Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pc seit Heutigem Start "aktionsunfähig"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.03.2013, 18:46   #1
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Hallo Leute
Ich hab mal ein sehr "langsames" problem.
Seit ich meinen pc heute gestartet habe, hatte er riesen probleme klarzukommen
Beim start des desktops konnten KEINE programme gestartet werden ,die eigentlich am anfang sofort starten (darunter auch antivirus). Bei der Taskleiste wo das WLAn zeichen ist ,steht auch die ganze zeit dass er sucht aber es passiert nichts.

Mir ist auch aufgefallen , dass wenn ich zbs. COMPUTER (C öffnen will er erstmal 3 minuten lädt und dann nichtmal anzeigt was in diesem Ordner ist ..
Exe. dateien konnte ich auch nicht starten, dennoch funktioniert alles sobald ich den Sicheren Modus aktiviert habe.

Habe im sicheren Modus bereits einen Virenscan durchgeführt ,1 trojaner entdeckt , gelöscht ..Problem ist dennoch geblieben also hab ich eine Systemwiederherstellung gemacht

Fakt: danach ging es zuerst auch nicht doch nach 2 minuten funktionierte alles langsam wieder.. dennoch plage ich jetzt mit einem Computer der 10 minuten braucht bis er richtig hochgefahren ist und bekomme bei Spielen zbs. keine Volle leistung
Bei Internet browsern wie google chrome hat er die seiten die ersten 5 minuten auch nicht geladen , neustart hat allerdings ein wenig geholfen..
Habe nun von Kaspersky anti virus zu Avast antivirus gewechselt weil ich denke dass Kaspersky mir immer nur probleme gemacht hat
PS: ich habe nicht "Sysfucker" benutzt.

Alt 08.03.2013, 11:27   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________

Alt 08.03.2013, 20:07   #3
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Wie lange dauert der scan?
Bin grad 30 minuten dabei .. ich schätze mal ich kann noch 2 stunden warten oder?

Code:
ATTFilter
OTL logfile created on: 08.03.2013 20:13:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Leok\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 29,29% Memory free
6,00 Gb Paging File | 3,22 Gb Available in Paging File | 53,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576,13 Gb Total Space | 152,35 Gb Free Space | 26,44% Space Free | Partition Type: NTFS
Drive D: | 20,03 Gb Total Space | 0,00 Gb Free Space | 0,01% Space Free | Partition Type: FAT32
 
Computer Name: LEOK-PC | User Name: Leok | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Leok\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Leok\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Users\Leok\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Leok\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll ()
MOD - C:\Users\Leok\AppData\Local\Google\Chrome\Application\25.0.1364.97\libglesv2.dll ()
MOD - C:\Users\Leok\AppData\Local\Google\Chrome\Application\25.0.1364.97\libegl.dll ()
MOD - C:\Users\Leok\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll ()
MOD - c:\progra~2\magnipic\sprote~1.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IBUpdaterService) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (DefaultTabUpdate) -- C:\Users\Leok\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
SRV - (DefaultTabSearch) -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe ()
SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (AnchorFree Inc.)
SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE ()
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (NWHelper) -- C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe (Novatel Wireless Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GtDetectSc) -- C:\Programme\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe (OptionNV)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.)
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NWADI) -- C:\Windows\SysNative\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter_hs) -- C:\Windows\SysNative\drivers\massfilter_hs.sys (ZTE Incorporated)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bbus) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)
DRV:64bit: - (ss_bmdfl) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (Ph6xIB64) -- C:\Windows\SysNative\drivers\Ph6xIB64.sys (NXP Semiconductors GmbH)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (swivsp) -- C:\Windows\SysNative\drivers\swivspnt.sys (Sierra Wireless Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (Null) -- C:\Windows\SysWow64\NULL ()
DRV - (TelekomNM6) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchab.com/?aff=7&uid=7bf1fab0-762d-11e2-8e92-002421596834
IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchab.com/?aff=7&uid=7bf1fab0-762d-11e2-8e92-002421596834
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C CF E0 E2 27 2A CD 01  [binary data]
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://searchab.com/?aff=7&uid=7bf1fab0-762d-11e2-8e92-002421596834&q={searchTerms}
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\..\SearchScopes\{9ED1487B-DC37-46A3-98C0-24368EBF83AE}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=190712_n_mont_3012_6&babsrc=SP_ss&mntrId=8449f822000000000000002421596834
IE - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Leok\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Leok\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013.03.08 15:59:32 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013.03.08 15:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2013.03.08 18:00:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013.03.08 15:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\Web Assistant\Firefox [2013.03.08 15:59:32 | 000,000,000 | ---D | M]
 
