| 
 Firefox: Youtube site wird nicht geladen
 Hallo, 
ich habe genau das gleiche Problem wie jemand aus einem anderen threat, konnte dort aber nicht antworten (keine zugriffsrechte, warum auch immer)  
Ich benutze die aktuellste Firefox version und die komplette youtube seite lädt nicht. ich bekomme lediglich eine fehlermeldung:  
Fehler: Verbindung unterbrochen        
Die Verbindung zum Server wurde zurückgesetzt, während die Seite geladen wurde.  
Anfang der woche hats noch einwandfrei funktioniert, jedoch habe ich diese woche auch meinen PC defragmentiert; seit der gleichen zeit habe ich dieses problem.  
Im internet explorer lässt sich youtube problemlos öffnen.  
meine add ons in FF: 
Adblock Plus 2.0.3 
Adblock Plus Popup-Addon 0.3 
Microsoft.NET Framework assistant 0.0.0 
ProxTube 1.4.2 
avast! WebRep7.0.1426 (deaktiviert)  
bisher habe ich verschiedene dinge probiert: 
- alle addons ausschalten 
- cache leeren 
- cookies löschen 
- malewarebytes drüber laufen lassen (keine infizierten objekte gefunden)  
ich hab nicht wirklich eine idee wo die ursache dieses problems ist. 
normalerweise bekomme ich anwenderfehler recht leicht ausgemerzt, aber hier bin ich irgendwie ratlos.  
danke, für alle zukünftige hilfe :) 
feeluck  
hier meine OTL/malewarebytes logs: 
(hab ich beim ersten post vergessen.. sorry!) 
otl logfile:  
OTL Logfile:   Code: 
 OTL logfile created on: 01.06.2012 19:44:35 - Run 1OTL by OldTimer - Version 3.2.45.0     Folder = C:\Users\Felix\Desktop\Desktop\Desktop
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
 3,25 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 55,44% Memory free
 6,70 Gb Paging File | 4,84 Gb Available in Paging File | 72,19% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 238,31 Gb Total Space | 60,41 Gb Free Space | 25,35% Space Free | Partition Type: NTFS
 Drive D: | 20,49 Gb Total Space | 13,30 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
 Drive M: | 206,95 Gb Total Space | 25,95 Gb Free Space | 12,54% Space Free | Partition Type: NTFS
 
