Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Skype Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.05.2013, 22:15   #1
Thero
 
Skype Virus - Standard

Skype Virus



Hallo

Ich bin auf den Skype-Virus Trick reingefallen (dies ist ein sehr schönes foto von dir hxxp://goo.gl/wwo7s?fotos=#Skypeusername# ). Jedoch habe ich den pc sofort abgewürgt nachdem ich bemerkt hatte das dies keine Bilddatei war, sondern eine exe(shutdown ca. 5sec nach doppelklick). Ich hatte zu diesem Zeitpunkt den Virus auch noch nicht über skype verbreitet.
Ich befolgte dann dieses Tutorial: hxxp://www.youtube.com/watch?v=2UiU0WESg-Q. Jedoch war diese exe bei mir nicht in roaming sonder in C:\ProgramData und sie war alleine. Ein Kollege von mir der mir diese wundervolle Nachricht auch übertrug hatte hier 2 Dateien und er könnte sie auch nicht ohne weiteres löschen - sie tauchten immer wieder auf. Ich könnte meine Datei jedoch ohne weiters löschen und als ich dann in skype online ging sandt ich auch keine Viren umher.

Aber jetzt frage ich mich ob ich den Virus wirklich gelöscht habe oder ob er etwas zurückgelassen hat bzw. ob ich ihn wirklich gelöscht habe.

mfg
Thero

Alt 21.05.2013, 12:19   #2
t'john
/// Helfer-Team
 
Skype Virus - Standard

Skype Virus





Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 21.05.2013, 13:43   #3
Thero
 
Skype Virus - Standard

Skype Virus



Hallo t'john

otl.txt
Code:
ATTFilter
OTL logfile created on: 21.05.2013 14:28:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Exodus\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 53,09% Memory free
7,81 Gb Paging File | 5,73 Gb Available in Paging File | 73,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,99 Gb Total Space | 23,45 Gb Free Space | 39,09% Space Free | Partition Type: NTFS
Drive D: | 604,07 Gb Total Space | 429,78 Gb Free Space | 71,15% Space Free | Partition Type: NTFS
 
