f6e6963}\Shell\AutoRun\command - "" = E:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.24 22:27:25 | 000,000,000 | ---D | C] -- C:\Users\FickDich\M-4903-6930-1039-6940
[2013.05.24 15:09:49 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Enterpage by. Pineapple
[2013.05.24 15:09:49 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Enterpage by Teufels_03
[2013.05.24 02:12:54 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Fertiges Design
[2013.05.24 01:16:21 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Local\AskPartnerNetwork
[2013.05.23 23:54:46 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Vorstellung
[2013.05.23 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Windows 7 Kullananlar İçin
[2013.05.23 01:43:56 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Voma2 Client
[2013.05.22 19:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.05.22 19:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.05.22 19:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.05.22 19:16:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2013.05.22 19:15:56 | 000,519,304 | ---- | C] (Ask Partner Network) -- C:\Users\FickDich\Documents\APNSetup1.exe
[2013.05.22 19:15:56 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Local\ManyCam
[2013.05.22 19:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2013.05.22 19:15:53 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Roaming\ManyCam
[2013.05.22 19:15:52 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2013.05.22 19:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2013.05.22 14:02:56 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Documents\Navicat
[2013.05.22 14:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
[2013.05.22 14:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PremiumSoft
[2013.05.22 13:31:57 | 000,000,000 | ---D | C] -- C:\Users\FickDich\VirtualBox VMs
[2013.05.22 13:31:15 | 000,000,000 | ---D | C] -- C:\Users\FickDich\.VirtualBox
[2013.05.22 13:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.05.22 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.05.22 12:01:44 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Local\Diagnostics
[2013.05.21 16:04:27 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\ZSK
[2013.05.20 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\ichphone
[2013.05.15 23:17:18 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 23:17:18 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 23:17:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.15 23:17:17 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 23:17:17 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.15 23:17:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.15 23:17:17 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.15 23:17:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.15 23:17:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.15 23:17:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.15 23:17:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.15 23:17:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.15 23:17:15 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 23:17:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 23:17:15 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 21:41:43 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Roaming\TS3Client
[2013.05.15 21:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.05.15 21:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013.05.15 20:09:40 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 20:09:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 20:09:24 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 20:09:24 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 20:09:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 20:09:24 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 20:09:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.11 22:21:53 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2013.05.11 22:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.05.11 22:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.05.11 22:21:17 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Local\LogMeIn Hamachi
[2013.05.11 21:28:00 | 001,129,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys
[2013.05.11 21:28:00 | 000,737,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys
[2013.05.11 21:28:00 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys
[2013.05.11 21:28:00 | 000,405,624 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys
[2013.05.11 21:28:00 | 000,190,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys
[2013.05.11 21:28:00 | 000,167,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys
[2013.05.11 21:28:00 | 000,037,536 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys
[2013.05.11 21:27:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E
[2013.05.11 12:09:13 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\Metin2 Render V.1 ~ By Sora
[2013.05.10 22:08:45 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\League of Legends
[2013.05.10 22:07:39 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Local\PMB Files
[2013.05.10 22:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.05.10 16:56:46 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Local Settings
[2013.05.10 16:55:54 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Roaming\Babylon
[2013.05.10 16:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.05.10 08:55:33 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.05.10 08:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.05.10 08:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013.05.10 08:54:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013.05.10 08:54:55 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013.05.10 08:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013.05.10 08:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013.05.06 16:55:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2013.05.06 16:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2013.05.06 14:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.05.06 14:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.05.06 14:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.05.06 14:35:05 | 000,000,000 | ---D | C] -- C:\AMD
[2013.05.05 21:13:04 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Heaven
[2013.05.05 21:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
[2013.05.05 21:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2013.05.05 20:39:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.05.05 20:39:09 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013.05.05 20:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2013.04.30 18:05:38 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.30 18:05:38 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.30 18:05:38 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.30 18:05:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.30 18:05:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.30 18:05:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.30 18:05:38 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.30 18:05:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.30 18:05:37 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.30 18:05:37 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.30 18:05:37 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.30 18:05:37 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.30 18:05:37 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.30 18:05:37 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.30 18:05:37 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.30 18:05:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.30 18:05:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.30 18:05:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.30 18:05:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.30 18:05:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.30 18:05:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.30 18:05:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.30 18:05:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.30 18:05:37 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.30 18:05:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.30 18:05:36 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.30 18:05:36 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.30 18:05:36 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.30 18:05:36 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.30 18:05:36 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.30 18:05:36 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.30 18:05:36 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.30 18:05:36 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.30 18:05:36 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.30 18:05:36 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.30 18:05:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.30 18:05:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.30 18:05:36 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.30 18:05:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.30 18:05:36 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.30 18:05:36 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.30 18:05:36 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.30 18:05:35 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.30 18:05:35 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.30 18:05:35 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.30 18:05:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.30 18:05:35 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.30 18:05:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.30 18:05:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.30 18:05:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.30 18:05:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.30 