 Computer Name: FELIXHESS-PC | User Name: Felix | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - C:\Users\Felix\Desktop\Desktop\Desktop\OTL.exe (OldTimer Tools)
 PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
 PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
 PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
 PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
 PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
 PRC - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
 PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
 PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
 PRC - C:\Programme\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
 PRC - C:\Programme\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
 PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
 PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
 PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
 PRC - C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
 PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
 PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
 PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH)
 PRC - C:\Programme\Common Files\Gnab\Service\GnabTray.exe (Empolis GmbH)
 PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
 PRC - C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
 PRC - C:\Programme\Intel\IntelDH\CCU\CCU_Engine.exe (Intel(R) Corporation)
 PRC - C:\Programme\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
 PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
 PRC - C:\Windows\System32\PSIService.exe ()
 PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\be701ce708835e0162cb863d3a4eeb49\WindowsFormsIntegration.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5fd0071c259b92078ced7cd752a14730\UIAutomationProvider.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f2b877ed16daa577f95be735a63d19c\System.Core.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c466fbf8e50c7c11b2fa994707124290\PresentationFramework.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b4ade6954a61a7626858c123dc951ba6\PresentationCore.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
 MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
 MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
 MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_72f3380c\system.drawing.dll ()
 MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_970d6326\system.windows.forms.dll ()
 MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
 MOD - C:\Windows\System32\atitmpxx.dll ()
 MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
 MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7be097c3\mscorlib.dll ()
 MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_b1531ab3\system.xml.dll ()
 MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_84e0f2d6\system.dll ()
 MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
 MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
 MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
 MOD - C:\Programme\Common Files\Apple\Apple Application Support\ASL.dll ()
 MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
 MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
 MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
 MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
 MOD - C:\Programme\WinRAR\RarExt.dll ()
 MOD - c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll ()
 MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
 MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()
 MOD - C:\Programme\Common Files\Nero\Lib\log4cxx.dll ()
 MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
 MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
 MOD - C:\Programme\7-Zip\7-zip.dll ()
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (LanmanWorkstation) -- %SystemRoot%\System32\aptwwp82g.dll File not found
 SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
 SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
 SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
 SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
 SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
 SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH)
 SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
 SRV - (TeamViewer4) -- C:\Programme\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
 SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
 SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
 SRV - (Mcx2Svc) -- C:\Windows\System32\Mcx2Svc.dll (Microsoft Corporation)
 SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
 SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
 SRV - (AlertService) Intel(R) -- C:\Programme\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
 SRV - (QualityManager) Intel(R) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe (Intel(R) Corporation)
 SRV - (Remote UI Service) Intel(R) -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
 SRV - (MCLServiceATL) Intel(R) -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
 SRV - (DHTRACE) Intel(R) -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel(R) Corporation)
 SRV - (ISSM) Intel(R) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel(R) Corporation)
 SRV - (NMSCore) Intel(R) -- C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
 SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
 SRV - (DQLWinService) -- C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
 SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
 SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 SRV - (MDM) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
 DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
 DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
 DRV - (EagleNT) -- C:\Windows\system32\drivers\EagleNT.sys File not found
 DRV - (catchme) -- C:\Users\Felix\AppData\Local\Temp\catchme.sys File not found
 DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
 DRV - (ASUSProcObsrv) -- H:\I386\AsProcOb.sys File not found
 DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
 DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
 DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
 DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
 DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
 DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
 DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
 DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
 DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
 DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (Advanced Micro Devices)
 DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
 DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
 DRV - (udfs) -- C:\Windows\System32\drivers\udfs.sys (Microsoft Corporation)
 DRV - (ws2ifsl) -- C:\Windows\System32\drivers\ws2ifsl.sys (Microsoft Corporation)
 DRV - (sermouse) -- C:\Windows\System32\drivers\sermouse.sys (Microsoft Corporation)
 DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
 DRV - (sffdisk) -- C:\Windows\System32\drivers\sffdisk.sys (Microsoft Corporation)
 DRV - (msahci) -- C:\Windows\System32\drivers\msahci.sys (Microsoft Corporation)
 DRV - (viaide) -- C:\Windows\System32\drivers\viaide.sys (VIA Technologies, Inc.)
 DRV - (cmdide) -- C:\Windows\System32\drivers\cmdide.sys (CMD Technology, Inc.)
 DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Microsoft Corporation)
 DRV - (intelide) -- C:\Windows\System32\drivers\intelide.sys (Microsoft Corporation)
 DRV - (aliide) -- C:\Windows\System32\drivers\aliide.sys (Acer Laboratories Inc.)
 DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
 DRV - (TSHWMDTCP) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
 DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
 DRV - (ql2300) -- C:\Windows\System32\drivers\ql2300.sys (QLogic Corporation)
 DRV - (adp94xx) -- C:\Windows\System32\drivers\adp94xx.sys (Adaptec, Inc.)
 DRV - (elxstor) -- C:\Windows\System32\drivers\elxstor.sys (Emulex)
 DRV - (adpahci) -- C:\Windows\System32\drivers\adpahci.sys (Adaptec, Inc.)
 DRV - (uliahci) -- C:\Windows\System32\drivers\uliahci.sys (ULi Electronics Inc.)
 DRV - (iaStorV) -- C:\Windows\System32\drivers\iaStorV.sys (Intel Corporation)
 DRV - (pcmcia) -- C:\Windows\System32\drivers\pcmcia.sys (Microsoft Corporation)
 DRV - (adpu320) -- C:\Windows\System32\drivers\adpu320.sys (Adaptec, Inc.)
 DRV - (ulsata2) -- C:\Windows\System32\drivers\ulsata2.sys (Promise Technology, Inc.)
 DRV - (vsmraid) -- C:\Windows\System32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
 DRV - (ql40xx) -- C:\Windows\System32\drivers\ql40xx.sys (QLogic Corporation)
 DRV - (UlSata) -- C:\Windows\System32\drivers\ulsata.sys (Promise Technology, Inc.)
 DRV - (adpu160m) -- C:\Windows\System32\drivers\adpu160m.sys (Adaptec, Inc.)
 DRV - (nvraid) -- C:\Windows\System32\drivers\nvraid.sys (NVIDIA Corporation)
 DRV - (isapnp) -- C:\Windows\System32\drivers\isapnp.sys (Microsoft Corporation)
 DRV - (nfrd960) -- C:\Windows\System32\drivers\nfrd960.sys (IBM Corporation)
 DRV - (msdsm) -- C:\Windows\System32\drivers\msdsm.sys (Microsoft Corporation)
 DRV - (iirsp) -- C:\Windows\System32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
 DRV - (mpio) -- C:\Windows\System32\drivers\mpio.sys (Microsoft Corporation)
 DRV - (sbp2port) -- C:\Windows\System32\drivers\sbp2port.sys (Microsoft Corporation)
 DRV - (SiSRaid4) -- C:\Windows\System32\drivers\sisraid4.sys (Silicon Integrated Systems)
 DRV - (nvstor) -- C:\Windows\System32\drivers\nvstor.sys (NVIDIA Corporation)
 DRV - (aic78xx) -- C:\Windows\System32\drivers\djsvs.sys (Adaptec, Inc.)
 DRV - (arcsas) -- C:\Windows\System32\drivers\arcsas.sys (Adaptec, Inc.)
 DRV - (LSI_SCSI) -- C:\Windows\System32\drivers\lsi_scsi.sys (LSI Logic)
 DRV - (SiSRaid2) -- C:\Windows\System32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
 DRV - (HpCISSs) -- C:\Windows\System32\drivers\HpCISSs.sys (Hewlett-Packard Company)
 DRV - (arc) -- C:\Windows\System32\drivers\arc.sys (Adaptec, Inc.)
 DRV - (iteraid) -- C:\Windows\System32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
 DRV - (iteatapi) -- C:\Windows\System32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
 DRV - (LSI_SAS) -- C:\Windows\System32\drivers\lsi_sas.sys (LSI Logic)
 DRV - (Symc8xx) -- C:\Windows\System32\drivers\symc8xx.sys (LSI Logic)
 DRV - (LSI_FC) -- C:\Windows\System32\drivers\lsi_fc.sys (LSI Logic)
 DRV - (Sym_u3) -- C:\Windows\System32\drivers\sym_u3.sys (LSI Logic)
 DRV - (Mraid35x) -- C:\Windows\System32\drivers\Mraid35x.sys (LSI Logic Corporation)
 DRV - (Sym_hi) -- C:\Windows\System32\drivers\sym_hi.sys (LSI Logic)
 DRV - (megasas) -- C:\Windows\System32\drivers\megasas.sys (LSI Logic Corporation)
 DRV - (i2omp) -- C:\Windows\System32\drivers\i2omp.sys (Microsoft Corporation)
 DRV - (Wd) -- C:\Windows\System32\drivers\wd.sys (Microsoft Corporation)
 DRV - (Compbatt) -- C:\Windows\System32\drivers\compbatt.sys (Microsoft Corporation)
 DRV - (usbprint) -- C:\Windows\System32\drivers\usbprint.sys (Microsoft Corporation)
 DRV - (rdpdr) -- C:\Windows\System32\drivers\rdpdr.sys (Microsoft Corporation)
 DRV - (BTHMODEM) -- C:\Windows\System32\drivers\bthmodem.sys (Microsoft Corporation)
 DRV - (HidBth) -- C:\Windows\System32\drivers\hidbth.sys (Microsoft Corporation)
 DRV - (usbcir) eHome Infrared Receiver (USBCIR) -- C:\Windows\System32\drivers\usbcir.sys (Microsoft Corporation)
 DRV - (circlass) -- C:\Windows\System32\drivers\circlass.sys (Microsoft Corporation)
 DRV - (usbohci) -- C:\Windows\System32\drivers\usbohci.sys (Microsoft Corporation)
 DRV - (HidIr) -- C:\Windows\System32\drivers\hidir.sys (Microsoft Corporation)
 DRV - (WacomPen) -- C:\Windows\System32\drivers\wacompen.sys (Microsoft Corporation)
 DRV - (sfloppy) -- C:\Windows\System32\drivers\sfloppy.sys (Microsoft Corporation)
 DRV - (fdc) -- C:\Windows\System32\drivers\fdc.sys (Microsoft Corporation)
 DRV - (flpydisk) -- C:\Windows\System32\drivers\flpydisk.sys (Microsoft Corporation)
 DRV - (Parport) -- C:\Windows\System32\drivers\parport.sys (Microsoft Corporation)
 DRV - (IPMIDRV) -- C:\Windows\System32\drivers\IPMIDrv.sys (Microsoft Corporation)
 DRV - (WmiAcpi) -- C:\Windows\System32\drivers\wmiacpi.sys (Microsoft Corporation)
 DRV - (ViaC7) -- C:\Windows\System32\drivers\viac7.sys (Microsoft Corporation)
 DRV - (AmdK8) -- C:\Windows\System32\drivers\amdk8.sys (Microsoft Corporation)
 DRV - (Crusoe) -- C:\Windows\System32\drivers\crusoe.sys (Microsoft Corporation)
 DRV - (AmdK7) -- C:\Windows\System32\drivers\amdk7.sys (Microsoft Corporation)
 DRV - (Processor) -- C:\Windows\System32\drivers\processr.sys (Microsoft Corporation)
 DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\drivers\BrSerId.sys (Brother Industries Ltd.)
 DRV - (BrSerWdm) -- C:\Windows\System32\drivers\BrSerWdm.sys (Brother Industries Ltd.)
 DRV - (BrUsbMdm) -- C:\Windows\System32\drivers\BrUsbMdm.sys (Brother Industries Ltd.)
 DRV - (ntrigdigi) -- C:\Windows\System32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
 IE - HKLM\..\URLSearchHook:  - No CLSID value found
 IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Programme\Freecorder\prxtbFre0.dll (Conduit Ltd.)
 IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
 IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
 IE - HKLM\..\SearchScopes\{7BF63580-4914-4A3C-A2D5-0A3F24EE80F7}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Felix\Desktop\Desktop\Desktop
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=109130&babsrc=HP_ss&mntrId=4688eff8000000000000001d920028e5
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
 IE - HKCU\..\URLSearchHook:  - No CLSID value found
 IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Programme\Freecorder\prxtbFre0.dll (Conduit Ltd.)
 IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109130&babsrc=SP_ss&mntrId=4688eff8000000000000001d920028e5
 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 IE - HKCU\..\SearchScopes\{FFD86475-D105-4F3E-A8D4-1DA59748A9D2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.useDBForOrder: true
 FF - prefs.js..browser.startup.homepage: "https://mail.google.com/mail/?shva=1#inbox|hxxp://www.facebook.com/"
 FF - prefs.js..network.proxy.autoconfig_url: "file:///C:\\Users\\Felix\\AppData\\Local\\Temp\\proxtube.pac"
 FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 FF - prefs.js..network.proxy.type: 2
 