Computer Name: EXODUS-PC | User Name: Exodus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Exodus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Hamachi2Svc) -- D:\Software\Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (OracleXEClrAgent) -- D:\Software\Oracle\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe ()
SRV - (OracleXETNSListener) -- D:\Software\Oracle\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE ()
SRV - (OracleMTSRecoveryService) -- D:\Software\Oracle\app\oracle\product\10.2.0\server\BIN\omtsreco.exe (Oracle Corporation)
SRV - (OracleJobSchedulerXE) -- d:\software\oracle\app\oracle\product\10.2.0\server\Bin\extjob.exe ()
SRV - (OracleServiceXE) -- d:\software\oracle\app\oracle\product\10.2.0\server\bin\ORACLE.EXE (Oracle Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (VSPerfDrv100) -- D:\Software\VisualStudio\Team Tools\Performance Tools\x64\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 90 C3 D7 78 3F CE 01  [binary data]
IE - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:03:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.11.25 16:32:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Exodus\AppData\Roaming\mozilla\Extensions
[2013.05.09 18:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Exodus\AppData\Roaming\mozilla\Firefox\Profiles\xwsprbfi.default\extensions
[2013.05.09 18:40:43 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Exodus\AppData\Roaming\mozilla\firefox\profiles\xwsprbfi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.11 22:03:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.11 22:03:48 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.20 09:13:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.20 09:13:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.20 09:13:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.20 09:13:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.20 09:13:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.20 09:13:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Software\VisualStudio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Programme\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4100582613-1411693210-193886274-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4100582613-1411693210-193886274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9591396D-7109-4A3C-A6B6-6963327EC42B}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCCFB7E5-FA17-488B-8F57-4E575696AE7E}: NameServer = 172.16.1.251
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.21 14:25:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Exodus\Desktop\OTL.exe
[2013.05.20 22:25:18 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Local\Programs
[2013.05.15 18:04:47 | 000,000,000 | ---D | C] -- C:\Users\Exodus\Documents\Electronic Arts
[2013.05.15 17:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2013.05.15 15:37:11 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 15:37:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 15:37:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.15 15:37:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.15 15:37:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.15 15:37:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.15 15:37:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.15 15:37:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.15 15:37:10 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 15:37:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.15 15:37:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.15 15:37:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.15 15:37:09 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 15:37:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 15:37:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 10:05:38 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 10:05:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 10:05:37 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 10:05:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 10:05:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 10:05:36 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.13 21:02:00 | 000,000,000 | ---D | C] -- C:\Users\Exodus\Desktop\Ferialpraktikum
[2013.05.07 23:17:29 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.07 23:17:29 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.07 23:17:29 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.07 23:17:29 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.07 23:17:29 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.07 23:17:29 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.07 23:17:29 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.07 23:17:29 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.07 23:17:29 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.07 23:17:29 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.07 23:17:29 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.07 23:17:29 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.07 23:17:29 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.07 23:17:29 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.07 23:17:29 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.07 23:17:29 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.07 23:17:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.07 23:17:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.07 23:17:29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.07 23:17:29 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.07 23:17:29 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.07 23:17:29 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.07 23:17:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.07 23:17:29 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.07 23:17:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.07 23:17:29 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.07 23:17:29 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.07 23:17:29 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.07 23:17:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.07 23:17:29 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.07 23:17:29 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.07 23:17:29 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.07 23:17:29 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.07 23:17:29 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.07 23:17:29 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.07 23:17:29 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.07 23:17:29 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.07 23:17:29 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.07 23:17:29 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.07 23:17:29 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.07 23:17:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.07 23:17:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.07 23:17:29 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.07 23:17:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.07 23:17:29 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.07 23:17:29 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.07 23:17:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.07 23:17:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.07 23:17:29 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.07 23:17:29 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.07 23:17:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.07 23:17:29 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.07 23:17:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.07 23:16:43 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.05.07 23:16:43 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.05.07 23:16:43 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.05.07 23:16:43 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.05.07 23:16:43 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.05.07 23:16:43 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.05.07 23:16:43 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.05.07 23:16:43 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.05.07 23:16:43 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.05.07 23:16:43 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.05.07 23:16:43 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.05.07 23:16:43 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.05.07 23:16:43 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.05.07 23:16:43 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.05.07 23:16:43 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.05.07 23:16:43 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.05.07 23:16:43 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.05.07 23:16:43 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.05.07 23:16:43 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.05.07 23:16:43 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.05.07 23:16:43 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.05.07 23:16:43 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.05.07 23:16:43 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.05.07 23:16:43 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.07 23:16:43 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.07 23:16:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.07 23:16:43 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.07 14:06:33 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Roaming\Atari
[2013.05.07 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\Exodus\Documents\RCT3
[2013.05.07 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\Exodus\Documents\My Pictures
[2013.05.07 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\Exodus\Documents\My Music
[2013.05.07 14:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PocketSoft
[2013.05.07 14:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RollerCoaster Tycoon 3
[2013.05.05 00:37:34 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Roaming\Ponscripter
[2013.05.05 00:37:34 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Roaming\Narcissu Side 2nd
[2013.05.03 18:42:39 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Local\Sniper Elite Nazi Zombie Army
[2013.04.22 19:40:25 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013.04.21 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Exodus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
[2013.04.21 17:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.21 14:25:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Exodus\Desktop\OTL.exe
[2013.05.21 13:22:34 | 000,014,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 13:22:34 | 000,014,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 13:20:10 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.21 13:20:10 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.21 13:20:10 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.21 13:20:10 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.21 13:20:10 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.21 13:15:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.21 13:15:16 | 3144,433,664 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.20 22:26:04 | 000,000,735 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.20 22:17:56 | 000,111,117 | ---- | M] () -- C:\Users\Exodus\Desktop\Unbenannt.png
[2013.05.15 16:30:59 | 000,302,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.12 14:43:23 | 000,007,594 | ---- | M] () -- C:\Users\Exodus\AppData\Local\Resmon.ResmonCfg
[2013.05.07 23:17:29 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.07 23:17:29 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.07 23:17:29 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.07 23:17:29 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.07 23:17:29 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.07 23:17:29 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.07 23:17:29 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.07 23:17:29 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.07 23:17:29 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.07 23:17:29 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.07 23:17:29 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.07 23:17:29 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.07 23:17:29 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.07 23:17:29 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.07 23:17:29 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.07 23:17:29 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.07 23:17:29 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.07 23:17:29 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.07 23:17:29 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.07 23:17:29 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.07 23:17:29 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.07 23:17:29 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.07 23:17:29 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.07 23:17:29 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.07 23:17:29 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.07 23:17:29 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.07 23:17:29 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.07 23:17:29 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.07 23:17:29 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.07 23:17:29 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.07 23:17:29 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.07 23:17:29 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.07 23:17:29 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.07 23:17:29 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.07 23:17:29 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.07 23:17:29 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.07 23:17:29 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.07 23:17:29 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.07 23:17:29 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.07 23:17:29 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.07 23:17:29 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.07 23:17:29 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.07 23:17:29 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.07 23:17:29 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.07 23:17:29 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.07 23:17:29 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.07 23:17:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.07 23:17:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.07 23:17:29 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.07 23:17:29 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.07 23:17:29 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.07 23:17:29 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.07 23:17:29 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.07 23:17:29 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.07 23:17:29 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.07 23:16:43 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.05.07 23:16:43 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.05.07 23:16:43 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.05.07 23:16:43 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.05.07 23:16:43 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.05.07 23:16:43 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.05.07 23:16:43 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.05.07 23:16:43 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.05.07 23:16:43 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.05.07 23:16:43 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.05.07 23:16:43 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.05.07 23:16:43 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.05.07 23:16:43 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.05.07 23:16:43 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.05.07 23:16:43 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.05.07 23:16:43 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.05.07 23:16:43 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.05.07 23:16:43 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.05.07 23:16:43 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.05.07 23:16:43 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.05.07 23:16:43 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.05.07 23:16:43 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.05.07 23:16:43 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.05.07 23:16:43 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.07 23:16:43 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.07 23:16:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.07 23:16:43 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.07 23:16:43 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.07 14:10:07 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2013.05.06 22:36:52 | 000,193,249 | ---- | M] () -- C:\Users\Exodus\Desktop\GNT_AccessPoints_V123.11.odt
[2013.04.21 23:47:49 | 000,012,391 | ---- | M] () -- C:\Users\Exodus\Desktop\Unbenannt 1.odt
 