18:05:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.30 18:05:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.30 18:03:03 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.04.30 18:03:03 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.04.30 18:03:03 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.04.30 18:03:03 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.04.30 18:03:03 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.04.30 18:03:03 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.04.30 18:03:03 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.04.30 18:03:03 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.04.30 18:03:03 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.04.30 18:03:03 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.04.30 18:03:03 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.04.30 18:03:03 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.04.30 18:03:03 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.04.30 18:03:03 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.04.30 18:03:03 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.04.30 18:03:03 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.04.30 18:03:03 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.04.30 18:03:03 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.04.30 18:03:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.04.30 18:03:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.04.30 18:03:03 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.04.30 18:03:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.30 18:03:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.30 18:03:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.30 18:03:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.30 18:03:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.04.30 18:03:02 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.04.29 15:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
[2013.04.29 15:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\MTA San Andreas All
[2013.04.29 15:07:13 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Documents\GTA San Andreas User Files
[2013.04.29 15:03:56 | 000,000,000 | ---D | C] -- C:\Users\FickDich\Desktop\GTA SAN ANDREAS
[2013.04.27 23:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2013.04.27 23:59:11 | 000,000,000 | ---D | C] -- C:\Users\FickDich\AppData\Roaming\Yahoo!
[2013.04.27 23:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2013.04.27 23:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013.04.27 23:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2013.04.21 17:55:52 | 000,040,445 | ---- | C] (Beepa Pty Ltd) -- C:\Program Files\uninstall.exe
[2012.08.30 15:20:14 | 002,550,968 | ---- | C] (Beepa P/L) -- C:\Program Files\fraps.exe
[2012.08.30 15:20:14 | 000,234,168 | ---- | C] (Beepa P/L) -- C:\Program Files\fraps32.dll
[2012.08.30 15:20:14 | 000,186,552 | ---- | C] (Beepa P/L) -- C:\Program Files\fraps64.dll
[2012.08.30 15:20:14 | 000,068,792 | ---- | C] (Beepa P/L) -- C:\Program Files\fraps64.dat
[2012.08.30 15:17:20 | 000,140,288 | ---- | C] (Beepa P/L) -- C:\Program Files\frapslcd.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.24 22:59:45 | 000,111,616 | ---- | M] () -- C:\ProgramData\cbfcdaeededcfsacfsfdsf.exe
[2013.05.24 22:43:14 | 000,000,178 | ---- | M] () -- C:\Users\FickDich\defogger_reenable
[2013.05.24 22:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.24 22:13:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.24 22:12:22 | 000,090,112 | ---- | M] () -- C:\ProgramData\F4B6.exe
[2013.05.24 21:57:21 | 000,090,112 | ---- | M] () -- C:\ProgramData\35E9.exe
[2013.05.24 21:42:21 | 000,090,112 | ---- | M] () -- C:\ProgramData\794F.exe
[2013.05.24 21:27:26 | 000,090,112 | ---- | M] () -- C:\ProgramData\BC28.exe
[2013.05.24 21:12:19 | 000,090,112 | ---- | M] () -- C:\ProgramData\F7A1.exe
[2013.05.24 21:02:02 | 018,284,252 | ---- | M] () -- C:\Users\FickDich\Desktop\Vorstellung.rar
[2013.05.24 21:01:56 | 015,447,018 | ---- | M] () -- C:\Users\FickDich\Desktop\Fertiges Design.rar
[2013.05.24 20:57:17 | 000,090,112 | ---- | M] () -- C:\ProgramData\3434.exe
[2013.05.24 20:42:16 | 000,090,112 | ---- | M] () -- C:\ProgramData\7799.exe
[2013.05.24 19:09:36 | 000,846,464 | ---- | M] () -- C:\Users\FickDich\Desktop\ein ingame bild nuuuur für dich gerade gemacht x3 client komplett fixxed!.PNG
[2013.05.24 18:56:21 | 000,418,342 | ---- | M] () -- C:\Users\FickDich\Desktop\lncgg.jpg
[2013.05.24 15:11:06 | 002,704,691 | ---- | M] () -- C:\Users\FickDich\Desktop\Enterpage by. Pineapple.rar
[2013.05.24 12:48:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.24 12:48:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013.05.24 11:41:17 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 11:41:17 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 11:33:39 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.24 11:33:07 | 004,900,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.24 11:32:35 | 3757,449,215 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.24 03:59:42 | 000,163,267 | ---- | M] () -- C:\Users\FickDich\Desktop\24052013022320379.png
[2013.05.24 01:56:36 | 000,251,988 | ---- | M] () -- C:\Users\FickDich\Desktop\vorstellung3.jpg
[2013.05.24 00:56:25 | 000,328,831 | ---- | M] () -- C:\Users\FickDich\Desktop\vorstellung2.jpg
[2013.05.24 00:29:29 | 000,262,960 | ---- | M] () -- C:\Users\FickDich\Desktop\Vorstelluung.jpg
[2013.05.23 20:18:21 | 000,477,181 | ---- | M] () -- C:\Users\FickDich\Desktop\Unbenannt-2.jpg
[2013.05.23 20:14:50 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2013.05.22 19:16:30 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\ManyCam.lnk
[2013.05.22 19:16:26 | 001,646,467 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\Cat.DB
[2013.05.22 14:01:08 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Navicat Lite.lnk
[2013.05.22 13:30:48 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.05.15 23:15:47 | 001,591,896 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.15 23:15:47 | 000,698,780 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.15 23:15:47 | 000,653,618 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.15 23:15:47 | 000,148,920 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.15 23:15:47 | 000,121,490 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.15 23:15:39 | 001,591,896 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.15 21:05:27 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.05.15 13:22:26 | 000,064,851 | ---- | M] () -- C:\Users\FickDich\Desktop\535766_483789658349488_1500245507_n (1).jpg
[2013.05.12 10:35:55 | 000,002,501 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013.05.11 12:22:28 | 000,158,283 | ---- | M] () -- C:\Users\FickDich\Desktop\Unbenannt-1.jpg
[2013.05.11 11:53:34 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.05.11 11:53:34 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.05.11 11:53:34 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.05.10 22:09:46 | 000,000,414 | ---- | M] () -- C:\Users\FickDich\Desktop\Fortsetzen Download League of Legends.url
[2013.05.10 17:07:24 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.05.10 17:07:24 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.05.10 17:07:09 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.05.06 17:14:46 | 001,065,984 | ---- | M] () -- C:\Users\FickDich\AppData\Local\file__0.localstorage
[2013.05.06 16:55:33 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2013.05.05 21:07:32 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2013.05.05 20:39:13 | 000,001,086 | ---- | M] () -- C:\Users\FickDich\Desktop\MSI Afterburner.lnk
[2013.05.03 20:10:38 | 000,012,287 | ---- | M] () -- C:\Users\FickDich\Desktop\Special Announcement - AMD Gaming Evolved Never Settle Reloaded.html
[2013.05.02 20:19:03 | 000,000,222 | ---- | M] () -- C:\Users\FickDich\Desktop\Surgeon Simulator 2013.url
[2013.04.30 18:05:38 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.30 18:05:38 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.30 18:05:38 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.30 18:05:38 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.30 18:05:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.30 18:05:38 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.30 18:05:38 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.30 18:05:38 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.30 18:05:37 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.30 18:05:37 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.30 18:05:37 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.30 18:05:37 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.30 18:05:37 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.30 18:05:37 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.30 18:05:37 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.30 18:05:37 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.30 18:05:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.30 18:05:37 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.30 18:05:37 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.30 18:05:37 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.30 18:05:37 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.30 18:05:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.30 18:05:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.30 18:05:37 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.30 18:05:37 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.30 18:05:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.30 18:05:36 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.30 18:05:36 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.30 18:05:36 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.30 18:05:36 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.30 18:05:36 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.30 18:05:36 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.30 18:05:36 