 
 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
 FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
 FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
 FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
 FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
 FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.25 10:39:35 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.17 06:40:38 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.25 10:39:35 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.31 14:07:18 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.25 10:40:05 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
 
 [2011.12.11 12:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Extensions
 [2012.05.18 16:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\om6v6gdn.default\extensions
 [2012.05.18 16:14:01 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\om6v6gdn.default\extensions\ich@maltegoetz.de
 [2012.02.07 23:14:22 | 000,000,933 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\om6v6gdn.default\searchplugins\11-suche.xml
 [2012.02.07 23:14:22 | 000,002,419 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\om6v6gdn.default\searchplugins\englische-ergebnisse.xml
 [2012.02.07 23:14:22 | 000,010,525 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\om6v6gdn.default\searchplugins\gmx-suche.xml
 [2012.02.07 23:14:22 | 000,002,457 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\om6v6gdn.default\searchplugins\lastminute.xml
 [2012.02.07 23:14:22 | 000,005,508 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\om6v6gdn.default\searchplugins\webde-suche.xml
 [2012.05.31 14:07:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 [2008.07.01 22:53:37 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
 [2012.01.06 21:32:41 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\FELIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OM6V6GDN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
 [2012.01.06 21:32:41 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\FELIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OM6V6GDN.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI
 [2009.09.02 03:00:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
 [2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
 [2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 [2012.05.25 10:39:08 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
 [2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
 [2012.01.27 12:15:48 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
 [2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
 [2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
 [2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
 [2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 [2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
 O1 HOSTS File: ([2011.12.29 20:40:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Programme\Freecorder\prxtbFre0.dll (Conduit Ltd.)
 O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
 O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
 O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Programme\Freecorder\prxtbFre0.dll (Conduit Ltd.)
 O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Programme\Freecorder\prxtbFre0.dll (Conduit Ltd.)
 O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [CCUTRAYICON] C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
 O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
 O4 - HKLM..\Run: [GnabTray] C:\Program Files\Common Files\Gnab\Service\GnabTray.exe (Empolis GmbH)
 O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
 O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
 O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
 O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_15_Premium\Trayserver.exe (MAGIX AG)
 O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
 O4 - HKCU..\Run: [googletalk] C:\Users\Felix\AppData\Roaming\Google Talk\googletalk.exe /autostart File not found
 O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
 O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
 O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
 O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-C87OL.exe ()
 O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
 O8 - Extra context menu item: Link mit Mega Manager herunterladen... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm File not found
 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
 O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta File not found
 O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
 O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
 O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
 O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
 O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
 O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.)
 O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19DB6361-E04F-4D97-A925-731E8781DF1D}: DhcpNameServer = 192.168.0.1
 O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
 O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
 O24 - Desktop WallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
 O24 - Desktop BackupWallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
 O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2012.06.01 19:41:08 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Felix\Desktop\Desktop\Desktop\OTL.exe
 [2012.05.25 11:50:57 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\LolClient2
 [2012.05.25 10:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
 [2012.05.25 10:39:27 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
 [2012.05.25 10:39:04 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
 [2012.05.25 10:39:04 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
 [2012.05.25 10:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
 [2012.05.19 06:33:58 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
 [2012.05.12 14:24:11 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
 [2012.05.12 14:24:10 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
 [2012.05.12 14:24:10 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
 [2012.05.12 14:24:10 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
 [2012.05.12 14:24:10 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
 [2012.05.12 14:24:04 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
 [2012.05.12 14:24:04 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
 [2012.05.12 14:24:03 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
 [2012.05.05 15:46:01 | 000,000,000 | ---D | C] -- C:\Users\Felix\Desktop\Desktop\Desktop\DDOCharGen3121
 [2012.05.04 11:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
 [2012.05.04 11:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
 [2012.05.04 11:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 [1 C:\*.tmp files -> C:\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2012.06.01 19:49:22 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
 [2012.06.01 19:41:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\Desktop\Desktop\OTL.exe
 [2012.06.01 19:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 [2012.06.01 18:29:00 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
 [2012.06.01 18:29:00 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
 [2012.06.01 13:26:23 | 000,711,240 | ---- | M] () -- C:\Windows\is-C87OL.exe
 [2012.06.01 13:26:23 | 000,012,782 | ---- | M] () -- C:\Windows\is-C87OL.msg
 [2012.06.01 13:26:23 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 [2012.06.01 13:26:23 | 000,000,441 | ---- | M] () -- C:\Windows\is-C87OL.lst
 [2012.06.01 12:43:49 | 000,647,086 | ---- | M] () -- C:\Windows\System32\perfh007.dat
 [2012.06.01 12:43:49 | 000,611,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
 [2012.06.01 12:43:49 | 000,134,254 | ---- | M] () -- C:\Windows\System32\perfc007.dat
 [2012.06.01 12:43:49 | 000,110,588 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 [2012.06.01 12:28:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2012.06.01 12:28:55 | 3487,739,904 | -HS- | M] () -- C:\hiberfil.sys
 [2012.05.31 23:17:41 | 000,198,656 | ---- | M] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 [2012.05.31 14:07:24 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
 [2012.05.31 13:31:29 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
 [2012.05.31 13:31:29 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 [2012.05.30 16:24:30 | 266,863,336 | ---- | M] () -- C:\Users\Felix\Desktop\Desktop\Desktop\The Best Of Pulsar 2011.zip
 [2012.05.29 12:22:34 | 000,002,032 | ---- | M] () -- C:\Users\Felix\AppData\Local\d3d9caps.dat
 [2012.05.25 10:39:58 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
 [2012.05.25 10:39:27 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
 [2012.05.25 10:39:04 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
 [2012.05.25 10:39:04 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
 [2012.05.25 10:39:03 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
 [2012.05.24 21:24:08 | 000,002,391 | ---- | M] () -- C:\Users\Felix\Desktop\Desktop\Desktop\Skype.lnk
 [2012.05.22 12:24:28 | 000,047,340 | ---- | M] () -- C:\Users\Felix\Desktop\Desktop\Desktop\Chipkarten_H_Gießen.pdf
 [2012.05.17 18:42:05 | 002,374,552 | ---- | M] () -- C:\Users\Felix\Desktop\Desktop\Desktop\lamaland.exe
 [2012.05.13 14:02:42 | 000,371,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 [1 C:\*.tmp files -> C:\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2012.06.01 13:26:23 | 000,711,240 | ---- | C] () -- C:\Windows\is-C87OL.exe
 [2012.06.01 13:26:23 | 000,012,782 | ---- | C] () -- C:\Windows\is-C87OL.msg
 [2012.06.01 13:26:23 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 [2012.06.01 13:26:23 | 000,000,441 | ---- | C] () -- C:\Windows\is-C87OL.lst
 [2012.05.31 14:07:24 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
 [2012.05.31 14:07:24 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
 [2012.05.30 16:18:42 | 266,863,336 | ---- | C] () -- C:\Users\Felix\Desktop\Desktop\Desktop\The Best Of Pulsar 2011.zip
 [2012.05.25 10:39:58 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
 [2012.05.22 12:24:27 | 000,047,340 | ---- | C] () -- C:\Users\Felix\Desktop\Desktop\Desktop\Chipkarten_H_Gießen.pdf
 [2012.05.19 06:34:01 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 [2012.05.17 18:42:04 | 002,374,552 | ---- | C] () -- C:\Users\Felix\Desktop\Desktop\Desktop\lamaland.exe
 [2012.04.05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
 [2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
 [2011.10.07 22:39:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 [2011.09.28 17:38:47 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 [2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
 [2011.09.08 18:51:22 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
 [2011.08.30 20:48:59 | 000,122,772 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
 [2011.03.29 06:05:20 | 000,000,087 | ---- | C] () -- C:\Windows\SIERRA.INI
 [2010.07.21 09:48:03 | 000,001,491 | ---- | C] () -- C:\Users\Felix\AppData\Local\RecConfig.xml
 