========== Files Created - No Company Name ==========
 
[2013.05.20 22:26:04 | 000,000,735 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.20 22:17:56 | 000,111,117 | ---- | C] () -- C:\Users\Exodus\Desktop\Unbenannt.png
[2013.05.07 23:17:29 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.07 23:17:29 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.07 14:06:27 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2013.05.07 14:06:02 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2013.05.06 22:36:49 | 000,193,249 | ---- | C] () -- C:\Users\Exodus\Desktop\GNT_AccessPoints_V123.11.odt
[2013.03.21 15:16:46 | 000,007,594 | ---- | C] () -- C:\Users\Exodus\AppData\Local\Resmon.ResmonCfg
[2013.03.11 12:12:58 | 000,000,014 | ---- | C] () -- C:\Windows\kdcoms.dll
[2013.03.01 23:43:19 | 148,185,699 | ---- | C] () -- C:\Users\Exodus\AppData\Roaming\.minecraft.rar
[2013.01.12 19:38:28 | 000,000,839 | ---- | C] () -- C:\Users\Exodus\AppData\Local\recently-used.xbel
[2012.11.25 14:40:42 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.25 14:22:06 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.11.25 14:22:06 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.10.22 18:40:28 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.10.22 18:40:04 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.10.22 18:40:00 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.02.02 23:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
extra.txt
Code:
ATTFilter
OTL Extras logfile created on: 21.05.2013 14:28:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Exodus\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 53,09% Memory free
7,81 Gb Paging File | 5,73 Gb Available in Paging File | 73,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,99 Gb Total Space | 23,45 Gb Free Space | 39,09% Space Free | Partition Type: NTFS
Drive D: | 604,07 Gb Total Space | 429,78 Gb Free Space | 71,15% Space Free | Partition Type: NTFS
 