[2012.07.23 19:22:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://isearch.babylon.com/?affID=120307&babsrc=HP_ss&mntrId=8449f82200000000000000ff477cb7a4
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Leok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Leok\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll File not found
O3:64bit: - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [DAEMON Tools Pro Agent] "C:\Users\Leok\Desktop\Games\DAEMON Tools Pro\DTProAgent.exe" File not found
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [Driver Mender] C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe /applicationMode:systemTray /showWelcome:false File not found
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [Oracle Java] C:\Windows\SysWow64\javaw.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files (x86)\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk =  File not found
O4 - Startup: C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3596471482-2794798375-1745467175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Leok\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Leok\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Leok\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Leok\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07C35CDD-0F65-4768-AC4C-6EBD066D619E}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{477CB7A4-A48D-4C29-9360-59962159C893}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C65DA5F-DBD4-4948-9D9F-E081941F251C}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86000F02-D668-4D95-8BC1-5204E119DA9B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89CE5BB6-47CE-4A71-BBE3-AB021FB4D3B0}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D15D9409-AEFA-419C-9DFD-BF557FA5C685}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA1627A1-5952-4740-A2E2-1044898BA832}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~2\magnipic\sprote~1.dll) - c:\progra~2\magnipic\sprote~1.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.01 21:54:40 | 000,000,076 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.08 19:46:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Leok\Desktop\OTL.exe
[2013.03.08 19:42:17 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Malwarebytes
[2013.03.08 19:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.08 19:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.08 19:41:13 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.08 19:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.08 19:40:56 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Local\Programs
[2013.03.08 07:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyFinder
[2013.03.08 07:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.03.08 07:33:43 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\BabSolution
[2013.03.08 07:33:22 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Babylon
[2013.03.07 20:30:45 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013.03.07 19:25:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.03.07 19:25:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.03.07 19:25:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013.03.07 19:25:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.03.07 19:25:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013.03.07 19:25:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013.03.07 19:25:31 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.03.07 19:25:31 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.03.07 19:25:31 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.03.07 19:25:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013.03.07 19:25:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.03.07 19:25:31 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013.03.07 19:25:31 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013.03.07 19:25:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.03.07 19:25:31 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013.03.07 19:25:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.03.07 19:25:31 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013.03.07 19:25:30 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.03.07 19:25:30 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.03.07 19:25:30 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013.03.07 19:25:30 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013.03.07 19:25:29 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.03.07 19:25:29 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.03.07 19:25:28 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.03.07 19:19:49 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.03.07 19:19:49 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.03.07 19:19:49 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.03.07 19:19:48 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.03.07 19:19:40 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.03.07 19:19:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.03.07 19:19:27 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.03.07 19:19:27 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.03.07 19:19:27 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.03.07 19:19:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.03.07 19:19:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.03.07 19:19:26 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.03.07 19:19:26 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.03.07 19:19:26 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.03.07 19:19:26 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.03.07 19:19:25 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.03.07 19:19:25 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.03.07 19:19:25 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.03.07 19:19:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.03.07 19:19:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.03.07 19:19:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.03.07 19:19:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.03.07 19:19:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.03.07 19:19:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.03.07 19:19:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.03.07 19:19:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.03.07 19:19:23 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.03.07 19:19:23 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.03.07 19:19:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.03.07 19:19:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.03.07 19:19:22 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.03.07 19:19:22 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.03.07 19:19:22 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.03.07 19:19:22 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.03.07 19:19:21 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.03.07 19:19:21 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.03.07 19:19:21 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.03.07 19:19:20 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.03.07 19:19:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.03.07 19:19:20 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.03.07 19:19:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.03.07 19:17:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013.03.07 19:17:39 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.03.07 19:14:37 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.03.07 18:59:31 | 000,000,000 | ---D | C] -- C:\Users\Leok\.swt
[2013.03.07 18:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.03.07 18:40:54 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.07 18:40:53 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.07 18:40:48 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.07 18:40:46 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.07 18:40:43 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.07 18:40:31 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.07 18:40:28 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.03.07 18:39:25 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 18:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.03.07 18:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.03.01 14:07:32 | 000,000,000 | ---D | C] -- C:\Users\Leok\Desktop\Flyff Pserver etc
[2013.02.26 14:48:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.02.25 23:57:16 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2013.02.25 23:57:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2013.02.25 23:56:48 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2013.02.25 23:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2013.02.25 23:56:34 | 000,000,000 | ---D | C] -- C:\Users\Leok\Documents\Image-Line
[2013.02.25 23:56:05 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm
[2013.02.25 23:56:05 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2013.02.25 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2013.02.25 23:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2013.02.25 23:45:36 | 000,000,000 | ---D | C] -- C:\Users\Leok\Desktop\FRUITY LOOPS
[2013.02.23 15:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.02.17 23:10:16 | 000,000,000 | ---D | C] -- C:\Users\Leok\Desktop\Masquerade Room V3
[2013.02.16 17:41:07 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
[2013.02.16 17:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
[2013.02.16 17:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD
[2013.02.16 00:30:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013.02.16 00:30:24 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Publish Providers
[2013.02.16 00:26:08 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Sony Creative Software Inc
[2013.02.16 00:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013.02.16 00:21:53 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Local\Sony
[2013.02.16 00:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013.02.16 00:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.02.16 00:20:30 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Sony
[2013.02.16 00:17:24 | 000,000,000 | ---D | C] -- C:\Users\Leok\Desktop\Sony Vegas Pro v11.0.371
[2013.02.13 23:36:54 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN
[2013.02.13 23:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CLSoft LTD
[2013.02.13 23:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2013.02.13 23:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagniPic
[2013.02.13 23:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013.02.13 23:35:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DefaultTab
[2013.02.13 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Roaming\DefaultTab
[2013.02.13 23:34:37 | 000,000,000 | ---D | C] -- C:\Users\Leok\AppData\Local\SwvUpdater
[2013.02.13 13:56:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 13:56:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 13:56:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 13:56:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 13:56:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 13:56:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 13:56:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 13:56:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 13:56:24 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 13:56:24 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 13:56:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 13:56:24 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 13:56:23 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 13:56:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 13:56:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 13:38:36 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.02.13 12:59:24 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 12:59:23 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 12:59:23 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 12:59:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 12:59:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 12:59:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 12:59:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 12:59:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 12:59:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 12:59:14 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.12 13:38:53 | 000,158,128 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2013.02.12 13:38:53 | 000,149,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2013.02.12 13:38:53 | 000,149,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2013.02.10 21:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.10 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.08 20:11:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596471482-2794798375-1745467175-1000UA.job
[2013.03.08 20:01:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.08 19:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Leok\Desktop\OTL.exe
[2013.03.08 19:41:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.08 19:40:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.08 19:37:23 | 000,002,362 | ---- | M] () -- C:\Users\Leok\Desktop\Google Chrome.lnk
[2013.03.08 19:32:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596471482-2794798375-1745467175-1001UA.job
[2013.03.08 19:28:14 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2013.03.08 19:27:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.08 18:00:47 | 000,637,272 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013.03.08 17:36:55 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2013.03.08 16:12:22 | 000,025,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.08 16:12:22 | 000,025,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.08 16:07:42 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.03.08 16:07:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.08 16:05:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.08 16:04:55 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.07 19:10:41 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.07 19:10:41 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.07 17:51:02 | 000,760,028 | ---- | M] () -- C:\Users\Leok\AppData\Roaming\java_u.jar
[2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.03.04 10:00:56 | 001,316,144 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013.03.04 09:59:46 | 000,035,328 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.03.04 09:07:22 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013.03.04 09:07:22 | 000,608,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013.02.28 06:38:16 | 000,012,883 | ---- | M] () -- C:\Users\Leok\Documents\untitled_0.odt
[2013.02.26 14:48:00 | 438,979,914 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.26 14:00:16 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596471482-2794798375-1745467175-1001Core.job
[2013.02.26 06:36:16 | 000,873,456 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.26 06:36:16 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.26 06:36:16 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.26 06:36:16 | 000,027,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.26 06:36:16 | 000,013,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.26 00:08:30 | 015,782,857 | ---- | M] () -- C:\Users\Leok\Desktop\Final Fantasy - All Battle Themes.mp3
[2013.02.25 23:57:16 | 000,001,142 | ---- | M] () -- C:\Users\Leok\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013.02.25 23:56:48 | 000,001,150 | ---- | M] () -- C:\Users\Leok\Desktop\FL Studio 10.lnk
[2013.02.24 01:11:08 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596471482-2794798375-1745467175-1000Core.job
[2013.02.17 00:08:41 | 017,482,834 | ---- | M] () -- C:\Users\Leok\Mein Film.mp4
[2013.02.17 00:02:27 | 002,250,817 | ---- | M] () -- C:\Users\Leok\Documents\Ohne Titel.mp3
[2013.02.16 23:37:33 | 072,061,985 | ---- | M] () -- C:\Users\Leok\Documents\Ohne Titel.wmv
[2013.02.16 20:33:02 | 001,230,765 | ---- | M] () -- C:\Users\Leok\Desktop\bbb.jpg
[2013.02.16 00:29:13 | 000,001,062 | ---- | M] () -- C:\Users\Leok\Desktop\Vegas Pro 11.0 (64-bit).lnk
[2013.02.14 20:07:21 | 000,001,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2013.02.13 23:36:12 | 000,000,110 | ---- | M] () -- C:\prefs.js
[2013.02.13 23:34:54 | 000,000,932 | RHS- | M] () -- C:\Users\Leok\ntuser.pol
[2013.02.13 17:58:04 | 000,008,989 | ---- | M] () -- C:\Users\Leok\Desktop\BAMBAMBAM.odt
[2013.02.13 17:44:05 | 000,001,239 | ---- | M] () -- C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.02.13 14:12:38 | 000,294,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.13 13:38:38 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.02.10 21:46:36 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
 