 ========== LOP Check ==========
 
 [2011.08.31 16:00:02 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Amazon
 [2010.07.21 10:32:36 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Audio Record Edit Toolbox Pro
 [2010.07.21 10:29:42 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Audio Recorder for Free
 [2012.01.27 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Babylon
 [2011.11.20 17:52:22 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\DVDVideoSoft
 [2011.08.03 04:35:14 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers
 [2012.02.22 01:58:37 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Firstload
 [2010.03.05 10:58:48 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\FreeVideoConverter
 [2010.12.05 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\HarderBase.Fm_Player
 [2012.06.01 12:31:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\ICQ
 [2008.07.01 23:44:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\ICQ Toolbar
 [2007.11.21 19:57:13 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\ICQLite
 [2011.01.03 00:47:21 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\LolClient
 [2012.05.25 11:50:57 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\LolClient2
 [2009.09.14 18:01:03 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\MAGIX
 [2008.09.14 15:20:02 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\NCH Swift Sound
 [2011.12.08 01:52:11 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Opera
 [2008.01.21 13:59:40 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Recordpad
 [2011.10.21 10:53:32 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Simfy
 [2011.08.15 12:42:56 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Softplicity
 [2008.07.13 19:10:20 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\TeamViewer
 [2010.10.17 00:48:58 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Thinstall
 [2008.06.02 07:19:21 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Tobit
 [2012.04.26 21:57:02 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\TS3Client
 [2012.04.26 21:57:16 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\ts3overlay
 [2010.11.16 04:14:52 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Turbine
 [2010.02.24 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\uTorrent
 [2012.06.01 01:35:57 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
 ========== Purity Check ==========
 
 
 
 ========== Alternate Data Streams ==========
 
 @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:671329E4
 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF
 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A1063995
 
 < End of report >
 --- --- ---    
otl extra log file:  
OTL Logfile:   Code: 
 OTL Extras logfile created on: 01.06.2012 19:44:35 - Run 1OTL by OldTimer - Version 3.2.45.0     Folder = C:\Users\Felix\Desktop\Desktop\Desktop
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
 3,25 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 55,44% Memory free
 6,70 Gb Paging File | 4,84 Gb Available in Paging File | 72,19% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 238,31 Gb Total Space | 60,41 Gb Free Space | 25,35% Space Free | Partition Type: NTFS
 Drive D: | 20,49 Gb Total Space | 13,30 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
 Drive M: | 206,95 Gb Total Space | 25,95 Gb Free Space | 12,54% Space Free | Partition Type: NTFS
 