Computer Name: EXODUS-PC | User Name: Exodus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4100582613-1411693210-193886274-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{095416D7-D34E-4FD7-A0B1-653D7AE32CE8}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{20406DDE-FFFB-4E45-AB02-97542D307EE9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{2C4059FF-ADD3-459D-BEEF-32481812B1DA}" = rport=139 | protocol=6 | dir=out | app=system | 
"{3B145FBC-975B-49A2-8402-5FEAD958713F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{44114E5D-5FB5-4CA4-A95E-58ECA7BF694C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4580EC2A-6472-4F8E-BBF7-5350AA0682D5}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{46C50F85-194B-4CC1-91AC-655D75AAE466}" = lport=58805 | protocol=17 | dir=in | name=pando media booster | 
"{59046B60-49ED-4B39-9FB9-045562A285F3}" = lport=138 | protocol=17 | dir=in | app=system | 
"{61ADC90E-2010-48E6-9884-EF570B1A40E7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7F143928-DE8E-4B6F-A669-1123E82D6297}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8706B7AD-F2DA-459F-A156-E828017B66C2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8F8CA718-1EE3-4F39-98A3-2309AD664DAA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9B55E1F8-6896-46AB-B0F8-87890A14A7F8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A202BB2F-B6A7-4F81-A63B-FD5D6AC7789A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A27A9CE4-0ABA-4D79-911A-9F486EFACB60}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A43912A2-8549-4899-863C-D85B4074F50C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AE893A40-9C20-4DB4-9C87-797B1045A36F}" = lport=58805 | protocol=6 | dir=in | name=pando media booster | 
"{CC2E563C-2FBD-4B7B-87C0-E0F773C10775}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D274BA1F-6EB5-4AF1-9A7A-AC0B03160CD2}" = lport=58805 | protocol=6 | dir=in | name=pando media booster | 
"{D54DB72E-3472-4498-9900-89E37E5B1B92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E3D43ACC-DE53-49D6-B75B-547FCB00041D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E8CBF893-C0A1-4B97-A84F-F6871137326F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{EB4F0B84-2571-46C8-AE97-2185096C6BD7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F2430430-DF91-4C92-83CE-C7CF7181B874}" = lport=58805 | protocol=17 | dir=in | name=pando media booster | 
"{FCA53C72-988D-411D-887A-8A9DA1C7DDB9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{FFD42EA1-D23D-40A7-8232-9E9B36AC9CF2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03258252-92D1-41C9-940C-ADD2FF1C1736}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{03B0349B-835D-483A-96B7-D0BD54D337E0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{08A19A51-12D6-44B4-8738-E49A135D95EA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{0A86E9C5-F209-4005-86C2-295161888E97}" = protocol=6 | dir=out | app=system | 
"{0F03DA58-09CD-4451-94A3-09B8569170B1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | 
"{10F9FD71-89D0-44E2-A91F-10E1399E5E0C}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\osmos\osmos.exe | 
"{11C6E954-22BF-4A28-AB91-B95FBE81ACF8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{1A42750E-CBD4-455A-92C4-A60C2FEAD390}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{1DBDCF8D-0B47-4979-AA90-1662235831FC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{20D6ED64-BB3D-44C7-A5B8-D777BDCB6E42}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{255F2834-F4A8-4CE9-974A-6ECD97A83970}" = protocol=6 | dir=in | app=d:\software\diablo iii\diablo iii.exe | 
"{26BE001D-C8A4-4553-B07C-3E86E6EE0DD0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{2925DBD1-1D15-403B-9D4E-AEA2957832B6}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\team fortress 2\hl2.exe | 
"{2C8D1C3D-BCA5-465D-8AC1-E809C4DA7A3B}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\osmos\osmos.exe | 
"{34F4265D-6948-4A8D-AA48-9216F6C0E02D}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\dota 2 beta\dota.exe | 
"{36F54310-7144-458A-BA75-A3B1F13F35ED}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\nza\bin\nza.exe | 
"{37062EF4-AD84-4BCE-BDDD-0184ABFFA42C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3AC9DBB8-91EB-476E-8316-83514AAD3432}" = protocol=17 | dir=in | app=d:\software\utorrent\utorrent.exe | 
"{3BDE7AFB-6FCD-451C-93EA-1E9FD34E81DE}" = protocol=6 | dir=in | app=d:\software\starcraft ii\starcraft ii.exe | 
"{3FD526B3-4707-455B-8BF4-94E2466E591F}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\dwarfs - f2p\dwarfs.exe | 
"{43D30928-1064-436D-B414-D6EA9BFD8BC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{472D9AFE-6727-4B4F-82AD-E767E8366166}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{48B4A3C8-8A5C-45C3-9F0B-0A57BED0383B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{4B7915E5-EDC8-498B-AAE1-C41C69F244B9}" = protocol=17 | dir=in | app=d:\software\starcraft ii\starcraft ii public test.exe | 
"{4C77DA3E-A332-4F59-AB52-A175906E860B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4E52CBCF-CE37-4B18-987D-3A423D8B893F}" = protocol=17 | dir=in | app=d:\software\anno2070\game\anno5.exe | 
"{50A99011-EF27-4318-BA2F-13E860B14DBA}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\team fortress 2\hl2.exe | 
"{51646658-5585-4214-B433-BF92E184813A}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\dwarfs - f2p\dwarfs.exe | 
"{553A3579-9880-4457-B37A-8B42F0A151BE}" = dir=out | app=d:\software\anno2070\game\anno5.exe | 
"{5A5CA995-20F6-40F0-A5F4-403CF1A45727}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{632B95EE-5CA9-4673-8CE8-94922E460647}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\team fortress 2\hl2.exe | 
"{638608FB-17CE-4587-A9B5-630E67F8E847}" = dir=in | app=d:\software\anno2070\game\anno5.exe | 