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.30 18:05:36 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.30 18:05:36 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.30 18:05:36 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.30 18:05:36 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.30 18:05:36 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.30 18:05:36 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.30 18:05:36 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.30 18:05:36 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.30 18:05:36 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.30 18:05:36 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.30 18:05:36 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.30 18:05:35 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.30 18:05:35 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.30 18:05:35 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.30 18:05:35 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.30 18:05:35 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.30 18:05:35 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.30 18:05:35 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.30 18:05:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.30 18:05:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.30 18:05:35 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.30 18:05:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.30 18:03:03 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.04.30 18:03:03 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.04.30 18:03:03 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.04.30 18:03:03 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.04.30 18:03:03 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.04.30 18:03:03 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.04.30 18:03:03 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.04.30 18:03:03 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.04.30 18:03:03 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.04.30 18:03:03 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.04.30 18:03:03 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.04.30 18:03:03 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.04.30 18:03:03 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.04.30 18:03:03 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.04.30 18:03:03 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.04.30 18:03:03 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.04.30 18:03:03 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.04.30 18:03:03 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.04.30 18:03:03 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.04.30 18:03:03 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.04.30 18:03:03 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.04.30 18:03:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.30 18:03:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.30 18:03:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.30 18:03:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.30 18:03:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.30 18:03:02 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.04.30 18:03:02 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.04.29 15:18:10 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
[2013.04.27 23:59:06 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.27 23:59:06 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.24 22:43:14 | 000,000,178 | ---- | C] () -- C:\Users\FickDich\defogger_reenable
[2013.05.24 22:12:21 | 000,090,112 | ---- | C] () -- C:\ProgramData\F4B6.exe
[2013.05.24 21:57:20 | 000,090,112 | ---- | C] () -- C:\ProgramData\35E9.exe
[2013.05.24 21:42:20 | 000,090,112 | ---- | C] () -- C:\ProgramData\794F.exe
[2013.05.24 21:27:25 | 000,090,112 | ---- | C] () -- C:\ProgramData\BC28.exe
[2013.05.24 21:12:17 | 000,090,112 | ---- | C] () -- C:\ProgramData\F7A1.exe
[2013.05.24 21:01:59 | 018,284,252 | ---- | C] () -- C:\Users\FickDich\Desktop\Vorstellung.rar
[2013.05.24 21:01:54 | 015,447,018 | ---- | C] () -- C:\Users\FickDich\Desktop\Fertiges Design.rar
[2013.05.24 20:57:16 | 000,090,112 | ---- | C] () -- C:\ProgramData\3434.exe
[2013.05.24 20:42:15 | 000,090,112 | ---- | C] () -- C:\ProgramData\7799.exe
[2013.05.24 20:42:14 | 000,111,616 | ---- | C] () -- C:\ProgramData\cbfcdaeededcfsacfsfdsf.exe
[2013.05.24 19:09:17 | 000,846,464 | ---- | C] () -- C:\Users\FickDich\Desktop\ein ingame bild nuuuur für dich gerade gemacht x3 client komplett fixxed!.PNG
[2013.05.24 18:56:21 | 000,418,342 | ---- | C] () -- C:\Users\FickDich\Desktop\lncgg.jpg
[2013.05.24 15:11:06 | 002,704,691 | ---- | C] () -- C:\Users\FickDich\Desktop\Enterpage by. Pineapple.rar
[2013.05.24 03:59:32 | 000,163,267 | ---- | C] () -- C:\Users\FickDich\Desktop\24052013022320379.png
[2013.05.24 01:56:35 | 000,251,988 | ---- | C] () -- C:\Users\FickDich\Desktop\vorstellung3.jpg
[2013.05.24 00:56:24 | 000,328,831 | ---- | C] () -- C:\Users\FickDich\Desktop\vorstellung2.jpg
[2013.05.24 00:29:27 | 000,262,960 | ---- | C] () -- C:\Users\FickDich\Desktop\Vorstelluung.jpg
[2013.05.23 20:18:19 | 000,477,181 | ---- | C] () -- C:\Users\FickDich\Desktop\Unbenannt-2.jpg
[2013.05.23 20:14:50 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2013.05.23 16:31:18 | 000,317,952 | ---- | C] () -- C:\Users\FickDich\Desktop\OSInject.exe
[2013.05.23 16:31:18 | 000,189,440 | ---- | C] () -- C:\Users\FickDich\Desktop\Hack DLL EPVP by .Infinity.dll
[2013.05.23 16:23:26 | 000,190,976 | ---- | C] () -- C:\Users\FickDich\Desktop\testhack.dll
[2013.05.22 19:16:29 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\ManyCam.lnk
[2013.05.22 14:01:08 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Navicat Lite.lnk
[2013.05.22 14:01:04 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2013.05.22 13:30:48 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.05.15 21:05:27 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.05.15 13:22:26 | 000,064,851 | ---- | C] () -- C:\Users\FickDich\Desktop\535766_483789658349488_1500245507_n (1).jpg
[2013.05.12 10:35:03 | 001,646,467 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\Cat.DB
[2013.05.11 21:28:00 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.cat
[2013.05.11 21:28:00 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnet64.cat
[2013.05.11 21:28:00 | 000,007,450 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\iron.cat
[2013.05.11 21:28:00 | 000,007,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.cat
[2013.05.11 21:28:00 | 000,007,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.cat
[2013.05.11 21:28:00 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.cat
[2013.05.11 21:28:00 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.cat
[2013.05.11 21:28:00 | 000,003,435 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa.inf
[2013.05.11 21:28:00 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds.inf
[2013.05.11 21:28:00 | 000,001,441 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnet.inf
[2013.05.11 21:28:00 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.inf
[2013.05.11 21:28:00 | 000,001,419 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.inf
[2013.05.11 21:28:00 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.inf
[2013.05.11 21:28:00 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\iron.inf
[2013.05.11 21:27:59 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symvtcer.dat
[2013.05.11 21:27:59 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\isolate.ini
[2013.05.11 12:22:26 | 000,158,283 | ---- | C] () -- C:\Users\FickDich\Desktop\Unbenannt-1.jpg
[2013.05.10 22:09:46 | 000,000,414 | ---- | C] () -- C:\Users\FickDich\Desktop\Fortsetzen Download League of Legends.url
[2013.05.10 08:55:33 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.05.10 08:55:33 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.05.10 08:55:27 | 000,002,501 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013.05.06 16:55:33 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2013.05.05 21:09:34 | 001,065,984 | ---- | C] () -- C:\Users\FickDich\AppData\Local\file__0.localstorage
[2013.05.05 21:07:32 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2013.05.05 20:39:13 | 000,001,086 | ---- | C] () -- C:\Users\FickDich\Desktop\MSI Afterburner.lnk
[2013.05.03 20:10:33 | 000,012,287 | ---- | C] () -- C:\Users\FickDich\Desktop\Special Announcement - AMD Gaming Evolved Never Settle Reloaded.html
[2013.05.02 20:19:03 | 000,000,222 | ---- | C] () -- C:\Users\FickDich\Desktop\Surgeon Simulator 2013.url
[2013.04.30 18:05:37 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.30 18:05:36 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.29 15:18:10 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
[2013.04.27 23:59:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.14 21:57:59 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2013.04.14 21:57:59 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2013.04.14 21:57:59 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2013.03.29 16:11:01 | 001,591,896 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.26 22:43:32 | 000,114,688 | ---- | C] () -- C:\Users\FickDich\AppData\Roaming\chrtmp
[2013.03.03 22:06:51 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.03 22:06:50 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.03 02:14:58 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013.03.03 02:00:18 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013.03.02 16:52:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.03.02 16:49:48 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.03.02 16:49:48 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.03.02 16:49:47 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.08.30 15:09:28 | 000,001,892 | ---- | C] () -- C:\Program Files\README.HTM
[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 1091 bytes -> C:\Users\FickDich\AppData\Local\Temp:mJUQggTJ6sDQjXXEo