 Computer Name: FELIXHESS-PC | User Name: Felix | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
 [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
 .bat [@ = batfile] -- Reg Error: Key error. File not found
 .cmd [@ = cmdfile] -- Reg Error: Key error. File not found
 .com [@ = comfile] -- Reg Error: Key error. File not found
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 "cval" = 1
 "FirewallDisableNotify" = 0
 "AntiVirusDisableNotify" = 0
 "UpdatesDisableNotify" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 "AntiVirusOverride" = 1
 "AntiSpywareOverride" = 1
 "FirewallOverride" = 0
 "VistaSp1" = Reg Error: Unknown registry data type -- File not found
 "VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
 ========== System Restore Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
 "DisableSR" = 0
 
 ========== Firewall Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
 ========== Vista Active Open Ports Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{0F4F82B7-0CD7-461C-8543-28C532454251}" = lport=2869 | protocol=6 | dir=in | app=system |
 "{164AE472-6FFD-4B2A-8F30-F9BCDE18257F}" = rport=5358 | protocol=6 | dir=out | app=system |
 "{17F413E4-8CA3-4ABA-87BD-81189EB92DDB}" = lport=6882 | protocol=17 | dir=in | name=league of legends launcher |
 "{18C262B4-1FA2-4F1B-9C41-3647CA3F7947}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher |
 "{20DE1B5E-82C1-412E-A8D1-4B13D6289B2B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{264B9DC0-6DD6-476F-9700-4F88C209A154}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
 "{40B30048-8362-49BC-9CAA-1371F237FD5E}" = lport=6963 | protocol=6 | dir=in | name=league of legends launcher |
 "{446B0224-FA30-4071-94E8-289B8307E7CC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{4F2A331A-3663-450E-AB00-78981BBB2EAE}" = lport=6896 | protocol=17 | dir=in | name=league of legends launcher |
 "{53597CCC-69D6-45E8-872B-0E031027B00D}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher |
 "{55851465-A1CC-4C34-82F4-0FB7B068B9BE}" = lport=5358 | protocol=6 | dir=in | app=system |
 "{597E0867-2656-4811-910E-4A742085BEFE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
 "{62385C85-0F9D-4197-B022-542954EFC08B}" = lport=6975 | protocol=17 | dir=in | name=league of legends launcher |
 "{64A167A7-9ADB-4493-9B82-E7B18AA730EE}" = lport=6896 | protocol=6 | dir=in | name=league of legends launcher |
 "{6876A3A5-4446-42FF-BA85-222506CC1A88}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{68AD6A3C-3CD4-444E-8660-31031EEB1240}" = lport=6975 | protocol=6 | dir=in | name=league of legends launcher |
 "{6A8C6E2B-3209-4478-A9CE-4B6C9F51B4C9}" = lport=10243 | protocol=6 | dir=in | app=system |
 "{6AF1DD71-AE7A-450A-8D73-CAFFCFDDC08D}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
 "{7057F7F8-1766-4E1E-94EC-96C496039532}" = lport=5357 | protocol=6 | dir=in | app=system |
 "{75CC30AA-E8E4-42C4-8DB8-F28B19EB8100}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
 "{7AE01BD5-1019-4F03-B349-5D536B6E27C6}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
 "{81123DDC-DB1B-4084-82A7-A663218B3F4D}" = lport=6916 | protocol=6 | dir=in | name=league of legends launcher |
 "{82315A17-CFF9-47D9-A352-A20DBA521F19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{854D4D85-772B-40B3-9DFC-72B9BDCEC386}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
 "{8C3A29B2-FCD8-456E-86C9-EBCBC28BB2E3}" = lport=6916 | protocol=17 | dir=in | name=league of legends launcher |
 "{8EAAF750-ABB2-4D3E-8C7B-AD94D112AA0C}" = lport=6963 | protocol=17 | dir=in | name=league of legends launcher |
 "{92CC3A49-6C00-4E05-97EB-E3EA04F332BD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 "{9392DF34-0EB4-4B59-9E8A-7C15AF2F761B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{9425EDE8-2AE8-49FC-90BF-02DF77F821AA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
 "{999E5654-6C64-4A03-9BC4-3F29178E9DD7}" = rport=5357 | protocol=6 | dir=out | app=system |
 "{A66FD30E-64FA-4432-A58A-70702E7B2765}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
 "{A71219CC-CE7F-4546-A2D7-C195D86ADD3F}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
 "{B406D1FC-23F9-471E-9E0F-613A12B235D0}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
 "{B85CBCB7-BBF8-4AE0-B213-C94D60D17879}" = lport=6978 | protocol=6 | dir=in | name=league of legends launcher |
 "{B95DA179-261B-4407-B86F-2F68AEC77868}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
 "{BE2DB2F7-4FD0-41BE-8E28-1E2E6F5AC219}" = rport=10243 | protocol=6 | dir=out | app=system |
 "{BEE17D72-EF7F-4CB9-98B6-32085816F926}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
 "{C857F2F4-3BF7-4F41-8C7A-0E665AED363B}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
 "{CE9EAB17-E85A-4E7B-A284-9BA80326E349}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{D3E76A97-B86E-401F-A692-EDDAB2E642FE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{D5457470-35E2-4176-8906-202E83A6136B}" = lport=6882 | protocol=6 | dir=in | name=league of legends launcher |
 "{D929C869-9FF2-49C5-BB5A-E69105B1B579}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 "{DC6714AB-280C-4A77-B122-A3EA1890D3AA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
 "{E526F8CC-E0CD-4360-97B3-484E0DFA83AC}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
 "{E53972EF-4684-4867-A49F-C99A3C2A29C1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{E80AF5F1-1E5E-4C09-9988-29B2E29C9896}" = lport=6978 | protocol=17 | dir=in | name=league of legends launcher |
 "{EE1038F2-3955-407A-B880-3316570687BD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
 "{EF07EC34-F825-4AD4-82DB-F7FF74EC8EA1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{F34A3DD7-B1EB-4476-BCD7-0D36C53B9EE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{F83121E8-3894-444D-AA49-86B0D45A68DD}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
 "{FEF27485-3F0E-48E1-90F7-563EDB8D57F7}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
 