========== Files Created - No Company Name ==========
 
[2013.03.08 19:41:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.07 18:40:55 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.03.07 18:40:41 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.07 18:40:37 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.03.07 18:40:30 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.02.26 14:48:00 | 438,979,914 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.26 14:34:53 | 000,012,883 | ---- | C] () -- C:\Users\Leok\Documents\untitled_0.odt
[2013.02.26 00:07:32 | 015,782,857 | ---- | C] () -- C:\Users\Leok\Desktop\Final Fantasy - All Battle Themes.mp3
[2013.02.25 23:57:16 | 000,001,142 | ---- | C] () -- C:\Users\Leok\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013.02.25 23:56:48 | 000,001,150 | ---- | C] () -- C:\Users\Leok\Desktop\FL Studio 10.lnk
[2013.02.23 15:54:29 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.17 00:07:09 | 017,482,834 | ---- | C] () -- C:\Users\Leok\Mein Film.mp4
[2013.02.17 00:02:24 | 002,250,817 | ---- | C] () -- C:\Users\Leok\Documents\Ohne Titel.mp3
[2013.02.16 23:10:50 | 072,061,985 | ---- | C] () -- C:\Users\Leok\Documents\Ohne Titel.wmv
[2013.02.16 20:32:39 | 001,230,765 | ---- | C] () -- C:\Users\Leok\Desktop\bbb.jpg
[2013.02.16 00:29:13 | 000,001,062 | ---- | C] () -- C:\Users\Leok\Desktop\Vegas Pro 11.0 (64-bit).lnk
[2013.02.13 23:36:12 | 000,000,110 | ---- | C] () -- C:\prefs.js
[2013.02.13 23:34:54 | 000,000,932 | RHS- | C] () -- C:\Users\Leok\ntuser.pol
[2013.02.13 23:34:37 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job
[2013.02.13 17:57:59 | 000,008,989 | ---- | C] () -- C:\Users\Leok\Desktop\BAMBAMBAM.odt
[2013.02.13 17:44:05 | 000,001,239 | ---- | C] () -- C:\Users\Leok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.02.13 13:38:38 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.01.25 23:16:41 | 1863,072,676 | ---- | C] () -- C:\Users\Leok\ts3_recording_13_01_25_23_16_36.wav
[2012.08.22 20:45:34 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\UpdateDriver.exe
[2012.08.22 20:45:33 | 000,005,224 | ---- | C] () -- C:\Windows\SysWow64\ucuiinfo.ini
[2012.08.07 20:34:28 | 000,760,028 | ---- | C] () -- C:\Users\Leok\AppData\Roaming\java_u.jar
[2012.06.22 15:12:45 | 000,850,414 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.21 15:37:49 | 000,049,574 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.06.20 20:07:16 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.06.20 20:07:03 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.06.20 20:07:03 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.04.16 18:53:33 | 000,017,408 | ---- | C] () -- C:\Users\Leok\AppData\Local\WebpageIcons.db
[2012.04.14 16:15:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
         
__________________

Alt 08.03.2013, 20:44   #4
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Code:
ATTFilter
OTL Extras logfile created on: 08.03.2013 20:13:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Leok\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 29,29% Memory free
6,00 Gb Paging File | 3,22 Gb Available in Paging File | 53,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576,13 Gb Total Space | 152,35 Gb Free Space | 26,44% Space Free | Partition Type: NTFS
Drive D: | 20,03 Gb Total Space | 0,00 Gb Free Space | 0,01% Space Free | Partition Type: FAT32
 