< End of report >
__________________
Alt 24.05.2013, 22:10   #4
NextEpisode
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Code:
ATTFilter
OTL Extras logfile created on: 24.05.2013 22:57:52 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\FickDich\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
10,00 Gb Total Physical Memory | 7,52 Gb Available Physical Memory | 75,19% Memory free
20,00 Gb Paging File | 17,44 Gb Available in Paging File | 87,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 64,94 Gb Free Space | 21,79% Space Free | Partition Type: NTFS
 
Computer Name: FICKDICH-PC | User Name: FickDich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A57970E-9B9C-414A-8531-881FC1892855}" = rport=139 | protocol=6 | dir=out | app=system | 
"{0F8B10BE-B512-43DB-9B5B-FA9EDD09D046}" = rport=138 | protocol=17 | dir=out | app=system | 
"{145ECE50-FBF3-49F0-A24D-288A60139C61}" = rport=445 | protocol=6 | dir=out | app=system | 
"{1D2A5F80-8F55-4CAE-B155-D0BA4444C3FC}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3477F7A9-D46F-46BA-A381-B89F49E8076D}" = lport=57377 | protocol=17 | dir=in | name=pando media booster | 
"{35B29D31-9BD8-4800-90C2-8E2396CE2658}" = lport=137 | protocol=17 | dir=in | app=system | 
"{36D284A7-110C-4A8C-B5F1-FDECD1522615}" = lport=57377 | protocol=6 | dir=in | name=pando media booster | 
"{38D4F270-88FA-4456-AD0D-A651783A94B7}" = lport=57377 | protocol=17 | dir=in | name=pando media booster | 
"{39847371-B2A9-4772-ADE1-0FD1E022C891}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{438737C6-E65B-41DB-8219-C93DA2CEACF9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{57A1178F-967B-41D8-8B5C-5DF35DEDD228}" = lport=138 | protocol=17 | dir=in | app=system | 
"{59FF5343-83E0-4968-AAAC-5039F9B8E375}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{5D38815E-FF43-4C91-BA22-7EB2C83151BA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{711D3EE4-E1EE-4488-8D11-1D921524B528}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{786BC501-8F7A-49FD-9F19-BB2DE7EE547E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{85D8A1F6-22CC-419A-8645-9D59C5C22915}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8D98B43F-2D2B-4FCE-BD59-252DE186FDAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A0D56080-F5DD-4760-ADC5-B96652489510}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A19D8207-351F-4B3E-8997-9D3815A8AAB0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C0F498F2-3B85-47F7-BDE6-6ADEECB1CD8D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{CC323590-5E76-4EE1-A59C-3335A3AD45EA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D3C90CEA-AEDF-4B2A-8873-808C0A159224}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E8B77997-1D49-4796-A4ED-400F3D5BE37D}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{EF5827D8-886A-4559-8FE2-D9A5AB595516}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F0592D07-C3D4-4759-B7E8-67F7B0755A30}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{F643036D-B974-4146-BC05-0D52574E9409}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE2F4297-F7F9-445A-ACC9-3EF71B24ACFE}" = lport=57377 | protocol=6 | dir=in | name=pando media booster | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010F903F-2FE7-4827-9DBB-0A369D9B6442}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | 
"{03C5FA58-3028-4306-882F-53EDE1D21F9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{03EE940B-212F-40EE-BFFA-B81E4E1A63A2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{0AA42006-6816-4A6C-835E-4381C16A562A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{0ABCF163-5BB9-459E-A5CF-967701C3501B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{0E2D7DFE-B122-4C04-A966-3A04B52385B6}" = protocol=6 | dir=out | app=system | 
"{0F68BD40-2B01-41FB-ABD8-CD3011D9AE26}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{109E1891-65DD-4E97-8398-34556DC25939}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{138BE279-A62B-4ACB-81A8-B433BA55142B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{16C7D152-94F6-49C3-A1F5-5DD656AE6FEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{1C0CB0E8-87F5-45AA-8AE9-F7B91350D8F5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2B515A89-EFAB-4C15-BEF0-5699DE9CFA59}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2E40E0CB-E560-45FD-AFE5-DB841E1B504D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2F27BA94-08B9-41F9-994F-5F990133F512}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3359EE95-3126-464A-A9EE-75B9F98B8CDB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{35D8CD09-FF83-4DC8-9CE2-4A674C49E223}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{3A2B37DA-5824-45C5-AA6E-237BB2E73682}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3BAD77A5-D0BD-49C1-B671-E608481F87EF}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | 
"{3EAC94BB-FB41-4ED9-804C-243CB54245D6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{423D173F-0B6B-4EBB-9003-8A4134A9A6E9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{470142E8-481B-4D4E-9B6D-74F6EDA61E69}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{47BF15EC-E702-459A-B0A9-2DEF1A1BA0AE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{4D389625-CBDC-499C-862D-A1D361364955}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{4ED7BAB6-3D17-49DE-9591-06627EB6057C}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{4EF47EDC-6047-422A-A811-6969838B0624}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{4EF9A3F9-2370-4443-9C18-6D9D7333EB36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{556226B5-FA2D-4D1D-8CC8-A6260E0DC8B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{55790D07-1CFF-492B-9428-14A9FB81F9B1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{587E2A97-3A13-408A-AD01-D260B0C6E64C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{59D9B5DD-DE91-4454-B72C-4FCA4E46AEE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5CF34B0E-EB10-487C-838A-44EA05AF0F61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{5EAE68FB-3EA9-4541-9BC0-A559F45B1524}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\proflamer7\counter-strike source\hl2.exe | 
"{600D21EF-2D84-4DC0-8FC4-F328A2F25ED2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{6142CF75-708D-4CCE-A603-D0DC09BE5D69}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{621DA94C-80D6-4318-A06B-D6C0B9331D62}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{62281265-4F5C-494A-9D5B-CE0355AFDD02}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{62D54517-9E7C-4B3C-8C4F-CE77282803E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{67E89C98-52E4-4CD9-A6C7-A0AADDA451E2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{6E5F2C21-0F5C-4AF3-BEBC-D9898070B826}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{6F9431E8-F404-4656-849E-79E988E2F954}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{700D712B-1992-4498-B7E6-49E2096E5C16}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{7177B2E5-8391-4E38-92F5-4866317B8385}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7BBF0DC3-4BEC-4197-AF1C-D199B868EE5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7CA1E2D3-EB01-4F31-9B25-F3D57C99441E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{7FC56366-FD1F-4F9E-9FA8-A59D83F25C52}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{80D02BCA-B77E-4AD5-B3E3-54A4E1A6BD58}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe | 
"{8883C834-F987-4FF1-9F6D-489E966715EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | 
"{8EB79922-DFC8-4A0B-8049-DEFCF825F354}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{9721340C-2AE8-46A7-95FC-87B4D8CC5464}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\proflamer7\counter-strike source\hl2.exe | 
"{97E24CED-CF2D-4DDD-A31B-134B5AD30E06}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | 
"{98412823-3A9C-4838-B299-36ECD9F08B44}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | 
"{9B2F59FA-1642-4CE8-A94B-066629B5D238}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{9B4175A6-B2D5-4369-B64F-B04E62EBAF9F}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{9DA12057-12FF-4297-B6FE-BA3178709E1B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A2D716E7-3507-489D-AE05-55DCDB756D56}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B3E1F684-A0CD-446F-9BF8-6012712C0BD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{B500B0D8-D0F8-467C-B2CA-3F736EDB5126}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{BB99DA85-1F6D-403D-9347-A643C77B72BB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{C26E48B3-92D8-4BF0-BBED-929E116DE42F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{C6B16B78-B68A-4698-A8CA-1A53C6B2405E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C73487B1-5FCA-4C74-B8E7-9AF2B230A46A}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{CD11BBFB-4C50-466B-A757-831284C0155D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{CE1F40C0-CE07-4235-8EF8-B0528271F67C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CEB77877-8A63-4B2E-B4A2-9EE0FA42AC5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D2EFDD20-2E95-46F1-BE18-F12A75356042}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{DDE007F3-A543-422E-A095-F7ED531B5E5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DEEFFC94-1000-4C60-B739-243030E6E470}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{DFABDCEB-F9DE-4CBD-8E9F-AFBE680855DF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{E129799C-1EF8-423B-B59A-C24FD0E365D7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E66041A3-696D-4CBE-84B2-513F3B62C243}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe | 
"{E9EEEE63-BC5A-428C-B78E-3941DE23C154}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{EC5E6CFB-6F2E-480A-B135-271929D2C3BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{EC8A029F-3C4B-4941-A394-8594D98A1672}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{F1D9B46E-216C-4930-A6EB-FBB2A3BC6309}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{F6396D8B-740B-478D-BC94-C5D23BE9F721}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FC485575-6A26-44DB-9462-15408CDD95FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | 
"{FC96CA03-E9F7-4ECB-A6F1-FC44DCDD9BC8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{6BF50627-B538-4F57-BC58-B1BD9A671A09}C:\program files (x86)\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe | 
"TCP Query User{95686755-F2E2-42BE-A6B2-8670BD3D0C7D}C:\users\fickdich\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\fickdich\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{BE1648DC-5A0D-4AC9-A202-2D406947C08E}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{6CF660EF-CDFA-4C55-A1A6-3EF4A6689F0D}C:\program files (x86)\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe | 
"UDP Query User{E5F66372-6DB3-45A4-AB55-7BB007D44C93}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{F480345B-9F7B-47D4-935F-D71D7DB993BC}C:\users\fickdich\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\fickdich\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{0C1DE303-E41B-44BA-8ABA-B7F09D857001}" = Oracle VM VirtualBox 4.2.12
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{338CE2A1-7BD6-AC18-0069-4A90F7C3D836}" = AMD Steady Video Plug-In 
"{35BD87CD-1E57-A87E-53F0-62B9925F7B36}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6397820D-9FC6-774C-1EF5-CBA09049E426}" = AMD Fuel
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.64.0
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.22
"CyberGhost VPN_is1" = CyberGhost VPN
"HyperCam 2" = HyperCam 2
"Opera 12.14.1738" = Opera 12.14
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{42DCB650-F003-4535-A5CD-32AD815CD2DD}" = Play withSIX
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D594333-0076-A76A-76A7-A758B70B0802}" = Ask Toolbar
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7176B973-6011-43C1-AEBC-2D73FE7C6982}" = Adobe Premiere Pro CS6
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.1
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"AVMWLANCLI" = AVM FRITZ!WLAN
"BattlEye for OA" = BattlEye for OA Uninstall
"bi_uninstaller" = Bundled software uninstaller
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"DAEMON Tools Pro" = DAEMON Tools Pro
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"Gothic_Screenfun" = Gothic (SCREENFUN-DVD November 2005)
"LogMeIn Hamachi" = LogMeIn Hamachi
"ManyCam" = ManyCam 3.1.53
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.1
"NIS" = Norton Internet Security
"Notepad++" = Notepad++
"Origin" = Origin
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 10.0
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 203160" = Tomb Raider
"Steam App 233720" = Surgeon Simulator 2013
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 8870" = BioShock Infinite
"Unigine Heaven Benchmark (Basic Edition)_is1" = Heaven Benchmark version 4.0
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.05.2013 12:23:27 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mc.exe, Version: 0.0.0.0, Zeitstempel:
 0x482ac3b0  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000258  ID des fehlerhaften Prozesses:
 0x14f0  Startzeit der fehlerhaften Anwendung: 0x01ce5708ac1e7309  Pfad der fehlerhaften
 Anwendung: C:\Users\FickDich\Desktop\client dodified-client.v4.5 by '0x72967'@epvp\Modified-Client\mc.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: ee0b8648-c2fb-11e2-b644-bc054303e114
 