"{66CD48F4-6128-4C82-9F8D-78B900D6C4F4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{6B1BC2C8-8B4B-4EE5-A06D-8F58B18771A0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6C11FC08-64B2-4679-944B-A75427CA9BA0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{6D513BFE-41DC-4E0E-BBAC-49F38066F225}" = dir=in | app=d:\software\anno2070\game\autopatcher.exe | 
"{70657F80-AC05-4E94-987F-DC418FE0B212}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{7639635F-7618-448C-8E5B-D913EFAE7FCD}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\dwarfs - f2p\dwarfs.exe | 
"{7752AD33-C0A4-4871-AD73-760355145A2B}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{7C4BB43D-4295-4B75-8296-212D6BC1D8D9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7E90F441-C928-4621-A82B-533025656E5D}" = protocol=6 | dir=in | app=d:\software\starcraft ii\starcraft ii public test.exe | 
"{80171108-98D2-434A-A549-9D56E8F95AB1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{83C8C5C8-427B-4D44-8EFB-D153945D0517}" = protocol=6 | dir=in | app=d:\software\anno2070\game\anno5.exe | 
"{879A79CB-BB57-4F70-A4C4-4ACCA60E0662}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\team fortress 2\hl2.exe | 
"{8ADE76B1-3338-4763-BF39-401AD6B08988}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{8E5CA2FD-066C-44D0-9A54-26302C821E32}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\nza\bin\nza.exe | 
"{8E85BBCB-6CBA-4726-8238-280F47369DBE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{90A104FF-F165-42E6-A715-D6231BE3F3EA}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\dota 2 beta\dota.exe | 
"{90FBDE0A-BBC5-472F-B389-6842C9853E8B}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{9618C690-527B-4610-9CBE-95E5C99273D7}" = protocol=17 | dir=in | app=d:\software\starcraft ii\versions\base24944\sc2.exe | 
"{96BF536A-290D-48EB-8C4E-8F0D97D98F48}" = protocol=58 | dir=in | app=system | 
"{9731AFE3-F1F2-49D2-A41D-A145D9CEE4EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9759BC38-E815-48ED-93DA-562C6630863B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{9910DE0D-0E11-47A3-939B-90A43D1ACE41}" = protocol=6 | dir=in | app=d:\software\starcraft ii\versions\base24944\sc2.exe | 
"{99FD5171-EB72-4E4A-86B2-0FC2EA5BBEF9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A5C40893-6807-42D0-AC75-496B7769D8AA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{AA5F2BCB-5B61-48C9-8C90-E2E600CCDFC0}" = protocol=6 | dir=in | app=d:\software\anno2070\game\initengine.exe | 
"{AA6624E3-9F33-40A4-B316-B6A365EB2403}" = protocol=17 | dir=in | app=d:\software\anno2070\game\autopatcher.exe | 
"{AC89E037-8D3A-4AEC-9722-85C5B001CCE7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B03E495E-983E-4BBF-9C57-7315822BD334}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B0F748EA-2AB0-4503-876D-38D550641767}" = protocol=17 | dir=in | app=d:\software\diablo iii\diablo iii.exe | 
"{B33E44E8-F5F2-45CC-B94B-B9B423788E77}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B5F3D3C8-5252-4883-A397-88D3221C05FB}" = protocol=17 | dir=in | app=d:\software\starcraft ii\starcraft ii.exe | 
"{B9C858D4-D2C5-4E43-B077-E60330B316E5}" = protocol=6 | dir=in | app=d:\software\utorrent\utorrent.exe | 
"{BB1C6470-65E2-4C6E-A984-A29C4E5D9434}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{C3B235A3-4101-4E24-943C-DC799D6EAFDA}" = protocol=6 | dir=in | app=d:\software\anno2070\game\autopatcher.exe | 
"{CD742254-798F-441A-9B74-38EDD46D0016}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{CE23A6C1-80CA-4224-80FF-68BDC8473309}" = dir=out | app=d:\software\anno2070\game\autopatcher.exe | 
"{D002015B-30DE-4564-9F39-C9BAD2C5698F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D3ED55DA-1E4D-46A0-B913-0B8D4529E681}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D49A4F33-3823-4FEF-A07A-7806011D38C4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{D529087B-D031-43EC-AB2B-8D438CBFE48A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D5DEDFA4-A0E2-4072-871E-D1B79F84A4B4}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{DE4E3CE8-43A1-4A95-AFEC-87FDE437E91E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{DF47501C-01C8-457C-906E-E8B93CA6CE19}" = protocol=6 | dir=in | app=d:\software\steam\steam.exe | 
"{E019FBD1-6AE0-404C-B87E-9D06E141843F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E42009D7-91CC-4FE1-8733-0683A6688ABD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | 
"{E60D8DEB-9F48-45D6-BE2D-9102FAD56173}" = protocol=17 | dir=in | app=d:\software\anno2070\game\initengine.exe | 
"{E688C35D-1EE0-46D0-AD24-79EB35B7CAA8}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{F3824F23-8AFE-4EFD-BB71-BEC6529066E5}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\dwarfs - f2p\dwarfs.exe | 
"{F3FE407D-9A5E-404C-8B3D-ADDE40B4A93E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{F74C7819-73BF-4490-AC5E-600FB96FB667}" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\dota 2 beta\dota.exe | 
"{F8608824-1364-4E0F-A2A3-4A30A712D1A0}" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\dota 2 beta\dota.exe | 
"{FAA4312F-98F1-4EB6-8C71-F4EB994913B6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{FAD5B58A-D5CF-4CFF-B17F-FD6722E87F94}" = protocol=17 | dir=in | app=d:\software\steam\steam.exe | 
"{FF1833AF-1488-486E-9627-C8C350B9F46C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{2F52BB3D-BF48-47D4-BC00-3340D1280B68}D:\software\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\software\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{391DA00A-9376-4CAC-A902-538DE5845F5F}F:\spiele\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=f:\spiele\age of empires ii\empires2.exe | 