Computer Name: LEOK-PC | User Name: Leok | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Deutsche Telekom\Telekom Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Telekom Fotoservice] -- "C:\Program Files (x86)\Deutsche Telekom\Telekom Fotoservice\Telekom Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Deutsche Telekom\Telekom Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Telekom Fotoservice] -- "C:\Program Files (x86)\Deutsche Telekom\Telekom Fotoservice\Telekom Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B86DE8-D86E-4110-9817-EA81BDE93EC6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{061E9086-8E87-419F-8437-6BA6884DF808}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0985EC1F-7CD0-4D07-A6CC-AE8484D27D77}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0A219A57-42A1-4F0D-91F0-F918C5D87045}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0A34DEF4-0DC2-4050-9605-CE3F55AB7471}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0BA33942-3808-4031-B746-D161E7E00E36}" = lport=56291 | protocol=17 | dir=in | name=pando media booster | 
"{0DDE054A-5D65-4C0E-B603-EBB65AFBEE0F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0E85851B-F491-4CDE-9ABC-5FDB5423B43D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0EB99366-19C6-4F9F-935D-CC16D1A4B59B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0F2E0720-1422-425F-A1D8-7C1ED7C11295}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{0FF86ED6-50B2-4C8A-BBE8-08D030B6E387}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{107B5B84-F79B-4B22-9F64-B4E5BC93688F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{115A831A-89C1-4AF0-A491-1B245E41968A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{13400F4E-CBDB-491A-B116-F4FF686B8568}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{138AF9DC-D39D-4D07-8529-0337493A7E78}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{153CE81E-2042-4DD8-8049-96C143F8168F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{15D91F5A-8C8B-4432-9C85-1CC755ED5B12}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{1643BB35-D15D-441A-84F7-E05FDBB3B334}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{1682CAB5-264D-4A44-9FF0-DA38513E3292}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{16D24712-D6FC-4958-977D-9DB7DA193615}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{1AD2C839-5C63-4AA9-A48F-E3C2A9FCCB43}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1D62D773-56C5-4AC6-BBC6-CE047DF626DA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{1D69FF62-DFEE-4EFD-8753-F4D7D825FE2A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1DBB81BB-C179-4397-8DD1-E5C55A41513C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{1EA80632-6F9C-49DF-AA3B-16F3D87E267C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{20327366-EC82-41E8-B9B1-6BC399EE9C1E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{20E7AFC6-B966-4C08-8200-A8105F9624EF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{21B60A5E-F71F-4582-B536-1D2EA73F86A8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{2491758E-A79F-4598-A80C-D9194CBA4003}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{256C5113-0212-424B-A66A-FC5F2EDE8034}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{25BD2889-6BA4-4834-A3D4-AF6683CBB18F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{268E4C04-A4C5-4C2C-B690-04737073FE2E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{26E92E62-AEAD-4858-B232-94F9F629E7FE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{270E6DC9-881A-429E-A2C3-7A3E3E5E156C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{28AA4EC6-1E89-4380-B46C-DD16DCC6EE16}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{28F279D4-EF94-459D-B4FD-E51E3B3427D2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{2BE830ED-7C3C-4620-B14F-C55A70778D8A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{2C38EE78-A6E2-488F-AE35-B20DACFCC4A9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2C731B73-1CA4-4061-9136-40B986B817F4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{2D0138BB-EA51-4D96-BF40-D40488D46B0A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{2F015318-E7A4-48F8-A142-217BF49C0DDE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{32357A72-D308-4B21-A8FA-30914C4C94E6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{334367F4-8C82-4AE2-BA88-8884BD17F89F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3419DA4A-5C6A-4D91-8CF3-D87473FB5D93}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{378F3BEE-09DB-4CE8-9C12-E803EC8EE4F1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3BF3B7DF-35D7-4F04-A8EA-7294B9EC46D9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3E556A7A-A1CB-467C-956F-FDBC20ABD143}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3EAD2298-070F-4BA5-8A45-CEFD369A12D9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3F45A12F-B0F4-4823-9A42-1A171DC44748}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3F73CF3F-FA56-47CD-91C4-C30FB9FC4E36}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{3FE7F3F3-BDC0-4984-BA22-F416025FE68E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{41D49AF1-BE4B-4B73-AED5-085DEC3D1FAB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{431DF652-0135-49F4-96F5-7C50181CF09A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{444B37E3-AA35-47B4-A72A-DD6F02144FC0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{444CE27A-5585-4812-A248-455CFFD4B788}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{445FA9F4-ED10-4329-9376-7552CF620D08}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{44DD63D6-3E86-461E-A28A-B2B90150F36B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{45C08F3A-1E04-4665-B51E-87C003CCABE7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4631A38F-2BFF-487A-9675-FD681F10ECD6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{466952E3-932F-45A5-B9E1-23F9D9AC0CFD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4692363D-3402-4C51-B528-E47FB7AC5219}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{4762C485-CC89-4B15-BA56-DA4ED4A70D08}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{48AC1DBD-5FA5-40EB-95ED-F946F79163F3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{490BF983-AA98-4CF2-A78C-373A8628A7E0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4948D9C6-A663-45CF-B7EF-1122BE30D60B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4A9FB51E-A608-49CB-A9DC-4ADDCAE08708}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4AD84E70-71D3-4DDB-9B7C-B9AF39A06A90}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4B932D6A-581B-4701-B4DA-45411AE48F37}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4BA8B46C-71A8-4D27-ABEB-FAD5D4A28A45}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4C9618E2-533F-4D24-A09A-C6AEC16AD10A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4D1700E9-40F7-45CB-AAA4-9F27F682629B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4D86E4A7-0D58-4F01-AF0D-FBF7E024FD52}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4E8A0CBC-3F8E-4216-AE16-8D2D54F2A18D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{4F801240-6058-46B1-BA62-CACDE1682036}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{518584B6-27FB-4636-94A1-A6B8BBB6F26B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{51E08944-6336-4FF9-ADD5-0D1F029138C9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{52DFF33A-8163-4928-8350-CA7B6E51F358}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{54E0A3D9-B1A3-405F-8ACB-1224CFD55420}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{550B2B1C-2052-40E4-9FC9-BA21FD5AE59C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{560B9361-B4B0-4B02-90BC-3DC10CB3781F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{56AE31C7-9A46-4F96-8DF8-44268A92D0FA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{57876965-9682-4F60-9E63-6774E966E00B}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{57AAAC27-1ADD-4FD9-A91A-11B5269DA6A7}" = lport=56291 | protocol=17 | dir=in | name=pando media booster | 
"{596B9313-8479-4B7F-8C0D-0CDC94C81F2F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{5B103B36-F37F-455F-B7DF-4604FCB66E25}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{5D393EB5-1DB8-471C-A11F-33255EDC4810}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{5FF69E78-A035-4691-BAFA-A83AA10E215F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{6356EB4E-8BEE-4C6F-9AC4-8E63687E9B82}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{63704655-B083-44D1-B933-E28634C7E9B7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{6371A1F2-3968-45F9-A1BC-44DAC3A16908}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{63E567D6-7DA7-4333-8B5B-D55FB7E3EF85}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{644203E8-03BC-4C7A-804F-93D067422B4F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{648E6FC5-3E62-4E41-B217-2A37AC7617E7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{669380D9-CE16-4A93-8F30-5735F1C7CC58}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{6D5E6C25-71E6-449C-93DE-7848334F26C0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{6D691FE7-719B-4A9B-AC3A-03207AA336C2}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6F8A1ACB-E840-4827-82D2-AC73AEAEC76D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{6FA5D4B8-4447-4E7C-8073-354CD949263B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{71AB5A1B-CEB7-4FF9-B63C-421BAA31E773}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{72186199-8E7A-4C4E-9C94-10A0F0392E70}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{7556C1AD-A2AD-44C2-ACA6-7156C3847B1D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{759B7433-ACD7-48C7-8B24-2D2CDDD485B2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{75CDDC54-F2AA-44B8-8D90-F2961F5B06D4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{77FA3F52-5516-445F-8101-456F92ED8F42}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{7A1623AC-F948-4355-8C60-B7B73C6DB3D7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{7A77F43D-D855-417A-A6C4-15CEDE55E290}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{7AAD546B-2F0A-47AA-866F-451F941A610F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7D950FBD-35CF-4A23-8EF4-30A9037CE8FA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{7E0A4576-A7B5-4971-B1EF-0DA5E3C4C352}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{80CFCEE3-4795-46D8-ACEC-0C7C4B843936}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{814642C6-E4CC-49EF-B0AB-98916157464A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8247F74B-C21C-4604-8BFE-99093B2B0DA5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{82D0871F-C98A-4C66-9FEF-13A474092597}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{84E6AD9F-978B-4A1F-A298-5631AE833351}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8541A0D1-1593-4A56-88C0-8023AD59697D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{88AD1231-37CB-4992-B651-422A708DBB69}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{88BEB254-CB2B-4328-82A8-797DECF617AD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{893A510B-21F6-4296-A3C2-90C96DC204FD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{89A9BA73-A163-47A5-B303-41D2C053160D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8ADF93A5-9058-471C-9ED8-5CFF07D4AB8C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8B82E074-71E8-4A0C-9A97-B3B4C582F7C9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8BE8AC10-1947-4DAA-AE74-2CED3BCA0F7C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8CAD8463-2220-4F29-BB3F-D7AF1B5E7B5B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8FD6FFAA-7973-4F3E-85B2-62A12DB99A78}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{8FEEA657-EF6D-4B48-A8B5-BF3D9859D006}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{909F3DD5-D3CD-4B2D-A868-09F989E6AEAD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{915339AA-EC22-427D-AC71-BD1A55EC9EDA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{9533A02E-2F4F-42FD-BC2A-70343CA37492}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{979255EF-9DF5-4853-9308-B5B90CFCD3D7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{9A26399A-08E7-4CB1-9393-F49C7D1087A3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{9A3DB84B-953B-4D99-8E1A-2AE18D44150E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{9D986621-9FAC-4BA1-83F9-AE38BA3BD5A5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{A0EE19CE-30B0-4DC9-88C1-E52551D891EE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{A64D3EE5-FB44-4AAB-A58D-1F7E128AB560}" = lport=56291 | protocol=6 | dir=in | name=pando media booster | 