 ========== Vista Active Application Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{050582FE-13AD-406C-BF85-153485A5CD46}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
 "{0DC93FBE-9B74-46BA-99C4-6B2A9DC58171}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
 "{14E48F10-9EB2-4AAF-B217-0EAA8EDEFF65}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
 "{1DE94500-758D-4C94-BDEF-90D1525B2815}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
 "{21B765E0-D7F6-43E9-A76C-CA55D4EB0AC2}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
 "{2EA0D415-49E1-4909-83E1-41C52ED8FBC7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{32A43669-66F4-4CA6-9894-BF90CCB57FC1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
 "{358CEAB7-7F79-4D3D-9A43-5174CB3BAAD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
 "{36F881F5-3C30-468C-A302-A6D9D1ACE99A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{3A6A2AD4-A31F-4095-A99A-128A75F7A160}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
 "{3C82EA6E-F7B4-4631-A1EB-5160F408CB4B}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
 "{4586335A-F783-4F4A-8A60-9997133F1E6E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
 "{4FD8ED99-1055-428F-90B9-30300E7D4D88}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
 "{504052F9-D53A-4851-969C-AAFE2E5D43DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{5180861B-B9A8-4F5D-8086-241ACC939EC4}" = protocol=6 | dir=out | app=system |
 "{5749C992-7799-4C3E-B08C-D33A6CEE952F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{5C927F74-E00F-42ED-8863-09D717FEEDE9}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
 "{5C970046-F385-4C03-BC8A-42FDAE8F046C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
 "{5DAA4277-2D42-4E53-9E1F-9E792BD5C5A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{6B98A2DF-73ED-45A5-8274-C93E926DE15B}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
 "{7162DD06-BF32-42C9-94DB-84939D54D071}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
 "{72317DF3-B161-4689-87C0-19439DC7E252}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
 "{73489D63-287B-42C9-B019-B4995050D62C}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
 "{76A74CD5-4075-4081-8E7D-15B14951B8E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{793B0D80-AEDE-46DF-BF42-4189EB7CC9CD}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
 "{7E38D43F-7F02-4657-A1EE-5098E92AFD44}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
 "{7E5D31B8-6C93-4F4B-805C-061C9EB0D776}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
 "{7F234897-CF06-48C7-B604-E561A50DE805}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
 "{8353E8EC-D286-4582-83E5-840A3F5B0135}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
 "{864AD50E-D2A3-4462-8733-66A1E6D82446}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
 "{865EE2D4-0756-4832-B3FC-C9FE99576CF2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{88091ECD-6F0C-4E4D-B75A-829D2427A4EB}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
 "{9D68911F-A8A3-468F-9591-8285C68AE594}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
 "{A106099D-F085-421C-B14A-875A64C2324B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
 "{A4251FCC-3CC7-4DA5-9E0B-8CA3D939F288}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
 "{AA06022B-8D3A-427E-9893-82A34D91D15D}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
 "{B1441EDE-48FD-4D0C-AE69-99DEA3FF0E8C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{B2595ED5-BBDB-4180-B3FF-B5B97AACB521}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
 "{BD769BCA-1094-448E-BA00-BD39CEB609ED}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
 "{BDD7F61E-39A0-423A-859E-56DF3D5D8162}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
 "{BFA5BDC0-4974-432A-9B08-9E5E6B5F3080}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
 "{C270E1BF-E985-4A42-8BD7-EAC0FE1A8DC7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
 "{C3329405-9A0A-4FAA-8846-E940BA1EAADE}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
 "{D1FB2B1A-AFF7-48D7-9D1D-B0E86345E27A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
 "{D7456169-CDB3-4D8E-A5CE-7C7DADC797DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{DA0682A9-8995-46BE-984D-F63F30AA606E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
 "{DF0AA5FB-51C8-4A6B-BA4F-D06AA391F068}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{E2B914F7-91E7-4732-AE52-EAB8C91D1C09}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{E3B35DC4-28BC-4EC0-B9EB-360AC8696D0E}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
 "{E3E14AF0-94F9-4581-A20D-67E6FE82F854}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
 "{EBF1CC3F-DF1A-478C-B911-82B94D0B1CEB}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
 "{EF6C55D3-77E2-4F34-9D5F-A7384D67B564}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{EFE42D19-53D1-4FCD-9620-7C7F722D7D81}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
 "{F1779F53-9F05-4A14-BED2-37B318C2FBF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
 "{F2463D2C-3D92-4FEA-88F8-0F0DCAAB84AD}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
 "{F3450E37-7974-4D61-ACED-3421197D3D61}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
 "{FBDAD317-72EB-40D0-B846-0173BD5ABD4F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
 "{FC75B768-90C3-4F97-B31A-BD1D935217B9}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
 "TCP Query User{1340821B-9285-4230-9D11-24D76B4DD901}C:\users\felix\desktop\desktop\desktop\broodwar115 full.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\desktop\broodwar115 full.exe |
 "TCP Query User{24ACAB53-4939-4E1C-A9F7-620A961B9012}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
 "TCP Query User{283FD21B-E8B7-4237-99BC-150B261990EA}C:\users\felix\desktop\desktop\warcraft iii 1.20\war3.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\warcraft iii 1.20\war3.exe |
 "TCP Query User{2F3F7B80-84E6-464D-B4C3-E718AD036F0D}C:\program files\metin2\metin2.exe" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.exe |
 "TCP Query User{356FAA79-B6D1-4D8B-B82B-2101B8D66432}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
 "TCP Query User{3ECD92EA-4FD4-497B-BA6A-8AC9345D4438}C:\users\felix\desktop\desktop\desktop\warcraft 3\war3.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\desktop\warcraft 3\war3.exe |
 "TCP Query User{40F57CA1-0E6D-4C95-B896-7739AFE7B71C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "TCP Query User{4608E3B2-756D-4B14-B566-718F2A013B3F}C:\program files\tobit clipinc\player\clipinc-player.exe" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
 "TCP Query User{48093C61-F320-49D5-AA2D-DC1237BC0EC7}C:\users\felix\desktop\desktop\unreal tournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\unreal tournament\system\unrealtournament.exe |
 "TCP Query User{497997BC-E719-4E05-86DF-13B47728A2E1}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
 "TCP Query User{4BE45D54-518A-4F4B-BAC0-AC65BFF65606}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
 "TCP Query User{4EABA09C-3655-4299-A380-6BDABB317EA8}C:\users\felix\desktop\desktop\desktop\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\desktop\metin2\metin2.bin |
 "TCP Query User{5A751B09-77BC-460D-A824-CA954E6B5696}C:\users\felix\desktop\desktop\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\metin2\metin2.bin |
 "TCP Query User{5A9D0B0D-E30E-43CB-BE25-25AFB28FD575}C:\program files\metin2\metin2.bin.exe" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin.exe |
 "TCP Query User{813A24D8-9DBF-4132-9218-BF8429CA0B08}C:\program files\metin2_germany\metin2_power.exe" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2_power.exe |
 "TCP Query User{8946ED31-C4E9-407F-B249-4D086E0EADBB}C:\program files\http-tunnel\http-tunnelclient.exe" = protocol=6 | dir=in | app=c:\program files\http-tunnel\http-tunnelclient.exe |
 "TCP Query User{8BCDE378-82B7-4A06-957A-13DC57330C9E}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
 "TCP Query User{9728D169-DCC6-447C-A640-8FD6A689B354}C:\users\felix\desktop\desktop\desktop\unreal tournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\desktop\unreal tournament\system\unrealtournament.exe |
 "TCP Query User{9879BA4C-868D-45F1-9DFC-9ADD38567F64}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
 "TCP Query User{A0AC7E35-28E1-4DB4-9F20-4155AD506319}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
 "TCP Query User{A7BFC233-3D15-4A15-94E1-1A5F76840A19}C:\program files\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
 "TCP Query User{A8CAB1D0-7C84-494A-9BFA-6FF2E2C2D0E3}C:\users\felix\desktop\desktop\spiele daten\warcraft iii 1.20\war3.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\spiele daten\warcraft iii 1.20\war3.exe |
 "TCP Query User{AA7AC0C8-8FEF-42DB-98DD-00B8D3BBCBED}C:\users\felix\desktop\desktop\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\felix\desktop\desktop\metin2\metin2client.bin |