"TCP Query User{623E287A-CD95-4711-AADC-072F895F82A5}D:\software\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=d:\software\age of empires ii\empires2.exe | 
"TCP Query User{62E0B353-0C19-4878-A6D5-8E183814A51B}F:\spiele\portal 2\portal2.exe" = protocol=6 | dir=in | app=f:\spiele\portal 2\portal2.exe | 
"TCP Query User{6E0C7F77-4209-432F-9A3C-4D9BE3654E71}D:\software\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\software\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe | 
"TCP Query User{701F4081-3E79-4E48-8CB3-91F55BF53B1D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{9DC5BADE-90BE-4059-AE54-9C5C9A082B07}D:\software\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\software\warcraft iii\war3.exe | 
"TCP Query User{C7EF2400-5E71-4DBD-9047-351FE44AE9FA}D:\software\steam\steamapps\tharealparanoid\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\software\steam\steamapps\tharealparanoid\team fortress 2\hl2.exe | 
"TCP Query User{E866838D-B1EB-4A45-A4B8-A5555A5B1542}D:\software\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=6 | dir=in | app=d:\software\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"TCP Query User{FFDC3AEE-5A45-400F-91C0-5C81D43123AB}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{1A16EB6C-0654-475A-951E-47E398E9FB64}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{5128CBF9-DED0-4E24-A502-F30A60273CF7}D:\software\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=17 | dir=in | app=d:\software\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"UDP Query User{8A195A75-EDC4-4AAD-B2A2-8020E855F437}D:\software\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\software\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{96E57243-CD8E-4A3A-B106-54C057ED03C7}D:\software\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=d:\software\age of empires ii\empires2.exe | 
"UDP Query User{B9517D06-0D61-4EE4-A2D3-A9066074B5D5}F:\spiele\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=f:\spiele\age of empires ii\empires2.exe | 
"UDP Query User{BCCCEB74-9982-4A95-BD41-8570E6C67378}F:\spiele\portal 2\portal2.exe" = protocol=17 | dir=in | app=f:\spiele\portal 2\portal2.exe | 
"UDP Query User{BF3AC89B-F56D-4D74-9923-17C9DCB6AE8A}D:\software\steam\steamapps\tharealparanoid\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\software\steam\steamapps\tharealparanoid\team fortress 2\hl2.exe | 
"UDP Query User{C2F578FE-1838-4DAC-BAFB-EA09632411AF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{DEFB6717-C536-494A-AA6E-2451D0AC7A33}D:\software\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\software\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe | 
"UDP Query User{E367D718-CAA8-4ACC-8D85-561C8B553B5E}D:\software\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\software\warcraft iii\war3.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de
"{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}" = Microsoft SQL Server System CLR Types (x64)
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{47BA3A3A-6B4E-307F-A43B-724079FE90C6}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{53952792-BF16-300E-ADF2-E7E4367E00CF}" = Visual Studio 2010 Prerequisites - English
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) de
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8476A22A-405F-3DCB-96CA-D98C6418C89B}" = Microsoft Visual Studio 2010 Performance Collection Tools - DEU
"{8583E7E3-2237-4981-B957-E28E5E9AB678}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95A2AD24-BD44-3E39-A31F-CE928276577E}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{A1F50E06-E514-393D-AAEB-2F989F0B7C68}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi-Software
"{E1C1D175-C23E-38F4-9AC1-ABE5167022CF}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{E802A021-0F24-3484-97F7-D74D74CB93A0}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU
"{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}" = Microsoft Sync Framework Services v1.0 SP1 (x64) de
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"99841829BE839365AA67B2AD0E50D371F59F8A1E" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1)
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0283EDE1-D8A9-4F64-A035-5E35B4DD199A}_is1" = CLANNAD Full Voice 1.5
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08DA8E46-ED67-451A-9246-50E0FF6959C9}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}" = Oracle Data Provider for .NET Help
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{84ADC96C-B7E0-4938-9D6E-2B640D5DA224}" = Python 2.7.4
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}" = Oracle Database 10g Express Edition
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}" = Oracle Database 10g Express Edition
"Katawa Shoujo" = Katawa Shoujo
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"StarCraft II" = StarCraft II
"Steam App 201790" = Orcs Must Die! 2
"Steam App 213650" = Dwarfs F2P
"Steam App 227100" = Sniper Elite: Nazi Zombie Army
"Steam App 29180" = Osmos
"Steam App 400" = Portal
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4100582613-1411693210-193886274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Narcissu 2 English" = Narcissu 2 English v1.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.04.2013 17:38:25 | Computer Name = Exodus-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel:
 0x4859a219  Name des fehlerhaften Moduls: iw3mp.exe, Version: 0.0.0.0, Zeitstempel:
 0x4859a219  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0017db17  ID des fehlerhaften Prozesses:
 0x2044  Startzeit der fehlerhaften Anwendung: 0x01ce3ed65ad1d0e5  Pfad der fehlerhaften
 Anwendung: D:\Software\Call of Duty 4 - Modern Warfare\iw3mp.exe  Pfad des fehlerhaften
 Moduls: D:\Software\Call of Duty 4 - Modern Warfare\iw3mp.exe  Berichtskennung: cb7cd38d-aacb-11e2-a56a-b888e386e953
 
