Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Programme frieren oft ein / geben keine Rückmeldung! Virus?

Programme frieren oft ein / geben keine Rückmeldung! Virus?


Plagegeister aller Art und deren Bekämpfung: Programme frieren oft ein / geben keine Rückmeldung! Virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.08.2012, 13:49   #1
FallenHero
 
Programme frieren oft ein / geben keine Rückmeldung! Virus? - Standard

Programme frieren oft ein / geben keine Rückmeldung! Virus?


Hallo, liebes Trojaner-Board Team!

Seit ein paar Wochen habe ich ein Problem, das scheinbar in ähnlicher Weise schoneinmal in diesem Forum gepostet wurde.
Dazu sage ich schonmal im Vorraus:
Einer meiner Ram-Steckplätze ist im Eimer. Ich dachte zuerst, es hänge damit zusammen, als ich das herausgefunden habe, jedoch hat das Beseitigen des Ram-Sticks vom entsprechenden Steckplatz keine Besserung bewirkt.

Und zwar:
Alle Programme geben sehr oft keine Rückmeldung mehr.
Anfangs bleibt nur ein Programm hängen (Meistens Firefox). Weitere Programme bleiben erst hängen (Nicht immer!) , wenn ich diese anklicke. Auch der Task-Manager lässt sich dann nicht mehr öffnen... Dazu scheint Opera das gleiche Problem zu haben: Manchmal, wenn ich versuche, es zu starten, kommt schon beim Startvorgang eine Fehler Meldung "Opera ist abgestürzt. Bericht senden?" oder so ähnlich...
Ich habe Malwarebytes schon länger installiert, jedoch findet es keine Viren o.Ä. auf meinem Computer, genau wie Panda Cloud Antivirus.

Der PC wurde auch etliche Male neu aufgesetzt.

Hier meine Logs:

Code:
ATTFilter
OTL logfile created on: 02.08.2012 14:42:51 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\FallenHero\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 71,04% Memory free
7,96 Gb Paging File | 6,55 Gb Available in Paging File | 82,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 99,29 Gb Free Space | 42,65% Space Free | Partition Type: NTFS
 