Error - 22.05.2013 12:25:19 | Computer Name = FickDich-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\FickDich\Downloads\SoftonicDownloader_fuer_windows-xp-mode.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 23.05.2013 07:02:04 | Computer Name = FickDich-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.05.2013 11:47:25 | Computer Name = FickDich-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.05.2013 19:16:57 | Computer Name = FickDich-PC | Source = Application Hang | ID = 1002
Description = Programm WinRAR.exe, Version 4.20.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1024    Startzeit:
 01ce580b72e04b05    Endzeit: 3    Anwendungspfad: C:\Program Files\WinRAR\WinRAR.exe    Berichts-ID:
 db00ace0-c3fe-11e2-872f-bc054303e114  
 
Error - 24.05.2013 05:34:23 | Computer Name = FickDich-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2013 14:42:33 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 7799.exe, Version: 0.0.0.0, Zeitstempel:
 0x519f9c66  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x1d94  Startzeit der fehlerhaften Anwendung: 0x01ce58ae6aa21c01  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\7799.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung:
 b16ed08e-c4a1-11e2-9570-bc054303e114
 
Error - 24.05.2013 14:44:45 | Computer Name = FickDich-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\FickDich\Downloads\SoftonicDownloader_fuer_windows-xp-mode.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 24.05.2013 15:27:36 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BC28.exe, Version: 0.0.0.0, Zeitstempel:
 0x519f9c66  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x13e0  Startzeit der fehlerhaften Anwendung: 0x01ce58b4b955236d  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\BC28.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung:
 fce00e46-c4a7-11e2-9570-bc054303e114
 
Error - 24.05.2013 15:42:30 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 794F.exe, Version: 0.0.0.0, Zeitstempel:
 0x519f9c66  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x13e0  Startzeit der fehlerhaften Anwendung: 0x01ce58b6ce93c8d4  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\794F.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung:
 11a2cb1c-c4aa-11e2-9570-bc054303e114
 
[ System Events ]
Error - 22.05.2013 18:35:58 | Computer Name = FickDich-PC | Source = BROWSER | ID = 8032
Description = 
 
Error - 23.05.2013 07:00:58 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 23.05.2013 11:46:03 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 23.05.2013 11:46:40 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Live ID Sign-in Assistant erreicht.
 
Error - 23.05.2013 11:46:40 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 23.05.2013 11:50:28 | Computer Name = FickDich-PC | Source = bowser | ID = 8003
Description = 
 
Error - 24.05.2013 05:33:21 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 24.05.2013 06:48:17 | Computer Name = FickDich-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 24.05.2013 10:38:35 | Computer Name = FickDich-PC | Source = bowser | ID = 8003
Description = 
 
Error - 24.05.2013 14:02:19 | Computer Name = FickDich-PC | Source = BROWSER | ID = 8032
Description = 
 
 
< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 24.05.2013 22:57:52 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\FickDich\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
10,00 Gb Total Physical Memory | 7,52 Gb Available Physical Memory | 75,19% Memory free
20,00 Gb Paging File | 17,44 Gb Available in Paging File | 87,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 64,94 Gb Free Space | 21,79% Space Free | Partition Type: NTFS
 