 "TCP Query User{AF229E04-3C06-4B6D-ADEA-A1FAA90F8E08}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
 "TCP Query User{B7155958-A7B5-4731-91DD-5B3E934671C1}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
 "TCP Query User{BE4628FC-146B-4C8F-AB5D-438D0C90605B}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
 "TCP Query User{DC02BDFE-C5CE-4C96-84E0-46B47C65087E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "TCP Query User{DF303695-1EED-4846-AF91-F2F84D78180D}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
 "TCP Query User{DFFF1B3E-56BA-4000-B0FA-54F388248BC2}C:\program files\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files\tera\tera-launcher.exe |
 "TCP Query User{E09FD86C-678D-4DD1-9B49-16CB3BF91C89}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
 "TCP Query User{FB989524-DCDE-40E2-8F1D-2B44B0A345F2}C:\program files\turbine\ddo unlimited (preview)\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited (preview)\dndclient.exe |
 "UDP Query User{050228B0-3BA3-4328-8028-BEF70804CF57}C:\users\felix\desktop\desktop\desktop\warcraft 3\war3.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\desktop\warcraft 3\war3.exe |
 "UDP Query User{1091CD37-18C6-42CE-9A88-FA0A440C8495}C:\program files\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
 "UDP Query User{1493C435-8B24-419D-AABE-39F478909629}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
 "UDP Query User{18AFD61E-8201-49E3-9732-CF297293A74D}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
 "UDP Query User{1DD5DBB9-5CE1-460B-A019-E3363D8BA6D4}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
 "UDP Query User{2441A426-B9D4-4009-92F2-AB62A36FEE2D}C:\program files\metin2\metin2.bin.exe" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin.exe |
 "UDP Query User{2AF71EDF-FE5E-4E10-82AE-2400D36FA858}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
 "UDP Query User{2FED4034-6EEA-4217-A7C0-7CFAB1D3A4F1}C:\program files\metin2_germany\metin2_power.exe" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2_power.exe |
 "UDP Query User{51B213FF-E594-486E-9404-7A1D7D8BFD3F}C:\users\felix\desktop\desktop\warcraft iii 1.20\war3.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\warcraft iii 1.20\war3.exe |
 "UDP Query User{51EB80C7-6577-44DE-94EC-0AAEB6D2BE90}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
 "UDP Query User{556F8910-BA56-41D9-B164-E10B6ACA6496}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "UDP Query User{638B23DF-7AC8-4061-950E-619691CF7EA8}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
 "UDP Query User{67183BC4-7D94-4FB7-8A26-E7A237A1C860}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
 "UDP Query User{6CCE4E2A-D5C9-4012-B4DB-323B331FB76A}C:\users\felix\desktop\desktop\desktop\broodwar115 full.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\desktop\broodwar115 full.exe |
 "UDP Query User{76AC056C-EAC1-4E0C-9B7A-E3EEE681B7DD}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
 "UDP Query User{7E0DB323-9F15-4212-9354-B28473D4BA2B}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
 "UDP Query User{9580AE8C-31FF-4CB2-B0A1-D985C60F4C61}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
 "UDP Query User{99E21551-49B5-41A7-8804-C35D95AEDE0E}C:\users\felix\desktop\desktop\spiele daten\warcraft iii 1.20\war3.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\spiele daten\warcraft iii 1.20\war3.exe |
 "UDP Query User{A33A4194-746E-4C91-B7E8-AA025748ED63}C:\program files\http-tunnel\http-tunnelclient.exe" = protocol=17 | dir=in | app=c:\program files\http-tunnel\http-tunnelclient.exe |
 "UDP Query User{AF443B91-1662-430D-A179-76F99171C9BF}C:\users\felix\desktop\desktop\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\metin2\metin2.bin |
 "UDP Query User{B58CB519-BF23-44CE-8E6F-2EFC6B149382}C:\program files\metin2\metin2.exe" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.exe |
 "UDP Query User{B6AFC324-5059-4C13-A690-28318C7FA409}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "UDP Query User{C5F1208F-8D23-4989-BE88-1C1742C9B040}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
 "UDP Query User{CCE76B2B-4678-48AB-9FDA-C511E8E38F2D}C:\program files\turbine\ddo unlimited (preview)\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited (preview)\dndclient.exe |
 "UDP Query User{CF1DA05B-39A2-4802-BC46-861BE20F8B38}C:\users\felix\desktop\desktop\desktop\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\desktop\metin2\metin2.bin |
 "UDP Query User{D4268797-6D09-4DAA-A10A-7CA467127145}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
 "UDP Query User{D674D1A0-299A-44C1-8007-5DD1E4CCC6A6}C:\users\felix\desktop\desktop\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\metin2\metin2client.bin |
 "UDP Query User{D70FF36B-AFF1-4FA3-BE70-4899853F6E84}C:\program files\tobit clipinc\player\clipinc-player.exe" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
 "UDP Query User{E39E969D-900A-4F34-916B-112BE97A62EC}C:\users\felix\desktop\desktop\unreal tournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\unreal tournament\system\unrealtournament.exe |
 "UDP Query User{E98FE030-15AD-414E-9A3C-A419B3D939C6}C:\program files\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files\tera\tera-launcher.exe |
 "UDP Query User{FF4B7076-487F-4D8B-A725-522D5D7B5C94}C:\users\felix\desktop\desktop\desktop\unreal tournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\desktop\desktop\unreal tournament\system\unrealtournament.exe |
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
 "{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
 "{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
 "{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
 "{2FC92BF4-F8BB-755F-755C-D756383C4CF3}" = ccc-utility
 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
 "{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
 "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
 "{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
 "{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
 "{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
 "{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
 "{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
 "{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
 "{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
 "{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
 "{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
 "{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
 "{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
 "{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
 "{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
 "{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
 "{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
 "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
 "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
 "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
 "{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
 "{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
 "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{CE3DF04B-D674-369C-8469-75285614A8C4}" = AMD Catalyst Install Manager
 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
 "{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
 "{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
 "{D544AE4C-4152-225B-A897-6756C8986B14}" = Catalyst Control Center
 "{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
 "{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
 "{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
 "579dbe90-e989-11dd-ba2f-0800200c9a66_is1" = Dungeons & Dragons Online ®:  Eberron Unlimited ™ (Preview) v01
 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
 "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
 "avast" = avast! Free Antivirus
 "bc8a6440-918f-11dd-ad8b-0800200c9a66_is1" = Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.14.00.802
 "CCleaner" = CCleaner
 "Firstload" = Firstload
 "FLAC To MP3_is1" = FLAC To MP3 V4.0.4
 "Fraps" = Fraps (remove only)
 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
 "Freecorder Toolbar" = Freecorder Toolbar
 "Freecorder5.02" = Freecorder 5
 "Harvey" = Harveys Neue Augen
 "MAGIX Video deluxe 15 Premium D" = MAGIX Video deluxe 15 Premium 8.0.0.62 (D)
 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
 "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 "Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
 "NVIDIA Drivers" = NVIDIA Drivers
 "RealPlayer 15.0" = RealPlayer
 "Revo Uninstaller" = Revo Uninstaller 1.93
 "Silent-Bob pro 1.31" = Silent-Bob pro 1.31
 "TeamSpeak 3 Client" = TeamSpeak 3 Client
 "Tunatic" = Tunatic
 "VLC media player" = VLC media player 1.1.5
 "WinLiveSuite" = Windows Live Essentials
 "ZMBV" = Zip Motion Block Video codec (Remove Only)
 