Computer Name: FALLENHERO-PC | User Name: FallenHero | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.02 14:40:24 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\FallenHero\Desktop\OTL.exe
PRC - [2012.07.18 19:33:55 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.07.13 07:15:56 | 000,037,152 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PRC - [2012.07.13 07:15:56 | 000,036,640 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PRC - [2012.07.13 06:57:41 | 000,140,064 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2012.07.01 14:15:03 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.18 19:33:55 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.05.15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2009.09.30 05:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009.03.19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009.03.19 22:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.01 20:06:20 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.27 13:25:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.18 19:33:55 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.13 07:15:56 | 000,036,640 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
SRV - [2012.07.13 06:57:41 | 000,140,064 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012.07.01 14:15:03 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.13 07:02:53 | 000,130,088 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2012.07.13 07:02:10 | 000,205,352 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2012.07.13 07:02:10 | 000,123,944 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2012.07.13 07:02:09 | 000,167,464 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2012.07.13 07:02:09 | 000,119,336 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2012.07.12 11:18:56 | 000,219,688 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM)
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.06.27 15:51:24 | 000,105,000 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC)
DRV:64bit: - [2012.06.27 15:51:23 | 000,112,680 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV:64bit: - [2012.06.27 15:51:23 | 000,109,096 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV)
DRV:64bit: - [2012.06.27 15:51:22 | 000,304,680 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT)
DRV:64bit: - [2012.06.27 15:51:22 | 000,116,776 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3)
DRV:64bit: - [2012.06.27 15:51:22 | 000,068,648 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV:64bit: - [2012.06.27 15:51:21 | 000,093,224 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC)
DRV:64bit: - [2012.06.27 15:51:21 | 000,033,320 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSNAHSL.sys -- (NNSNAHSL)
DRV:64bit: - [2012.06.27 15:51:20 | 000,113,192 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS)
DRV:64bit: - [2012.06.27 15:51:19 | 000,116,776 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP)
DRV:64bit: - [2012.06.27 15:51:19 | 000,089,128 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC)
DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.07 14:12:50 | 000,066,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 18:05:04 | 000,057,928 | ---- | M] (Panda Security) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
DRV:64bit: - [2011.02.16 11:11:08 | 000,428,136 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.05.20 09:30:58 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.17 13:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.07.03 14:14:39 | 000,050,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\STOnline\avital\wyqku64.sys -- (uqk)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E5 91 13 72 78 57 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Amazon.de"
FF - prefs.js..browser.startup.homepage: "hxxp://google.de"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 19:33:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.01 14:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 19:33:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.07.01 13:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FallenHero\AppData\Roaming\mozilla\Extensions
[2012.07.28 01:32:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FallenHero\AppData\Roaming\mozilla\Firefox\Profiles\4loqw140.default\extensions
[2012.07.01 15:32:18 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\FallenHero\AppData\Roaming\mozilla\Firefox\Profiles\4loqw140.default\extensions\ich@maltegoetz.de
[2012.07.01 13:30:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.24 21:49:47 | 000,008,503 | ---- | M] () (No name found) -- C:\USERS\FALLENHERO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4LOQW140.DEFAULT\EXTENSIONS\LONGURLPLEASE@DARRAGH.CURRAN.XPI
[2012.07.18 19:33:55 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F236D9EC-0DD5-486C-80A8-07B78F51DB38}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.02 14:40:22 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\FallenHero\Desktop\OTL.exe
[2012.08.02 12:08:58 | 000,057,928 | ---- | C] (Panda Security) -- C:\Windows\SysNative\drivers\PSKMAD.sys
[2012.07.30 12:06:14 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Panda Security
[2012.07.30 12:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2012.07.30 12:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012.07.30 12:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2012.07.28 18:46:05 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\San Andreas Texturen
[2012.07.27 12:11:04 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\ArmA 2 Other Profiles
[2012.07.26 17:15:04 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012.07.26 17:11:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.07.26 17:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.07.26 17:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012.07.25 19:00:22 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\RenPy
[2012.07.25 18:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Katawa Shoujo
[2012.07.25 17:47:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.24 22:36:53 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\Logitech
[2012.07.24 22:36:52 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Leadertech
[2012.07.24 22:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012.07.24 22:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012.07.24 22:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2012.07.24 22:35:45 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Logitech
[2012.07.24 22:35:45 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Logishrd
[2012.07.23 00:10:41 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Opera
[2012.07.23 00:10:41 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\Opera
[2012.07.23 00:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012.07.20 19:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012.07.20 19:31:20 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\Vindictus EU
[2012.07.20 19:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012.07.20 19:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vindictus EU
[2012.07.20 19:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2012.07.19 22:37:09 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\GUILD WARS
[2012.07.19 22:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2012.07.19 22:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GUILD WARS