"{A70E5C9C-7536-47D8-9A4D-454087B2BD2C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{A75E0E66-A324-42BE-A9F7-5FDB507C85F9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{A80A4751-59C5-4FAB-A604-19EDD45F3D08}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{A8310D37-2A00-4DD3-AEB0-2EF2EC8CF76E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{AA14D888-F587-4DF8-8044-020EE479DCE7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{AA3BDCF7-3AEF-48A1-B911-C08D41389D0B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{AD0D18A9-81C5-4BA6-919F-68A7ED489724}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{AE32C11D-0D0C-466C-B057-7F7C10924CB3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{AFB51B93-88D6-49AB-BE11-AC8BE7632102}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{B144CA91-F061-4C15-89E7-610E46FB0A3A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B371B62F-298E-45DE-A1B0-178C4B0DABEA}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B62AB357-0976-4504-A6FB-B995C3BF8603}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{B72ACCFA-685D-4EA4-ADF4-165403AAB782}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B7481F70-20C8-4B33-890B-738E996C1603}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{B9476949-3C7B-4BCE-8C48-3982FF62D12B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{B974A7B7-3B5F-4ABD-9159-50547E32C776}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{B999CA04-AC09-40F9-9FA1-3FB2F6A0B187}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BA94F5D0-4C3D-43E1-80EE-1B5F817204CA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BAA2CEA4-0C1D-4BFC-9BC0-042A04FA5047}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BAF95CDF-B2AB-4EE7-8400-9BA91538B601}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BB4EC400-CE99-4A6B-824F-AF251DFECAFD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BBC3756D-3868-42F0-8D9B-84BC37877FF9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BBFBC082-41B1-4FE4-BAEE-3D146D8A73EB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BDB5E727-6CA8-4F56-9D87-E47DB7311728}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BDDCD38A-9242-4A5E-B35A-823AE20FF452}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{BE34B605-77BF-4DBB-81F1-2C019EFBBF29}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C1D51894-7C4C-4ABD-9781-F25603BAF9BF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C2D8BD8D-49BF-429E-86BE-30BF0D3FC513}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C2EF7A3E-C12D-4F75-B0BA-1CF75A49DC90}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C36CCC85-4284-49DB-AC9D-71649F4A0DD4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C49FCCCE-975F-4040-9C0B-B841941402A2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C59A82CE-E06E-4A63-9BC6-BA3C32825989}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C5BB43F8-53D2-4B45-9606-651D5BB3A3AC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C7EEB5DD-D277-43C9-AB6E-0B75F31F5F1C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C8696B1B-A412-4418-B4CA-9E3E5D293CE5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C8C13EFA-7941-4994-B84E-F420BD7245F2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{C948BCA5-BE5E-444B-B509-391712408DF6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{CB85C4BE-8758-480C-8123-034DB00DE1C9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{CF6272DD-3C49-42AC-945E-DD536E0F2851}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{D030DE5F-3185-4030-A354-814775504750}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{D164A2D7-63F0-4BDD-B83B-CBF7A296CAFE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{D2D292CD-072C-45C3-AB04-75ED355EADF9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{D3EEDFF6-CE2C-4354-AEC6-C40F826FC716}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{D4C091C1-1441-43F1-8C93-E7EF2FEC8DEE}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D4F6CE9F-FB32-49CD-844C-5193960AC1FD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{D62014DA-1904-451E-8C9B-332B6E4D061B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DB6F3628-7DDB-488C-BEFD-81A1F29F60B2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DBEF2762-FB8C-4A49-9448-8374A668EE75}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DC0A5B9C-3BB2-455B-9DEE-649E03EFA710}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DCFD2483-0935-495F-95BE-A902FBD656BA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DE63FB8C-2EF5-45AD-B650-3352F0FC7AAA}" = rport=139 | protocol=6 | dir=out | app=system | 
"{DF1BCED2-987B-41C6-9BCB-1D5A768089EF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DF842C50-1AB6-4D8B-8D84-A1325350F544}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DFDAD606-935E-49F4-9262-E3BDF4F8484A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{DFECE939-847C-4946-B599-938262A7D796}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E0572E4C-01E3-43D2-948E-DE435653EB2A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E1EEEFBE-466D-45EC-A352-D7365A0F06E8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E2108F36-B54A-45CC-B544-45B70B309392}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E28CEF2A-88C3-4B01-B35D-E9205FE063EB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E323B5CC-F9EE-4272-A0A1-505D069E1497}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E327722B-62F6-47A7-837E-371F6FA4303A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E3C26412-17FC-4284-810E-4A2F4BAAA89F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E4E1D3E8-1AD1-4297-B2DB-2AA06F4F32C3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E5A75BC8-D6D0-4835-8A26-3A4A45932E62}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E5FC00C5-F21C-4125-A8ED-E8EEB2582FB0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E6017566-754C-4A22-9C34-DFA85B6B3F19}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{E6DA73BD-679B-4194-B5FC-97C66F475533}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{EABDAE55-71B7-4F73-809A-2D42FDCAC9FB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EACC02E0-9A3F-42EC-9104-E21883A8586C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{EB0E0B69-CE36-483A-BCCA-B01C5D9A29D6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F0603E34-3989-4EA8-A13B-FC6CF3A19ED7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F2D736CE-95A7-419D-BC87-03D46805E7FA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F2E6E9B7-7641-4D2E-8F3E-7250B3F51D94}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F3C7BA53-E376-42AF-82A8-101C502F8AAD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F43F4767-1D51-4593-9254-1AC0F2932941}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F5F73A45-5DE3-454C-ACA1-437A0C573CA3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F6112D2F-B488-409C-9034-DD30C543A9F5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F73CD1E3-E61C-4560-8714-3B148129C016}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F7A3C6BA-2708-47B1-9E01-29FC3FB92099}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F7A47976-45E5-423D-B47C-F1CD29E2788E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F7C9A734-FD79-472B-B120-8BCA8A0596BC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F894DC4B-F3BE-4A1D-A972-D65870FDA0F5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F92536C9-F87B-456C-BA87-606CE3B5D18C}" = lport=56291 | protocol=6 | dir=in | name=pando media booster | 
"{F926AB16-1622-4AA0-B53E-73C31C11F045}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{F976F88E-20F9-4580-98DB-3F7C86620A6C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{FB23A159-CCF0-40EC-AF7E-0DB5500AAC23}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{FB955D35-80B7-4219-A3CE-BDDAD1C11BB5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{FD837F87-B086-4A04-A7B9-A2FD1CFEB35A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{FDDA3CDD-49BF-42BE-BA7C-A59361ED9816}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FF81AD62-EFB7-49DC-A936-14F519694E6A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025DC40F-F8F9-4E5C-884B-98E5BBE7F958}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{043FB5D2-A92C-42F7-BA1C-2A57F45DB406}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{05F08676-A6A2-497D-B5C8-1ADB6ED7097D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{07909769-FBBB-496B-8AF0-C060DB3D6E31}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{07B37663-FD88-4BEA-9FBD-04FCC934A9ED}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{0A8AA9CF-FDB9-4A4D-B572-78A1FB9D2E5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0CCC264E-4937-43ED-A073-6EF0303A8838}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"{0E874112-E5DB-4A97-9CA8-23F61E38B640}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{13D1BE69-47AC-433C-81AB-7CE92B0BF1F7}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\terraria\terrariaserver.exe | 
"{143DC0D6-3330-43CA-B679-502E537C9032}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"{16763869-AADC-40A3-A9EA-F33A2D85CEE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{17A313EE-DB91-49C3-8B6F-23B9175BACCC}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{1A399D7A-D897-4897-B416-CEA9A3CD8799}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1B5E423D-B1A7-4874-A610-94C471F70DB3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1C6675CD-1423-442E-B9D9-FDBD7CF7B222}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{1D14C0FC-F7E4-4115-85E8-B1BADE431AD4}" = protocol=6 | dir=in | app=c:\users\leok\desktop\downloads\crossfire_downloader (1).exe | 
"{311155A7-C450-45D3-B90A-6D4906C69FA2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{314A75E6-0923-45A5-9670-F3EE23B34F62}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{32425E39-CF16-435E-AAB2-6A10F7238442}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{36D59664-75FC-478A-AC6F-97CEC11B9ACB}" = protocol=6 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe | 
"{3EB857C0-24EE-4284-8718-30B419EC27ED}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{439CDDDD-43B5-48B3-ABFF-2A9EB649BBB5}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{453B16DE-37D8-41F3-A0F6-EF553289FE08}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{45704608-77B2-4540-99F9-54D7777CF652}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{4758FDD1-77C6-4721-9AD4-EDC1543DB085}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{492382FE-C670-42AE-93FF-8023286770FB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{49B580DE-5D9F-4B6F-9766-094384564E81}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 
"{49C8BA26-15EA-4D66-9EF4-F881B42D13BA}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\mass effect 2 demo\docs\ea help\electronic_arts_technical_support.htm | 
"{4BD1E185-0255-4310-9B59-388E2303A0BE}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"{4CEB0230-93A7-4B70-B7E4-B20EF36E5117}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{5375411D-044D-41DE-B71E-5390292D182C}" = protocol=17 | dir=in | app=c:\users\leok\desktop\downloads\crossfire_downloader (1).exe | 
"{595EB38C-1521-4502-88ED-7718A8030838}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{59DE9071-9B0E-4865-BBE7-8DFB79642CBE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5D4F4304-F209-42E7-8767-C39E99D9924A}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\arcticcombat\gamelauncher_gp\mappingaccount.exe | 
"{5D94772B-73D4-44EC-807A-1EDA05344C43}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5E6AE4B1-94F2-4F48-8DA3-085BAD2759E5}" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"{5F10184E-C1E9-45C7-9EB4-20E61B5A3D90}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe | 
"{60381B87-6E62-41E0-9548-9DE5BD033A00}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{63809390-AE44-4AA0-8DFA-C5E3EE5FCA99}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{641BBA12-863D-4DD2-A3FD-54FA276BC276}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{64298B80-4C6E-403A-BED3-3CE82CFD9D74}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{664E9BAB-58D2-4792-8686-6AACADA0B0B8}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 
"{6826B303-CFA0-4DFE-B7FE-D3824610608F}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\mass effect 2 demo\docs\ea help\electronic_arts_technical_support.htm | 
"{68986002-662C-4B67-866B-929C031CC8A3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{6A893A7F-71DA-45B3-A60C-4E3B31933AC6}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{6B763AFE-93AE-4A5C-B9A7-6E7A52C7140C}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{6BB4AE39-A917-4FC8-A01A-781CADF69899}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{6C66A564-2031-455B-AFC3-D2A6940DECE0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6F6548AE-F990-402D-90E0-E3A6EE8D63D4}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{70E6409B-0187-4FA8-8A69-34049FBA47C2}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{720F3A24-F690-40A3-BFD9-E771A7365395}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{7214570F-DE39-4CBD-8101-DB925D72A558}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{76CDAF9F-1C52-491D-9660-38A6EB14A166}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{78B8D38F-819F-4EDD-933F-E4E1B369EF6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7909308C-D04A-42F0-A4BC-72E0AE06CA26}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7928F913-22F5-4E49-A0A4-D1719BB51301}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7B329EF6-D5CA-438E-BDE1-5B3D0942B1BA}" = protocol=6 | dir=in | app=c:\program files (x86)\deep silver\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | 
"{7C995C7A-17E5-494B-88FD-5134580CD2CB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7D366E7D-69BB-41B3-A50A-456D2B545357}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{80B1B9DB-18F6-4D27-B0AE-36EF0FA1929B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{82BEBEDB-7F8A-4BED-9406-ED8D0DD2A42E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{8379C04C-05E3-43D7-A90A-07492A5109AC}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\dota 2 beta\dota.exe | 
"{83B08BF8-FCA5-4F9C-A9D4-DEBA3A66F49E}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"{8692225D-A2F1-4A90-B8D2-A80E5C551693}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\warlords battlecry iii\battlecry iii.exe | 
"{89281CDD-8D38-4090-9E6E-F4E843BB1B4F}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{8A584F79-BF25-4A78-9820-733EFC037D7C}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\mass effect 2 demo\masseffect2launcher.exe | 
"{8AB49B48-8CD3-4E94-81AA-E4B6D23D2701}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\dota 2 beta\dota.exe | 
"{94FE2A3B-21F7-425A-AD5B-92507D2EB7DE}" = protocol=17 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe | 
"{9586BC4C-8B57-49ED-BD34-922D1BDCD8F8}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{980EAC97-26EC-4594-9F06-04B5E1CF39D8}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\arcticcombat\gamelauncher_gp\mappingaccount.exe | 