 ========== HKEY_CURRENT_USER Uninstall List ==========
 
 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
 ========== Last 10 Event Log Errors ==========
 
 [ Application Events ]
 Error - 31.05.2012 07:42:07 | Computer Name = FelixHess-PC | Source = Windows Search Service | ID = 3013
 Description =
 
 Error - 31.05.2012 07:42:07 | Computer Name = FelixHess-PC | Source = Windows Search Service | ID = 3013
 Description =
 
 Error - 31.05.2012 07:42:07 | Computer Name = FelixHess-PC | Source = Windows Search Service | ID = 3013
 Description =
 
 Error - 31.05.2012 07:42:07 | Computer Name = FelixHess-PC | Source = Windows Search Service | ID = 3013
 Description =
 
 Error - 31.05.2012 11:32:27 | Computer Name = FelixHess-PC | Source = Application Error | ID = 1000
 Description = Fehlerhafte Anwendung dndclient.exe, Version 1.18.2.8024, Zeitstempel
 0x4fa1de69, fehlerhaftes Modul dndclient.exe, Version 1.18.2.8024, Zeitstempel
 0x4fa1de69, Ausnahmecode 0xc0000005, Fehleroffset 0x004447bc,  Prozess-ID 0x178c,
 Anwendungsstartzeit 01cd3f3ce601ed30.
 
 Error - 31.05.2012 17:16:19 | Computer Name = FelixHess-PC | Source = SecurityCenter | ID = 3
 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
 zu überwachen.
 
 Error - 31.05.2012 17:16:48 | Computer Name = FelixHess-PC | Source = Application Hang | ID = 1002
 Description = Programm ICQ.exe, Version 7.6.0.5620 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: f8c  Anfangszeit: 01cd3f721a08b941  Zeitpunkt der Beendigung:
 5
 
 Error - 31.05.2012 18:28:58 | Computer Name = FelixHess-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
 Description =
 
 Error - 31.05.2012 18:28:58 | Computer Name = FelixHess-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
 Description =
 
 Error - 01.06.2012 06:32:58 | Computer Name = FelixHess-PC | Source = SecurityCenter | ID = 3
 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
 zu überwachen.
 
 [ Media Center Events ]
 Error - 16.04.2008 15:56:40 | Computer Name = FelixHess-PC | Source = MCUpdate | ID = 0
 Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
 [ System Events ]
 Error - 31.05.2012 04:22:51 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7001
 Description =
 
 Error - 31.05.2012 04:22:51 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 31.05.2012 17:12:55 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7001
 Description =
 
 Error - 31.05.2012 17:12:55 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7001
 Description =
 
 Error - 31.05.2012 17:12:55 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 01.06.2012 06:30:38 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7001
 Description =
 
 Error - 01.06.2012 06:30:38 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7001
 Description =
 
 Error - 01.06.2012 06:30:38 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 01.06.2012 06:40:52 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7009
 Description =
 
 Error - 01.06.2012 06:40:52 | Computer Name = FelixHess-PC | Source = Service Control Manager | ID = 7000
 Description =
 
 
 < End of report >
 --- --- ---    
malewarebytes logfile:    Zitat:   | Malwarebytes Anti-Malware 1.61.0.1400
 www.malwarebytes.org
 
 Datenbank Version: v2012.06.01.05
 
 Windows Vista Service Pack 2 x86 NTFS
 Internet Explorer 9.0.8112.16421
 Felix :: FELIXHESS-PC [Administrator]
 
 01.06.2012 19:49:44
 mbam-log-2012-06-01 (19-49-44).txt
 
 Art des Suchlaufs: Vollständiger Suchlauf
 Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
 Deaktivierte Suchlaufeinstellungen: P2P
 Durchsuchte Objekte: 468866
 Laufzeit: 2 Stunde(n), 26 Minute(n), 14 Sekunde(n)
 
 Infizierte Speicherprozesse: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Speichermodule: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Registrierungsschlüssel: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Registrierungswerte: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Dateiobjekte der Registrierung: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Verzeichnisse: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Dateien: 0
 (Keine bösartigen Objekte gefunden)
 
 (Ende)
 
 |  |