[2012.07.19 20:11:47 | 000,000,000 | ---D | C] -- C:\Download
[2012.07.19 20:11:38 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2012.07.19 20:11:38 | 000,000,000 | ---D | C] -- C:\Nexon
[2012.07.18 14:55:26 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\SIX_Projects
[2012.07.18 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\ArmA 2
[2012.07.18 13:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012.07.18 12:59:09 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\six-zsync
[2012.07.18 12:59:09 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\six-updater
[2012.07.18 12:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012.07.18 12:57:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects
[2012.07.18 12:57:23 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\Downloaded Installations
[2012.07.18 12:55:40 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\ArmA 2 OA
[2012.07.18 12:55:40 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\ArmA 2
[2012.07.18 12:55:25 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012.07.18 12:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012.07.18 12:28:40 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\.Nitrous
[2012.07.17 18:15:30 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Desktop\SAMP
[2012.07.17 16:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.07.17 16:21:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2012.07.17 16:21:10 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\Guild Wars 2
[2012.07.16 19:13:11 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Desktop\ViennaCraft
[2012.07.16 19:12:00 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\FileZilla
[2012.07.16 19:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2012.07.16 19:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2012.07.16 18:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012.07.16 18:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2012.07.15 17:24:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012.07.15 17:09:19 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\Rockstar Games
[2012.07.15 17:07:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.07.15 17:06:51 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Local\Rockstar Games
[2012.07.15 17:06:14 | 000,000,000 | RH-D | C] -- C:\Users\FallenHero\AppData\Roaming\SecuROM
[2012.07.15 17:04:33 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.07.15 17:03:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.07.15 17:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.07.13 07:02:53 | 000,130,088 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProt.sys
[2012.07.13 07:02:10 | 000,205,352 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINKNC.sys
[2012.07.13 07:02:10 | 000,123,944 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProc.sys
[2012.07.13 07:02:09 | 000,167,464 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINAflt.sys
[2012.07.13 07:02:09 | 000,119,336 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINFile.sys
[2012.07.12 15:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AoS
[2012.07.12 15:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace of Spades
[2012.07.12 11:18:56 | 000,219,688 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NNSStrm.sys
[2012.07.11 23:44:34 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\imgeditor
[2012.07.05 20:30:26 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\KVIrc4
[2012.07.05 20:29:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KVIrc
[2012.07.05 20:29:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KVIrc
[2012.07.05 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\Documents\N-Client
[2012.07.05 13:17:53 | 000,000,000 | ---D | C] -- C:\Users\FallenHero\AppData\Roaming\GetRightToGo
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.02 14:40:24 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\FallenHero\Desktop\OTL.exe
[2012.08.02 14:35:16 | 000,000,000 | ---- | M] () -- C:\Users\FallenHero\defogger_reenable
[2012.08.02 14:34:49 | 000,050,477 | ---- | M] () -- C:\Users\FallenHero\Desktop\Defogger.exe
[2012.08.02 14:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.02 12:16:25 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 12:16:25 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 12:14:26 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.02 12:14:26 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.02 12:14:26 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.02 12:14:26 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.02 12:14:26 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.02 12:08:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.02 12:08:06 | 3207,159,808 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.31 12:41:59 | 000,000,219 | ---- | M] () -- C:\Users\FallenHero\Desktop\Portal 2.url
[2012.07.31 02:39:14 | 000,000,000 | ---- | M] () -- C:\ProgramData\0x0304A000.sfl
[2012.07.30 17:30:08 | 000,317,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.29 14:38:08 | 448,372,061 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.26 17:47:08 | 000,000,219 | ---- | M] () -- C:\Users\FallenHero\Desktop\Counter-Strike Source.url
[2012.07.26 17:12:29 | 000,001,288 | ---- | M] () -- C:\Users\FallenHero\Desktop\Steam.lnk
[2012.07.25 21:14:41 | 000,001,626 | ---- | M] () -- C:\Users\FallenHero\Desktop\DayZ.lnk
[2012.07.23 00:10:39 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012.07.22 16:31:00 | 000,001,601 | ---- | M] () -- C:\Users\FallenHero\Desktop\Vindictus.lnk
[2012.07.20 19:24:39 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2012.07.20 19:24:39 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat
[2012.07.17 16:21:27 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.07.16 18:41:55 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Titan Quest - Immortal Throne.lnk
[2012.07.16 18:37:35 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Titan Quest.lnk
[2012.07.16 11:12:12 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.15 17:04:33 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.07.15 17:02:07 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012.07.15 12:05:30 | 000,000,042 | ---- | M] () -- C:\Users\FallenHero\Documents\Left 4 Dead 2.bat
[2012.07.15 11:58:47 | 000,000,219 | ---- | M] () -- C:\Users\FallenHero\Documents\Left4Dead2.url
[2012.07.13 12:50:53 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012.07.13 07:02:53 | 000,130,088 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProt.sys
[2012.07.13 07:02:10 | 000,205,352 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINKNC.sys
[2012.07.13 07:02:10 | 000,123,944 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProc.sys
[2012.07.13 07:02:09 | 000,167,464 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINAflt.sys
[2012.07.13 07:02:09 | 000,119,336 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINFile.sys
[2012.07.12 15:34:09 | 000,000,138 | ---- | M] () -- C:\Users\Public\Desktop\Play Ace of Spades.url
[2012.07.12 11:18:56 | 000,219,688 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NNSStrm.sys
[2012.07.05 20:30:26 | 000,000,120 | ---- | M] () -- C:\Users\FallenHero\kvirc4.ini
[2012.07.05 20:29:50 | 000,001,879 | ---- | M] () -- C:\Users\Public\Desktop\KVIrc.lnk
[2012.07.05 18:21:51 | 000,003,418 | ---- | M] () -- C:\Users\FallenHero\Desktop\N-Client.lnk
 