"{9A421496-CBFD-4B77-96BF-500C78BE44EF}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\arcticcombat\system\arcticcombat.exe | 
"{9AE43B9B-6ACD-4279-AD19-8EE22687092E}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{9F5E0AFB-C8AD-4792-A0B3-B4400328226E}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\diablo iii\diablo iii.exe | 
"{A0056D41-9C1C-4918-B1F4-7722C8848FED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A09C06AD-2BCF-4FA5-B13E-8F5339CA7900}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{A2B20670-4F20-4355-B8E4-66E249A0EBB4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{A5ED6610-7067-4D23-9490-925D058D5236}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe | 
"{A77C19BE-4027-4150-B91C-FBCCC35B9A65}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steam.exe | 
"{A8D90348-43A6-4861-BA7A-70C0DE746F40}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A9C2600A-2237-4ADE-836F-5B97893E1BB0}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{AF3843D4-FC99-4FD0-A886-4C47C838BD8F}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{B22BA9E8-51B1-48FD-9C39-48F95C01C1F5}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{B6469470-247C-469A-BB01-DBD94DFC9090}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{B6813F8C-7905-4A00-9A3C-778F4815657A}" = protocol=17 | dir=in | app=c:\program files (x86)\deep silver\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | 
"{B72E507C-BA59-4DD5-A9AA-D9C29F9E84AA}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steam.exe | 
"{B847FD53-C6DD-4E3F-924E-E18A5457F2EC}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 
"{B8CC4ADC-31C5-49E3-A312-47FB540CB57B}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{BA17B8B2-D493-46E7-B6FB-F69EB4D510B0}" = protocol=6 | dir=in | app=c:\program files (x86)\deep silver\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | 
"{BD73B54D-3129-4CFB-B0B5-770EE5664774}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{BF0F4CC6-8D19-4704-B436-1B676567244A}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{C28661F3-05B3-40CD-9467-8D651C6EDD4A}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\arcticcombat\system\arcticcombat.exe | 
"{C31A0414-4548-4FB6-8579-B543C9D9BEF9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{C86C4935-07B2-4916-A17D-CF3E784B86EC}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\diablo iii\diablo iii.exe | 
"{CBFD1FFC-50E6-4BA7-A639-8FCEA2508366}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{CF1E4984-6E6B-4FB3-93C4-32699493F82E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CF8979C2-D7E3-4641-9778-DBB4E970065C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D293DBF8-9135-4023-9B3A-FBC6F32DD2B2}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"{D2ECBE05-103F-4444-A8A1-50902619604B}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{D3ACCDDC-8396-4B50-941B-5EDABD6209D2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{D904E6BC-8E7B-4DEB-9D84-7A1B473BE7E0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{DDC05401-4AF5-4F52-8210-89299316BB0D}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\dota 2 beta\dota.exe | 
"{DE9E358B-2A59-4F2B-B49D-4BB551E14CD9}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\terraria\terrariaserver.exe | 
"{DF1BED45-732A-41C6-90CF-988911D077EB}" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"{E16FB8AA-92C7-41CB-927E-986A2BA3DB51}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{E1B139C4-E02F-48F1-A3CD-BAD034716124}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E20A5C23-74CE-4638-96F5-3F334905E034}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{E26666E0-6B52-4F0A-9D31-F66B30BE31CC}" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe | 
"{E3653A77-9995-412A-BD9A-B8E3E7A4D947}" = protocol=6 | dir=out | app=system | 
"{E383312B-52EE-4C68-AEBB-80C79DD842CC}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{E42906E7-7538-4BE6-88F0-3F1FA926DC14}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{E518D5B1-27C0-43C8-BAAF-05F7D04CA2C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E618B3EB-4681-4F47-AF8E-9BD69C4037E0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{E7E46DDB-251B-4CD1-B5C5-E900B76CE3F3}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\tibia\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{EC41EDC4-020D-43A1-A9BD-27F8399BBD5C}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe | 
"{EC69C3D3-03DE-4E79-8F96-0E5FC549A757}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{ECCA7652-C193-4F20-9207-7A20FBFB6117}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\mass effect 2 demo\masseffect2launcher.exe | 
"{ED5BCAD1-DF5E-4A5B-9E3F-4582F7C2C802}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"{ED8FBE22-6CFC-49B9-8954-48C1FA0E1EAC}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{F024A4D3-DAD9-41F0-9946-87A4ACE4FFCB}" = protocol=17 | dir=in | app=c:\program files (x86)\deep silver\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | 
"{F256C98F-AE4A-4AFD-8685-8FB76A89C40D}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{F354A70D-B23D-4E8C-AE9B-B127E26662F6}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe | 
"{F4CCE3B8-D892-49F4-A498-7ABF8432CF7F}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 
"{F586040F-69E8-4033-8ACD-BBE938C0C34D}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{FA9A814A-2E37-44CD-93AA-01A9E76A0B40}" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe | 
"{FB751967-8334-4AA1-A93E-0DB9653B2727}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{FD881A5A-2B1A-4378-A87F-05BAF73BF593}" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\dota 2 beta\dota.exe | 
"{FE594826-E3ED-4CF5-90BD-A5B29368E6C7}" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\warlords battlecry iii\battlecry iii.exe | 
"TCP Query User{00087A0D-52DB-4D0B-8AFF-1D35BB8F66D0}C:\users\leok\desktop\games\warlords battlecry iii\battlecry iii.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\warlords battlecry iii\battlecry iii.exe | 
"TCP Query User{128AA01D-CF40-42D2-8A36-BF2D529E83D5}C:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe | 
"TCP Query User{1C28CB51-EE6B-49A4-B1DB-F65F5CEAB897}C:\users\leok\desktop\games\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\diablo iii\diablo iii.exe | 
"TCP Query User{1C8F299E-3440-4167-9C55-E03B62D13944}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe | 
"TCP Query User{319F3491-BC57-436E-9017-1DBCCF1F5C5D}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"TCP Query User{5965DD92-B2BD-4AFA-82D2-1DDD33B7298B}C:\users\leok\desktop\games\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty black ops\blackops.exe | 
"TCP Query User{6014DAD9-4765-4AB2-A53D-FFC65AF33DE6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{7F30E8B6-54AA-4D83-927B-F73C9767FCFC}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"TCP Query User{8983D5E2-65BD-4556-ACBD-A991E367F12A}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"TCP Query User{998AD858-4635-402A-9981-088FA92E2A8E}C:\users\leok\desktop\skype.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\skype.exe | 
"TCP Query User{A1522E3D-C5A6-4E8F-9899-577CED965693}C:\users\leok\desktop\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\skype\phone\skype.exe | 
"TCP Query User{B7A61BF6-01A8-47A2-A10A-995AC000EBE5}C:\users\leok\desktop\games\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\lolreplay\lolreplay.exe | 
"TCP Query User{BA1302D4-2D5B-464C-815F-A9524FED33C2}C:\users\leok\desktop\games\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\terraria\terrariaserver.exe | 
"TCP Query User{C5630889-BE32-411F-B947-9E575C423E35}C:\users\leok\desktop\games\valve\hl.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\valve\hl.exe | 
"TCP Query User{E7F3C78E-ACBA-44B5-A16E-044FB4E1F58C}C:\users\leok\desktop\games\valve\hl.exe" = protocol=6 | dir=in | app=c:\users\leok\desktop\games\valve\hl.exe | 
"TCP Query User{FECF4182-C3CA-4A93-A3CA-ED130C480054}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{0A956123-74CA-426C-8CB8-7FCE9174FAED}C:\users\leok\desktop\games\valve\hl.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\valve\hl.exe | 
"UDP Query User{14BED68B-6C01-427B-BCC0-A93813CB6C92}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe | 
"UDP Query User{1AE973D9-15C9-4A18-87D4-B054724CE106}C:\users\leok\desktop\games\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\terraria\terrariaserver.exe | 
"UDP Query User{2CE60234-7A9A-4C24-AB4A-A8971AB73EA4}C:\users\leok\desktop\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\skype\phone\skype.exe | 
"UDP Query User{55ED246E-2898-450E-B24E-9D95B2B8D10A}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"UDP Query User{7CD56E03-D708-44A3-8A61-7BD57DA30C30}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"UDP Query User{7DFD8125-F1C6-4673-85B1-C17F3188594D}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"UDP Query User{97FF38EF-3162-4473-A339-49B4BCA5C8E9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{A63F7F0D-D389-4946-8F69-7965405C805F}C:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe | 
"UDP Query User{CB60D6C5-A3CC-429B-A580-3FB390176B92}C:\users\leok\desktop\games\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\lolreplay\lolreplay.exe | 
"UDP Query User{E5134805-81FA-47CD-B3E8-8F3ABE365E76}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{E564435C-A372-406E-807A-FEDE9D9E81A4}C:\users\leok\desktop\games\warlords battlecry iii\battlecry iii.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\warlords battlecry iii\battlecry iii.exe | 
"UDP Query User{EF77D844-5BF1-4BE6-BE7A-52074A2D4D1F}C:\users\leok\desktop\games\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\diablo iii\diablo iii.exe | 
"UDP Query User{F5075B01-BDAA-43B8-B13C-FA1953CF089B}C:\users\leok\desktop\games\valve\hl.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\valve\hl.exe | 
"UDP Query User{F8376CE4-76ED-4CBE-91AA-1CC2276D5CAE}C:\users\leok\desktop\skype.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\skype.exe | 
"UDP Query User{F9CC7D9F-C549-4AA7-984F-F8BE5DF1D304}C:\users\leok\desktop\games\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\users\leok\desktop\games\steam\steamapps\common\call of duty black ops\blackops.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04D08E92-F991-4590-A77B-B1B3DF33AC64}" = MagniPic
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.572
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{412FF2A0-2E34-436B-8A0A-9E4EF32E913E}" = Option WWAN Driver 5.0.32.0 Installer
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{727E94E5-584F-4463-B4F5-93D3779C610B}_x" = Option WWAN Driver 5.0.32.0 Installer 
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"MagniPic" = 
"MAXONFD3BFAC6" = CINEMA 4D Demo 12.043
"MediaCoder x64" = MediaCoder x64 0.8.18.5348
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PCSU-SL_is1" = PC Beschleunigen - Vollständige Deinstallation
"WinRAR archiver" = WinRAR 4.11 (64-bit)
"WNLT" = IB Updater Service
"ZTE USB Driver" = ZTE USB Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 39
"{27BC2ACB-2A15-47F1-B8CD-139969221616}" = Sierra Wireless Drivers
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{36415915-0B92-4F82-A240-42D3C14304F0}" = Driver Mender
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent 
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{84F3F00F-CCA9-43B3-A493-1E2757649848}_is1" = Lucius 1.01.3173
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DC9CDD4-9569-46A2-BEB8-7DBF9A519193}" = Mobile Broadband Generic Drivers
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{9579E862-5FC7-4337-B1CC-5E37451524C5}" = Motorola Driver Installation
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2F166A0-F031-4E27-A057-C69733219436}_is1" = RaiderZ
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB606F47-7D0E-40DF-95BB-0E5413A1295F}" = MP3 Skype Recorder
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"BrowserCompanion" = BrowserCompanion
"Clonk Endeavour" = Clonk Endeavour 4.95.5
"Combat Arms EU" = Combat Arms EU
"Cross Fire_is1" = Cross Fire En
"DAEMON Tools Lite" = DAEMON Tools Lite
"DefaultTab" = DefaultTab
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Dll-Files Fixer_is1" = Dll-Files Fixer
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FL Studio 10" = FL Studio 10
"FLV Player" = FLV Player 2.0 (build 25)
"Fraps" = Fraps (remove only)
"Free Disc Burner_is1" = Free Disc Burner version 3.0.13.706
"Free FLV Converter_is1" = Free FLV Converter V 7.5.0
"Free MP4 Video Converter_is1" = Free MP4 Video Converter version 5.0.21.1212
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Gothic II" = Gothic II
"Gothic II - Die Nacht des Raben" = Gothic II - Die Nacht des Raben
"HotspotShield" = Hotspot Shield 2.83
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.22.19.00
"IL Download Manager" = IL Download Manager
"incredibar" = Incredibar Toolbar  on IE
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Netzmanager" = Netzmanager
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PrivitizeVPN" = PrivitizeVPN
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"SP_008a99b9" = 
"Steam App 1250" = Killing Floor
"Steam App 212370" = Arctic Combat
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"Steam App 65800" = Dungeon Defenders
"Super Meat Boy v1.5_is1" = Super Meat Boy v1.5
"Telekom Fotoservice" = Telekom Fotoservice
"Tibia_is1" = Tibia
"uTorrent" = µTorrent
"VocoderGUI" = Zerius Vocoder (remove only)
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3596471482-2794798375-1745467175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.03.2013 22:19:37 | Computer Name = Leok-PC | Source = MagniPicUpdater | ID = 0
Description = 
 