Error - 23.04.2013 16:09:53 | Computer Name = Exodus-PC | Source = Application Hang | ID = 1002
Description = Programm SC2.exe, Version 2.0.7.25293 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 15c0    Startzeit:
 01ce4051fbbc70f2    Endzeit: 110    Anwendungspfad: D:\Software\StarCraft II\Versions\Base24944\SC2.exe

Berichts-ID:
   
 
Error - 24.04.2013 16:39:54 | Computer Name = Exodus-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften
 Prozesses: 0xec0  Startzeit der fehlerhaften Anwendung: 0x01ce40f7738aacd9  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 1e133bd0-ad1f-11e2-bd14-b888e386e953
 
Error - 01.05.2013 18:48:36 | Computer Name = Exodus-PC | Source = Application Hang | ID = 1002
Description = Programm TESV.exe, Version 1.3.10.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 22fc    Startzeit:
 01ce46bd80c8448d    Endzeit: 34    Anwendungspfad: D:\Software\The Elder Scrolls V- Skyrim\TESV.exe

Berichts-ID:
   
 
Error - 06.05.2013 15:33:13 | Computer Name = Exodus-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
 Zeitstempel: 0x4c00573a  Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.6.0.5920,
 Zeitstempel: 0x510610d1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0006de2d  ID des fehlerhaften
 Prozesses: 0x1754  Startzeit der fehlerhaften Anwendung: 0x01ce4a7d16b8b07f  Pfad der
 fehlerhaften Anwendung: D:\Software\LoLData\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.11\deploy\LolClient.exe
Pfad
 des fehlerhaften Moduls: D:\Software\LoLData\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.11\deploy\Adobe
 AIR\Versions\1.0\Adobe AIR.dll  Berichtskennung: ca58acfd-b683-11e2-a87c-b888e386e953
 
Error - 06.05.2013 17:35:38 | Computer Name = Exodus-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften
 Prozesses: 0x3b8  Startzeit der fehlerhaften Anwendung: 0x01ce4a6e6a819a74  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 e413c1de-b694-11e2-a87c-b888e386e953
 
Error - 09.05.2013 14:56:10 | Computer Name = Exodus-PC | Source = Application Hang | ID = 1002
Description = Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 273c    Startzeit:
 01ce4cdad6db3736    Endzeit: 557    Anwendungspfad: D:\Software\Steam\steamapps\common\Team
 Fortress 2\hl2.exe    Berichts-ID:   
 
Error - 17.05.2013 10:28:49 | Computer Name = Exodus-PC | Source = Application Hang | ID = 1002
Description = Programm League of Legends.exe, Version 3.7.0.328 kann nicht mehr 
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
 in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1270    Startzeit: 01ce530ab51a9fb1    Endzeit: 10    Anwendungspfad:
 D:\Software\LoLData\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.232\deploy\League
 of Legends.exe    Berichts-ID: f85d7f36-befd-11e2-8e37-b888e386e953  
 
Error - 19.05.2013 10:11:26 | Computer Name = Exodus-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 11fc    Startzeit: 01ce549ab81d1991    Endzeit: 0    Anwendungspfad: 
D:\Software\LoLData\League of Legends\RADS\system\rads_user_kernel.exe    Berichts-ID:
 fc805286-c08d-11e2-948b-b888e386e953  
 
Error - 20.05.2013 16:07:22 | Computer Name = Exodus-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer"
 nicht initialisiert werden.  Details: Could not query the status of the EventSystem
 service.  System Error: Der Computer wird heruntergefahren.  .
 
[ System Events ]
Error - 27.03.2013 08:45:42 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 27.03.2013 14:16:24 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 27.03.2013 14:16:24 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 28.03.2013 10:42:45 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 28.03.2013 10:42:45 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 28.03.2013 21:50:56 | Computer Name = Exodus-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.03.2013 06:57:59 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 29.03.2013 06:57:59 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 30.03.2013 07:54:00 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 30.03.2013 07:54:00 | Computer Name = Exodus-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >
         
Hätte ich LOP Prüfung und Purity Prüfung aktivieren sollen?

mfg
__________________

Alt 21.05.2013, 14:23   #4
t'john
/// Helfer-Team
 
Skype Virus - Standard

Skype Virus



sieht alles unauffaellig aus.

zur Kontrolle:
Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Mfg, t'john
Das TB unterstützen

Alt 21.05.2013, 15:20   #5
Thero
 
Skype Virus - Standard

Skype Virus



Beim Starten von mbar bekam ich einen Dialog(Error.jpg im Anhang) welchen ich mit Nein beantwortete.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Exodus :: EXODUS-PC [administrator]

21.05.2013 16:05:28
mbar-log-2013-05-21 (16-05-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30349
Time elapsed: 6 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Miniaturansicht angehängter Grafiken
Skype Virus-error.jpg  

Alt 21.05.2013, 16:01   #6
t'john
/// Helfer-Team
 
Skype Virus - Standard

Skype Virus



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



dann:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
--> Skype Virus

Alt 21.05.2013, 16:26   #7
Thero
 
Skype Virus - Standard

Skype Virus



Zitat:
Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
Dies ist gerade eingetreten.
Soll ich den Scan mit der Einstellung none noch einmal von vorne starten?