========== Files Created - No Company Name ==========
 
[2012.08.02 14:35:16 | 000,000,000 | ---- | C] () -- C:\Users\FallenHero\defogger_reenable
[2012.08.02 14:34:48 | 000,050,477 | ---- | C] () -- C:\Users\FallenHero\Desktop\Defogger.exe
[2012.07.31 12:41:59 | 000,000,219 | ---- | C] () -- C:\Users\FallenHero\Desktop\Portal 2.url
[2012.07.31 02:39:14 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2012.07.29 14:43:52 | 000,024,576 | ---- | C] () -- C:\Users\FallenHero\Desktop\memtest.exe
[2012.07.26 17:15:04 | 000,000,219 | ---- | C] () -- C:\Users\FallenHero\Desktop\Counter-Strike Source.url
[2012.07.26 17:12:29 | 000,001,288 | ---- | C] () -- C:\Users\FallenHero\Desktop\Steam.lnk
[2012.07.25 21:14:41 | 000,001,626 | ---- | C] () -- C:\Users\FallenHero\Desktop\DayZ.lnk
[2012.07.25 17:46:50 | 448,372,061 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.23 00:10:39 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.07.23 00:10:39 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012.07.22 16:31:00 | 000,001,601 | ---- | C] () -- C:\Users\FallenHero\Desktop\Vindictus.lnk
[2012.07.19 20:11:38 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat
[2012.07.17 16:21:27 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.07.16 18:41:55 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Titan Quest - Immortal Throne.lnk
[2012.07.16 18:37:35 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Titan Quest.lnk
[2012.07.16 18:36:25 | 000,040,960 | R--- | C] () -- C:\Windows\SysWow64\psfind.dll
[2012.07.15 17:13:46 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012.07.15 17:02:07 | 000,002,196 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012.07.15 12:05:30 | 000,000,042 | ---- | C] () -- C:\Users\FallenHero\Documents\Left 4 Dead 2.bat
[2012.07.15 12:03:52 | 000,594,843 | ---- | C] () -- C:\Users\FallenHero\Documents\left4uncut.exe
[2012.07.15 12:03:52 | 000,000,025 | ---- | C] () -- C:\Users\FallenHero\Documents\options.ini
[2012.07.15 11:58:47 | 000,000,219 | ---- | C] () -- C:\Users\FallenHero\Documents\Left4Dead2.url
[2012.07.13 12:50:53 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012.07.12 15:34:09 | 000,000,138 | ---- | C] () -- C:\Users\Public\Desktop\Play Ace of Spades.url
[2012.07.05 20:30:26 | 000,000,120 | ---- | C] () -- C:\Users\FallenHero\kvirc4.ini
[2012.07.05 20:29:50 | 000,001,879 | ---- | C] () -- C:\Users\Public\Desktop\KVIrc.lnk
[2012.07.05 18:21:51 | 000,003,418 | ---- | C] () -- C:\Users\FallenHero\Desktop\N-Client.lnk
[2012.07.01 14:15:03 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.01 14:15:03 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.01 12:58:18 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.07.01 12:58:18 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.07.01 12:58:15 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.07.01 12:58:15 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.07.01 12:54:50 | 000,039,719 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012.07.01 12:54:07 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.07.01 12:54:03 | 000,031,754 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
========== LOP Check ==========
 