Error - 07.03.2013 22:20:37 | Computer Name = Leok-PC | Source = MagniPicUpdater | ID = 0
Description = 
 
Error - 07.03.2013 22:24:03 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DefaultTabSearch.exe, Version: 0.0.0.0,
 Zeitstempel: 0x511246e7  Name des fehlerhaften Moduls: DefaultTabSearch.exe, Version:
 0.0.0.0, Zeitstempel: 0x511246e7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002c60
ID
 des fehlerhaften Prozesses: 0x6d8  Startzeit der fehlerhaften Anwendung: 0x01ce1ba3fbf82570
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Berichtskennung:
 3e11bed0-8797-11e2-854c-002421596834
 
Error - 08.03.2013 01:54:51 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_BITS, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000007733000a
ID
 des fehlerhaften Prozesses: 0x36c  Startzeit der fehlerhaften Anwendung: 0x01ce1ba3f44eef20
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: b0f0ac50-87b4-11e2-854c-002421596834
 
Error - 08.03.2013 01:56:05 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Updater.exe, Version: 1.1.3.6, Zeitstempel:
 0x510445cc  Name des fehlerhaften Moduls: Updater.exe, Version: 1.1.3.6, Zeitstempel:
 0x510445cc  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000024f5  ID des fehlerhaften Prozesses:
 0x1414  Startzeit der fehlerhaften Anwendung: 0x01ce1bc13ef0fd30  Pfad der fehlerhaften
 Anwendung: C:\Users\Leok\AppData\Local\SwvUpdater\Updater.exe  Pfad des fehlerhaften
 Moduls: C:\Users\Leok\AppData\Local\SwvUpdater\Updater.exe  Berichtskennung: dd21ff40-87b4-11e2-854c-002421596834
 