Computer Name: FICKDICH-PC | User Name: FickDich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A57970E-9B9C-414A-8531-881FC1892855}" = rport=139 | protocol=6 | dir=out | app=system | 
"{0F8B10BE-B512-43DB-9B5B-FA9EDD09D046}" = rport=138 | protocol=17 | dir=out | app=system | 
"{145ECE50-FBF3-49F0-A24D-288A60139C61}" = rport=445 | protocol=6 | dir=out | app=system | 
"{1D2A5F80-8F55-4CAE-B155-D0BA4444C3FC}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3477F7A9-D46F-46BA-A381-B89F49E8076D}" = lport=57377 | protocol=17 | dir=in | name=pando media booster | 
"{35B29D31-9BD8-4800-90C2-8E2396CE2658}" = lport=137 | protocol=17 | dir=in | app=system | 
"{36D284A7-110C-4A8C-B5F1-FDECD1522615}" = lport=57377 | protocol=6 | dir=in | name=pando media booster | 
"{38D4F270-88FA-4456-AD0D-A651783A94B7}" = lport=57377 | protocol=17 | dir=in | name=pando media booster | 
"{39847371-B2A9-4772-ADE1-0FD1E022C891}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{438737C6-E65B-41DB-8219-C93DA2CEACF9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{57A1178F-967B-41D8-8B5C-5DF35DEDD228}" = lport=138 | protocol=17 | dir=in | app=system | 
"{59FF5343-83E0-4968-AAAC-5039F9B8E375}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{5D38815E-FF43-4C91-BA22-7EB2C83151BA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{711D3EE4-E1EE-4488-8D11-1D921524B528}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{786BC501-8F7A-49FD-9F19-BB2DE7EE547E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{85D8A1F6-22CC-419A-8645-9D59C5C22915}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8D98B43F-2D2B-4FCE-BD59-252DE186FDAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A0D56080-F5DD-4760-ADC5-B96652489510}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A19D8207-351F-4B3E-8997-9D3815A8AAB0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C0F498F2-3B85-47F7-BDE6-6ADEECB1CD8D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{CC323590-5E76-4EE1-A59C-3335A3AD45EA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D3C90CEA-AEDF-4B2A-8873-808C0A159224}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E8B77997-1D49-4796-A4ED-400F3D5BE37D}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{EF5827D8-886A-4559-8FE2-D9A5AB595516}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F0592D07-C3D4-4759-B7E8-67F7B0755A30}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{F643036D-B974-4146-BC05-0D52574E9409}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE2F4297-F7F9-445A-ACC9-3EF71B24ACFE}" = lport=57377 | protocol=6 | dir=in | name=pando media booster | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010F903F-2FE7-4827-9DBB-0A369D9B6442}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | 
"{03C5FA58-3028-4306-882F-53EDE1D21F9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{03EE940B-212F-40EE-BFFA-B81E4E1A63A2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{0AA42006-6816-4A6C-835E-4381C16A562A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{0ABCF163-5BB9-459E-A5CF-967701C3501B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{0E2D7DFE-B122-4C04-A966-3A04B52385B6}" = protocol=6 | dir=out | app=system | 
"{0F68BD40-2B01-41FB-ABD8-CD3011D9AE26}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{109E1891-65DD-4E97-8398-34556DC25939}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{138BE279-A62B-4ACB-81A8-B433BA55142B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{16C7D152-94F6-49C3-A1F5-5DD656AE6FEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{1C0CB0E8-87F5-45AA-8AE9-F7B91350D8F5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2B515A89-EFAB-4C15-BEF0-5699DE9CFA59}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2E40E0CB-E560-45FD-AFE5-DB841E1B504D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2F27BA94-08B9-41F9-994F-5F990133F512}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3359EE95-3126-464A-A9EE-75B9F98B8CDB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{35D8CD09-FF83-4DC8-9CE2-4A674C49E223}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{3A2B37DA-5824-45C5-AA6E-237BB2E73682}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3BAD77A5-D0BD-49C1-B671-E608481F87EF}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | 
"{3EAC94BB-FB41-4ED9-804C-243CB54245D6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{423D173F-0B6B-4EBB-9003-8A4134A9A6E9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{470142E8-481B-4D4E-9B6D-74F6EDA61E69}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{47BF15EC-E702-459A-B0A9-2DEF1A1BA0AE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{4D389625-CBDC-499C-862D-A1D361364955}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{4ED7BAB6-3D17-49DE-9591-06627EB6057C}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{4EF47EDC-6047-422A-A811-6969838B0624}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{4EF9A3F9-2370-4443-9C18-6D9D7333EB36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{556226B5-FA2D-4D1D-8CC8-A6260E0DC8B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{55790D07-1CFF-492B-9428-14A9FB81F9B1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{587E2A97-3A13-408A-AD01-D260B0C6E64C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{59D9B5DD-DE91-4454-B72C-4FCA4E46AEE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5CF34B0E-EB10-487C-838A-44EA05AF0F61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{5EAE68FB-3EA9-4541-9BC0-A559F45B1524}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\proflamer7\counter-strike source\hl2.exe | 
"{600D21EF-2D84-4DC0-8FC4-F328A2F25ED2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{6142CF75-708D-4CCE-A603-D0DC09BE5D69}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{621DA94C-80D6-4318-A06B-D6C0B9331D62}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{62281265-4F5C-494A-9D5B-CE0355AFDD02}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{62D54517-9E7C-4B3C-8C4F-CE77282803E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{67E89C98-52E4-4CD9-A6C7-A0AADDA451E2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{6E5F2C21-0F5C-4AF3-BEBC-D9898070B826}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{6F9431E8-F404-4656-849E-79E988E2F954}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{700D712B-1992-4498-B7E6-49E2096E5C16}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{7177B2E5-8391-4E38-92F5-4866317B8385}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7BBF0DC3-4BEC-4197-AF1C-D199B868EE5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7CA1E2D3-EB01-4F31-9B25-F3D57C99441E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{7FC56366-FD1F-4F9E-9FA8-A59D83F25C52}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{80D02BCA-B77E-4AD5-B3E3-54A4E1A6BD58}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe | 
"{8883C834-F987-4FF1-9F6D-489E966715EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | 
"{8EB79922-DFC8-4A0B-8049-DEFCF825F354}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{9721340C-2AE8-46A7-95FC-87B4D8CC5464}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\proflamer7\counter-strike source\hl2.exe | 
"{97E24CED-CF2D-4DDD-A31B-134B5AD30E06}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | 
"{98412823-3A9C-4838-B299-36ECD9F08B44}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | 
"{9B2F59FA-1642-4CE8-A94B-066629B5D238}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{9B4175A6-B2D5-4369-B64F-B04E62EBAF9F}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{9DA12057-12FF-4297-B6FE-BA3178709E1B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A2D716E7-3507-489D-AE05-55DCDB756D56}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B3E1F684-A0CD-446F-9BF8-6012712C0BD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{B500B0D8-D0F8-467C-B2CA-3F736EDB5126}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{BB99DA85-1F6D-403D-9347-A643C77B72BB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{C26E48B3-92D8-4BF0-BBED-929E116DE42F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{C6B16B78-B68A-4698-A8CA-1A53C6B2405E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C73487B1-5FCA-4C74-B8E7-9AF2B230A46A}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{CD11BBFB-4C50-466B-A757-831284C0155D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{CE1F40C0-CE07-4235-8EF8-B0528271F67C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CEB77877-8A63-4B2E-B4A2-9EE0FA42AC5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D2EFDD20-2E95-46F1-BE18-F12A75356042}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{DDE007F3-A543-422E-A095-F7ED531B5E5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DEEFFC94-1000-4C60-B739-243030E6E470}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{DFABDCEB-F9DE-4CBD-8E9F-AFBE680855DF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{E129799C-1EF8-423B-B59A-C24FD0E365D7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E66041A3-696D-4CBE-84B2-513F3B62C243}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe | 
"{E9EEEE63-BC5A-428C-B78E-3941DE23C154}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{EC5E6CFB-6F2E-480A-B135-271929D2C3BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{EC8A029F-3C4B-4941-A394-8594D98A1672}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{F1D9B46E-216C-4930-A6EB-FBB2A3BC6309}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{F6396D8B-740B-478D-BC94-C5D23BE9F721}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FC485575-6A26-44DB-9462-15408CDD95FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | 
"{FC96CA03-E9F7-4ECB-A6F1-FC44DCDD9BC8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{6BF50627-B538-4F57-BC58-B1BD9A671A09}C:\program files (x86)\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe | 
"TCP Query User{95686755-F2E2-42BE-A6B2-8670BD3D0C7D}C:\users\fickdich\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\fickdich\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{BE1648DC-5A0D-4AC9-A202-2D406947C08E}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{6CF660EF-CDFA-4C55-A1A6-3EF4A6689F0D}C:\program files (x86)\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe | 
"UDP Query User{E5F66372-6DB3-45A4-AB55-7BB007D44C93}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{F480345B-9F7B-47D4-935F-D71D7DB993BC}C:\users\fickdich\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\fickdich\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{0C1DE303-E41B-44BA-8ABA-B7F09D857001}" = Oracle VM VirtualBox 4.2.12
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{338CE2A1-7BD6-AC18-0069-4A90F7C3D836}" = AMD Steady Video Plug-In 
"{35BD87CD-1E57-A87E-53F0-62B9925F7B36}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6397820D-9FC6-774C-1EF5-CBA09049E426}" = AMD Fuel
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.64.0
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.22
"CyberGhost VPN_is1" = CyberGhost VPN
"HyperCam 2" = HyperCam 2
"Opera 12.14.1738" = Opera 12.14
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{42DCB650-F003-4535-A5CD-32AD815CD2DD}" = Play withSIX
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D594333-0076-A76A-76A7-A758B70B0802}" = Ask Toolbar
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7176B973-6011-43C1-AEBC-2D73FE7C6982}" = Adobe Premiere Pro CS6
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.1
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"AVMWLANCLI" = AVM FRITZ!WLAN
"BattlEye for OA" = BattlEye for OA Uninstall
"bi_uninstaller" = Bundled software uninstaller
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"DAEMON Tools Pro" = DAEMON Tools Pro
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"Gothic_Screenfun" = Gothic (SCREENFUN-DVD November 2005)
"LogMeIn Hamachi" = LogMeIn Hamachi
"ManyCam" = ManyCam 3.1.53
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.1
"NIS" = Norton Internet Security
"Notepad++" = Notepad++
"Origin" = Origin
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 10.0
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 203160" = Tomb Raider
"Steam App 233720" = Surgeon Simulator 2013
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 8870" = BioShock Infinite
"Unigine Heaven Benchmark (Basic Edition)_is1" = Heaven Benchmark version 4.0
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.05.2013 12:23:27 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mc.exe, Version: 0.0.0.0, Zeitstempel:
 0x482ac3b0  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000258  ID des fehlerhaften Prozesses:
 0x14f0  Startzeit der fehlerhaften Anwendung: 0x01ce5708ac1e7309  Pfad der fehlerhaften
 Anwendung: C:\Users\FickDich\Desktop\client dodified-client.v4.5 by '0x72967'@epvp\Modified-Client\mc.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: ee0b8648-c2fb-11e2-b644-bc054303e114
 