Alt 21.05.2013, 16:55   #8
t'john
/// Helfer-Team
 
Skype Virus - Standard

Skype Virus



Richtig.
__________________
Mfg, t'john
Das TB unterstützen

Alt 21.05.2013, 17:12   #9
Thero
 
Skype Virus - Standard

Skype Virus



Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-21 17:23:39
-----------------------------
17:23:39.064    OS Version: Windows x64 6.1.7601 Service Pack 1
17:23:39.064    Number of processors: 8 586 0x3A09
17:23:39.064    ComputerName: EXODUS-PC  UserName: Exodus
17:23:39.305    Initialize success
17:23:46.962    AVAST engine defs: 13052100
17:26:09.736    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:26:09.737    Disk 0 Vendor: ST750LM0 2AR1 Size: 715404MB BusType: 3
17:26:09.866    Disk 0 MBR read successfully
17:26:09.868    Disk 0 MBR scan
17:26:09.870    Disk 0 Windows 7 default MBR code
17:26:09.928    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        30000 MB offset 2048
17:26:09.951    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        61432 MB offset 61442048
17:26:09.972    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       618563 MB offset 187254784
17:26:10.001    Disk 0 Partition 4 00     12  Compaq diag NTFS         1108 MB offset 1462878272
17:26:10.206    Disk 0 scanning C:\Windows\system32\drivers
17:26:21.552    Service scanning
17:26:41.727    Modules scanning
17:26:41.731    Disk 0 trace - called modules:
17:26:41.748    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
17:26:41.751    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d3b790]
17:26:41.754    3 CLASSPNP.SYS[fffff88001d7b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047e6050]
17:26:41.757    Scan finished successfully
17:27:01.864    Disk 0 MBR has been saved successfully to "C:\Users\Exodus\Desktop\MBR.dat"
17:27:01.867    The log file has been saved successfully to "C:\Users\Exodus\Desktop\aswMBR.txt"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.63  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Adobe Flash Player 11.7.700.169  
 Adobe Reader XI  
 Mozilla Firefox (20.0.1) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Geändert von Thero (21.05.2013 um 17:20 Uhr)

Alt 22.05.2013, 17:44   #10
t'john
/// Helfer-Team
 
Skype Virus - Standard

Skype Virus



Sehr gut!

damit bist Du sauber und entlassen!



Tool-Bereinigung
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.







Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
http://www.trojaner-board.de/109844-...ren-seite.html
PC wird immer langsamer - was tun?
__________________
Mfg, t'john
Das TB unterstützen

Alt 22.05.2013, 18:07   #11
Thero
 
Skype Virus - Standard

Skype Virus



Ich danke dir und wünsch dir weiterhin viel Spaß bei der jagt auf Viren, Würmer, usw..

mfg
Thero

Alt 22.05.2013, 18:10   #12
t'john
/// Helfer-Team
 
Skype Virus - Standard

Skype Virus



wuensche eine virenfreie Zeit
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Skype Virus
bilddatei, dateien, dies ist ein sehr schönes foto von dir, doppelklick, down, exe, foto, fotos, frage, gelöscht, immer wieder, keine viren, kollege, löschen, nachricht, online, punkt, roaming, shutdown, skype, skype virus, sofort, trick, tutorial, viren, virus, weiteres, wirklich



Ähnliche Themen: Skype Virus


  1. Skype Virus "Your skype does not support extended icons"
    Log-Analyse und Auswertung - 10.10.2014 (15)
  2. Skype Zertifikat Problem a248.e.akamai.net wegen Werbung in Skype?
    Plagegeister aller Art und deren Bekämpfung - 05.03.2014 (3)
  3. Skype.exe wird ausgeführt obwohl Skype gar nicht installiert ist
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (4)
  4. Skype Virus
    Alles rund um Mac OSX & Linux - 27.06.2013 (8)
  5. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (69)
  6. Skype virus
    Log-Analyse und Auswertung - 23.05.2013 (61)
  7. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 22.05.2013 (11)
  8. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (3)
  9. Probleme mit Skype, Dev-C ++ und Internet, z.B. friert der Bildschirm während der Benutzung von Skype ein
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (17)
  10. TR/Crypt.ZPACK.Gen2 Virus in Program Files (x86)/Skype/Phone/Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (1)
  11. TR/Crypt.ZPACK.Gen 2 in C:\Programm Files (x86)\Skype\Phone\Skype.exe
    Log-Analyse und Auswertung - 27.02.2013 (15)
  12. Avira meldet: 'TR/Crypt.ZPACK.Gen2' [trojan] in der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
    Plagegeister aller Art und deren Bekämpfung - 08.12.2012 (2)
  13. Skype Virus
    Plagegeister aller Art und deren Bekämpfung - 04.12.2012 (8)
  14. Virus in Skype
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (4)
  15. TR/Crypt.ZPACK.Gen2 in C:\Program Files\Skype\Phone\Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 27.07.2012 (2)
  16. TR/Crypt.ZPACK.Gen2 - in Programme/Skype/Phone/Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 12.10.2011 (9)
  17. TR/Crypt.XPACK.Gen in C:\Programme\Skype\Phone\Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 24.10.2010 (2)

Zum Thema Skype Virus - Hallo Ich bin auf den Skype-Virus Trick reingefallen (dies ist ein sehr schönes foto von dir hxxp://goo.gl/wwo7s?fotos=#Skypeusername# ). Jedoch habe ich den pc sofort abgewürgt nachdem ich bemerkt hatte das - Skype Virus...
Archiv
Du betrachtest: Skype Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.