Error - 08.03.2013 02:18:35 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DefaultTabSearch.exe, Version: 0.0.0.0,
 Zeitstempel: 0x511246e7  Name des fehlerhaften Moduls: DefaultTabSearch.exe, Version:
 0.0.0.0, Zeitstempel: 0x511246e7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002c60
ID
 des fehlerhaften Prozesses: 0x784  Startzeit der fehlerhaften Anwendung: 0x01ce1bc4bafb2bf0
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Berichtskennung:
 01b3d0b0-87b8-11e2-a365-002421596834
 
Error - 08.03.2013 02:20:25 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_BITS, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000007000a
ID
 des fehlerhaften Prozesses: 0x398  Startzeit der fehlerhaften Anwendung: 0x01ce1bc4b5f659e0
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: 43630800-87b8-11e2-a365-002421596834
 
Error - 08.03.2013 11:01:46 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DefaultTabSearch.exe, Version: 0.0.0.0,
 Zeitstempel: 0x511246e7  Name des fehlerhaften Moduls: DefaultTabSearch.exe, Version:
 0.0.0.0, Zeitstempel: 0x511246e7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002c60
ID
 des fehlerhaften Prozesses: 0x6d4  Startzeit der fehlerhaften Anwendung: 0x01ce1c0dd1036bd0
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Berichtskennung:
 17e487f0-8801-11e2-ab8d-002421596834
 
Error - 08.03.2013 11:05:40 | Computer Name = Leok-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DefaultTabSearch.exe, Version: 0.0.0.0,
 Zeitstempel: 0x511246e7  Name des fehlerhaften Moduls: DefaultTabSearch.exe, Version:
 0.0.0.0, Zeitstempel: 0x511246e7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002c60
ID
 des fehlerhaften Prozesses: 0x718  Startzeit der fehlerhaften Anwendung: 0x01ce1c0e5cca9fd0
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
Berichtskennung:
 a380e330-8801-11e2-b1b8-002421596834
 
Error - 08.03.2013 15:13:20 | Computer Name = Leok-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1278    Startzeit:
 01ce1c2d56043f20    Endzeit: 4    Anwendungspfad: C:\Users\Leok\Desktop\OTL.exe    Berichts-ID:
   
 
[ System Events ]
Error - 27.10.2012 06:28:07 | Computer Name = Leok-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 27.10.2012 06:28:07 | Computer Name = Leok-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 27.10.2012 06:28:08 | Computer Name = Leok-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PC Speed Up Service" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%2
 
Error - 27.10.2012 06:28:10 | Computer Name = Leok-PC | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
 
Error - 27.10.2012 06:28:10 | Computer Name = Leok-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1275
 
Error - 27.10.2012 06:28:57 | Computer Name = Leok-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 27.10.2012 06:28:57 | Computer Name = Leok-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 27.10.2012 08:57:08 | Computer Name = Leok-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 27.10.2012 08:57:08 | Computer Name = Leok-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 27.10.2012 08:57:10 | Computer Name = Leok-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PC Speed Up Service" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%2
 
 
< End of report >
         
so dat wars

Alt 08.03.2013, 21:51   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Zitat:
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Warum bitte eine Professional Edition für Windows? Wer braucht das als Heimanwender?
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.03.2013, 22:13   #6
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Nein ist ist ein Heim PC.
Ich hatte keine Lust mir illegal einen crack für eine andere version (zbs. Home premium) oder Utlimate oder so zu holen. <.<

Und kaufen ebenfalls nicht*

Alt 09.03.2013, 08:49   #7
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Ich wollte mich heute auf der seite des spiels "League of legends" einloggen .. Was für ein Wunder dass diese seite geöffnet wurde nachdem ich mich einloggen wollte.
Miniaturansicht angehängter Grafiken
-unbenannt.jpg  

Alt 10.03.2013, 10:28   #8
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Ich habe meinen PC nun formatiert da es einfach nicht mehr ging..
Irgentwie ist mein Pc immernoch LEICHT "Behindert".
An sich läuft es ,nur steht meine CPU auslastung meistens bei 20-30% sobald ich 1 Sache geöffnet habe
---> habe auf windows home premium 64 bit formatiert
Könnte es sein dass mein problem "magnipic.exe" war?
Ich habe diese im task manager gesehen bevor ich den PC formatiert habe und habe gerade in eurem forum gelesen dass wohl mehrere Probleme damit haben/hatten

Alt 10.03.2013, 16:21   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Zitat:
Zitat von Leorau Beitrag anzeigen
Nein ist ist ein Heim PC.
Ich hatte keine Lust mir illegal einen crack für eine andere version (zbs. Home premium) oder Utlimate oder so zu holen. <.<

Und kaufen ebenfalls nicht*
Was genau soll das heißen?
Woher hast du dieses Windows denn jetzt nun?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.03.2013, 16:28   #10
Leorau
 
Pc seit Heutigem Start "aktionsunfähig" - Standard

Pc seit Heutigem Start "aktionsunfähig"



Ich habe es mir gekauft , aber ich habe meinen pc jetzt formatiert ,
Fehler gefunden --> Es lag an Magnipic.exe , sobald Internet da war , war der pc shutdownfähig und mehr nicht.

Thread kann geschlossen werden ,danke

Antwort

Themen zu Pc seit Heutigem Start "aktionsunfähig"
antivirus, avast, browser, computer, dateien, gelöscht, google, internet, internet browser, kaspersky, lädt, neustart, nicht geladen, ordner, probleme, programme, scan, seite, seiten, spiele, spielen, start, starten, systemwiederherstellung, systemwiederherstellung gemacht, taskleiste, trojaner, wlan



Ähnliche Themen: Pc seit Heutigem Start "aktionsunfähig"


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. Windows 7 meldet beim Start 'RegSvr32 Fehler beim Laden des Moduls "". ' seit mit Avira Malware entfernt wurde
    Log-Analyse und Auswertung - 10.10.2014 (22)
  3. Drathlosnetzwerkadapter seit letzter Zeit "im Arsch". Problembehandlung "behebt" Problem dann immer?
    Netzwerk und Hardware - 18.09.2014 (4)
  4. Win7 Computer geht seit ein paar Tagen massiv "in die Knie"
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (8)
  5. Browser: Suchmaschine und "Start" / "Neuer Tab" - Seite und kurze Hintergrundprogramme
    Log-Analyse und Auswertung - 05.01.2014 (11)
  6. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  7. Windows XP Nach Installation von HP Player immer zwei Startseiten beim Öffnen von Google chrome "start.iminent.com" und "Search gol"
    Log-Analyse und Auswertung - 08.10.2013 (5)
  8. "bundestrojaner" seit heute morgen auf pc
    Log-Analyse und Auswertung - 11.06.2013 (10)
  9. Diverse Fehlermeldungen bei Start des Systems nach "Entfernen" des "Polizei-Virus"
    Log-Analyse und Auswertung - 27.10.2012 (10)
  10. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  11. Win XP Start " Net Reactor 10 Fenster"danach "Firefox Problem 2 Fenster" danach "Blue Screen"
    Log-Analyse und Auswertung - 09.07.2011 (3)
  12. Seit einigen Tagen bekomme ich viele " gleiche " Spammails t-online
    Überwachung, Datenschutz und Spam - 06.05.2011 (1)
  13. Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf
    Plagegeister aller Art und deren Bekämpfung - 03.05.2011 (23)
  14. "TR/Kazy.mekml.1" auch bei mir seit heute
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (17)
  15. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  16. svchost.exe - seit 3 Tagen "Unbekannter Softwarefehler "
    Log-Analyse und Auswertung - 01.09.2007 (4)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)

Zum Thema Pc seit Heutigem Start "aktionsunfähig" - Hallo Leute Ich hab mal ein sehr "langsames" problem. Seit ich meinen pc heute gestartet habe, hatte er riesen probleme klarzukommen Beim start des desktops konnten KEINE programme gestartet werden - Pc seit Heutigem Start "aktionsunfähig"...
Archiv
Du betrachtest: Pc seit Heutigem Start "aktionsunfähig" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.