Error - 22.05.2013 12:25:19 | Computer Name = FickDich-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\FickDich\Downloads\SoftonicDownloader_fuer_windows-xp-mode.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 23.05.2013 07:02:04 | Computer Name = FickDich-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.05.2013 11:47:25 | Computer Name = FickDich-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.05.2013 19:16:57 | Computer Name = FickDich-PC | Source = Application Hang | ID = 1002
Description = Programm WinRAR.exe, Version 4.20.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1024    Startzeit:
 01ce580b72e04b05    Endzeit: 3    Anwendungspfad: C:\Program Files\WinRAR\WinRAR.exe    Berichts-ID:
 db00ace0-c3fe-11e2-872f-bc054303e114  
 
Error - 24.05.2013 05:34:23 | Computer Name = FickDich-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2013 14:42:33 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 7799.exe, Version: 0.0.0.0, Zeitstempel:
 0x519f9c66  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x1d94  Startzeit der fehlerhaften Anwendung: 0x01ce58ae6aa21c01  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\7799.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung:
 b16ed08e-c4a1-11e2-9570-bc054303e114
 
Error - 24.05.2013 14:44:45 | Computer Name = FickDich-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\FickDich\Downloads\SoftonicDownloader_fuer_windows-xp-mode.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 24.05.2013 15:27:36 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BC28.exe, Version: 0.0.0.0, Zeitstempel:
 0x519f9c66  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x13e0  Startzeit der fehlerhaften Anwendung: 0x01ce58b4b955236d  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\BC28.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung:
 fce00e46-c4a7-11e2-9570-bc054303e114
 
Error - 24.05.2013 15:42:30 | Computer Name = FickDich-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 794F.exe, Version: 0.0.0.0, Zeitstempel:
 0x519f9c66  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x13e0  Startzeit der fehlerhaften Anwendung: 0x01ce58b6ce93c8d4  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\794F.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung:
 11a2cb1c-c4aa-11e2-9570-bc054303e114
 
[ System Events ]
Error - 22.05.2013 18:35:58 | Computer Name = FickDich-PC | Source = BROWSER | ID = 8032
Description = 
 
Error - 23.05.2013 07:00:58 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 23.05.2013 11:46:03 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 23.05.2013 11:46:40 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Live ID Sign-in Assistant erreicht.
 
Error - 23.05.2013 11:46:40 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 23.05.2013 11:50:28 | Computer Name = FickDich-PC | Source = bowser | ID = 8003
Description = 
 
Error - 24.05.2013 05:33:21 | Computer Name = FickDich-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 24.05.2013 06:48:17 | Computer Name = FickDich-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 24.05.2013 10:38:35 | Computer Name = FickDich-PC | Source = bowser | ID = 8003
Description = 
 
Error - 24.05.2013 14:02:19 | Computer Name = FickDich-PC | Source = BROWSER | ID = 8032
Description = 
 
 
< End of report >
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-24 22:56:45
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD322HJ rev.1AC01118 298,09GB
Running: 6mehidhh.exe; Driver: C:\Users\FickDich\AppData\Local\Temp\pxlcakoc.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\Explorer.EXE[1880] C:\Windows\SYSTEM32\ntdll.dll!atan                                                                0000000077cc9604 39 bytes [40, 53, 48, 83, EC, 30, 80, ...]
.text   C:\Windows\Explorer.EXE[1880] C:\Windows\SYSTEM32\ntdll.dll!atan + 40                                                           0000000077cc962c 1 byte [F8]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                         0000000073b01a22 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                         0000000073b01ad0 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                         0000000073b01b08 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                         0000000073b01bba 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                         0000000073b01bda 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                  0000000077df1465 2 bytes [DF, 77]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                 0000000077df14bb 2 bytes [DF, 77]
.text   ...                                                                                                                             * 2
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2620] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter  00000000761587b1 5 bytes [33, C0, C2, 04, 00]
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69       0000000077df1465 2 bytes [DF, 77]
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      0000000077df14bb 2 bytes [DF, 77]
.text   ...                                                                                                                             * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\Explorer.EXE [1880:7004]                                                                                             0000000002c248b0
Thread  C:\Windows\Explorer.EXE [1880:6732]                                                                                             0000000002c257a0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                 24831
Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                 24831

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                           Windows 7 default MBR code found via API
Disk    \Device\Harddisk0\DR0                                                                                                           unknown MBR code

---- EOF - GMER 2.1 ----
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-24 22:56:45
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD322HJ rev.1AC01118 298,09GB
Running: 6mehidhh.exe; Driver: C:\Users\FickDich\AppData\Local\Temp\pxlcakoc.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\Explorer.EXE[1880] C:\Windows\SYSTEM32\ntdll.dll!atan                                                                0000000077cc9604 39 bytes [40, 53, 48, 83, EC, 30, 80, ...]
.text   C:\Windows\Explorer.EXE[1880] C:\Windows\SYSTEM32\ntdll.dll!atan + 40                                                           0000000077cc962c 1 byte [F8]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                         0000000073b01a22 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                         0000000073b01ad0 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                         0000000073b01b08 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                         0000000073b01bba 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                         0000000073b01bda 2 bytes [B0, 73]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                  0000000077df1465 2 bytes [DF, 77]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                 0000000077df14bb 2 bytes [DF, 77]
.text   ...                                                                                                                             * 2
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2620] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter  00000000761587b1 5 bytes [33, C0, C2, 04, 00]
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69       0000000077df1465 2 bytes [DF, 77]
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      0000000077df14bb 2 bytes [DF, 77]
.text   ...                                                                                                                             * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\Explorer.EXE [1880:7004]                                                                                             0000000002c248b0
Thread  C:\Windows\Explorer.EXE [1880:6732]                                                                                             0000000002c257a0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                 24831
Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                 24831

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                           Windows 7 default MBR code found via API
Disk    \Device\Harddisk0\DR0                                                                                                           unknown MBR code

---- EOF - GMER 2.1 ----

Alt 25.05.2013, 00:10   #5
aharonov
/// TB-Ausbilder
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Hi,

ja du bist infiziert. Das werden wir entfernen. Aber zuvor muss noch was geklärt werden:


Schritt 1

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




Schritt 2

Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
  • Führe die mbrmastr.exe aus.
  • Drücke dann auf Backup MBR und speichere es als emsi auf den Desktop.
  • Schliesse dann das Programm wieder.
  • Packe die erstellte emsi.mbr in ein zip-Archiv (Rechtsklick -> Senden an -> Zip-komprimierten Ordner) und hänge die Datei hier an.
  • Auf dem Desktop wird auch noch eine Textdatei MBRMastr_<date>_<time>.txt erstellt. Poste dessen Inhalt bitte hier.



Bitte poste in deiner nächsten Antwort:
  • Log von aswMBR
  • Log von emsisoft mbrmastr
  • Archiv emsi.zip als Anhang

__________________
cheers,
Leo

Alt 25.05.2013, 01:18   #6
NextEpisode
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-25 01:58:37
-----------------------------
01:58:37.356    OS Version: Windows x64 6.1.7601 Service Pack 1
01:58:37.356    Number of processors: 4 586 0x403
01:58:37.356    ComputerName: FICKDICH-PC  UserName: FickDich
01:58:42.338    Initialize success
02:04:51.812    AVAST engine defs: 13052400
02:05:10.366    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
02:05:10.368    Disk 0 Vendor: SAMSUNG_HD322HJ 1AC01118 Size: 305245MB BusType: 3
02:05:10.464    Disk 0 MBR read successfully
02:05:10.466    Disk 0 MBR scan
02:05:10.469    Disk 0 Windows 7 default MBR code
02:05:10.480    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
02:05:10.483    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       305143 MB offset 206848
02:05:10.510    Disk 0 scanning C:\Windows\system32\drivers
02:05:21.653    Service scanning
02:05:38.543    Modules scanning
02:05:38.547    Disk 0 trace - called modules:
02:05:38.556    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
02:05:38.558    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80092f8060]
02:05:38.562    3 CLASSPNP.SYS[fffff880011ce43f] -> nt!IofCallDriver -> [0xfffffa8008324580]
02:05:38.567    5 ACPI.sys[fffff88000f337a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800832b060]
02:05:39.199    AVAST engine scan C:\Windows
02:05:41.668    AVAST engine scan C:\Windows\system32
02:07:54.978    AVAST engine scan C:\Windows\system32\drivers
02:08:05.927    AVAST engine scan C:\Users\FickDich
02:09:36.221    File: C:\Users\FickDich\AppData\LocalOZEJJPIgAe.exe  **INFECTED** MSIL:Bladabindi-AZ [Trj]
02:13:03.891    AVAST engine scan C:\ProgramData
02:14:01.651    Scan finished successfully
02:15:34.440    Disk 0 MBR has been saved successfully to "C:\Users\FickDich\Desktop\MBR.dat"
02:15:34.445    The log file has been saved successfully to "C:\Users\FickDich\Desktop\aswMBR.txt"
Code:
ATTFilter
Detected Windows version: 6.1 Build 7601 Service Pack 1
Installing direct disk access driver ...
Driver connection handle: 0x00000118
1 valid drive(s) found.

Details for Disk 0 - SAMSUNG HD322HJ Rev 1AC01118:
  Device name              : \\.\PhysicalDrive0
  Geometry (C/H/S)         : 38913/255/63
  Boot loader reputation   : Known Good (Windows 7)
  Cross view comparison    : Passed
  Partition table integrity: Passed

  Boot loader hashes
    SHA-1                  : 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
    MD5                    : A36C5E4F47E84449FF07ED3517B43A31

Alt 25.05.2013, 01:35   #7
aharonov
/// TB-Ausbilder
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Hm, da muss man auf Nummer sicher gehen..

  • Erstelle dir eine bootbare CD oder einen bootbaren USB-Stick mit Parted Magic und boote dann davon (Anleitung).
  • Mache einen Doppelklick auf das Symbol Keyboard Layout auf dem Desktop von Parted Magic, wähle ein deutsches Layout (z.B. "de:qwetz") und bestätige das.
  • Öffne dann eine Konsole (Bildschirmsymbol "ROXTerm" unten links in der Taskleiste).
  • Gib folgenden Befehl ein und bestätige mit Enter:
    fdisk -l
    (Der Parameter nach fdisk ist ein kleines L.)
  • Kopiere den gesamten Output (markieren -> Rechtsklick -> Edit -> Copy), so dass du ihn hier posten kannst (entweder direkt über den integrierten Firefox, oder in ein File auf einem USB-Stick kopieren und wieder in Windows hier einfügen).
  • Öffne dann erneut eine Konsole und gib folgenden Befehl ein:
    dd if=/dev/sda of=mbr.bin bs=512 count=1
  • Starte dann den File Manager (Symbol oben links auf dem Desktop) und suche die mbr.bin im root-Verzeichnis.
  • Zippe dieses File dann (Rechtsklick drauf -> New -> Archive; Archive Format: .zip) und hänge es hier an.
__________________
cheers,
Leo

Alt 30.05.2013, 20:11   #8
aharonov
/// TB-Ausbilder
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.

Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen.
__________________
cheers,
Leo

Alt 02.06.2013, 15:14   #9
aharonov
/// TB-Ausbilder
 
Skypevirus wie entfernen? - Standard

Skypevirus wie entfernen?


Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu Skypevirus wie entfernen?
absolut, eingefangen, entferne, entfernen, gefangen, gen, hoffe, lauter, leute, neu, nichts, skype, skype virus, skypevirus, virus, virus eingefangen, wie entfernen, wie entfernen?


« Systemdoctor 2014 - frst64.exe - logfile erstellt | 'TR/Symmi.21593.3' auf "http://reportingglan.com/gft.exe" »


Ähnliche Themen: Skypevirus wie entfernen?


  1. Babylon toolbar entfernen, BrowserCompanion entfernen, DealPly entfernen, GinyasBrowserCompanions entfernen
    Log-Analyse und Auswertung - 17.12.2014 (9)
  2. WhiteSmoke.com entfernen entfernen
    Anleitungen, FAQs & Links - 07.10.2013 (2)
  3. Skypevirus..
    Plagegeister aller Art und deren Bekämpfung - 29.05.2013 (7)
  4. Skypevirus, bist du das?...
    Plagegeister aller Art und deren Bekämpfung - 27.05.2013 (7)
  5. Skypevirus: Kontrolliert und verbreitet sich selber...
    Plagegeister aller Art und deren Bekämpfung - 06.12.2011 (1)
  6. Trojaner TR/crypt.xpack.gen u. win32.dnschanger entfernen entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.02.2009 (14)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Skypevirus wie entfernen? - Hallo Leute ich bitte hier umhilfe, weil ich mir aus lauter dusslichkeit einen Skype Virus eingefangen habe. Nun habe ich schon in YT nachgeschaut wie ich diesen loskriege. Hilft aber - Skypevirus wie entfernen?...
Archiv
Du betrachtest: Skypevirus wie entfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131