[2012.08.01 22:21:39 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\.minecraft
[2012.07.18 12:30:45 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\.Nitrous
[2012.07.29 14:42:36 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\DeviceVm
[2012.08.01 22:04:08 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\FileZilla
[2012.07.05 13:19:11 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\GetRightToGo
[2012.07.02 22:55:34 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\KlLauncherST
[2012.07.20 18:42:45 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\KVIrc4
[2012.07.24 22:36:52 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\Leadertech
[2012.07.23 00:10:41 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\Opera
[2012.07.30 12:06:14 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\Panda Security
[2012.07.01 14:15:01 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\PunkBuster
[2012.07.25 19:00:22 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\RenPy
[2012.07.18 14:55:41 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\six-updater
[2012.07.18 12:59:09 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\six-zsync
[2012.07.05 18:43:11 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\Teeworlds
[2012.07.01 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\Thunderbird
[2012.07.18 01:34:04 | 000,000,000 | ---D | M] -- C:\Users\FallenHero\AppData\Roaming\TS3Client
[2009.07.14 07:08:49 | 000,016,758 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 02.08.2012 14:42:51 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\FallenHero\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 71,04% Memory free
7,96 Gb Paging File | 6,55 Gb Available in Paging File | 82,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 99,29 Gb Free Space | 42,65% Space Free | Partition Type: NTFS
 
Computer Name: FALLENHERO-PC | User Name: FallenHero | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C6763B5-F932-4DD7-AE31-E775AEA2489B}" = lport=59129 | protocol=6 | dir=in | name=pando media booster | 
"{62A93D23-1C8C-4E03-ADBA-61438851F79D}" = lport=59129 | protocol=6 | dir=in | name=pando media booster | 
"{A4686D41-B18F-45E9-BF09-C75B4892BA23}" = lport=59129 | protocol=17 | dir=in | name=pando media booster | 
"{A7C8EBB4-1FA1-4022-A235-8CF3B1E7B46C}" = lport=59129 | protocol=17 | dir=in | name=pando media booster | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F354F9-43B4-4010-93EF-A940EF8485E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe | 
"{0A7037ED-1F5D-4AB9-97E7-364A9CB66F0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | 
"{0E250231-25C4-46FB-A7CD-2E5D5C037A5F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | 
"{0EDC91E5-E8A7-4D98-BB50-746C6649229D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{10001AEC-C6C2-4691-8642-8D8AD67B8783}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{2246C4BC-B4BC-414F-B87E-A7A2D6051183}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\foreign legion (buckets of blood)\foreign legion.exe | 
"{24788AE6-52DC-46AB-9452-8EDB50103F16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe | 
"{25373A54-1DE8-4EE3-9BA6-01F0B4323167}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{28BA8114-F4C5-4103-ADB9-2DBD7247594F}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{2ABCE07A-CCEE-447C-A85A-2D70D6E83037}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe | 
"{2E5ED426-8E02-41FF-89B1-C149986CE140}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2F7BC4C4-A872-4EBE-A0CA-567583786A2B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe | 
"{39FC5F79-EBBF-43FA-93C2-BFE7D8853E5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\chaosboylu\counter-strike source\hl2.exe | 
"{3AFFC6F1-1F45-49DC-93A8-702FA60CC09C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{3C88CE8E-3BAF-4887-9DAA-794B796ACF12}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{3EE0117E-7B43-49C8-96F6-373866BBD13B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe | 
"{3F7B290F-BB74-4298-A0D1-565004740345}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{4284BBA7-E92A-4307-9656-1E7B73E67165}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{49BA7AF3-D2B9-45B8-A0E8-2F2E4D80E4AF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{4FBAF9F8-2F76-4728-8C38-EB2122D3FE1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | 
"{5227E4A1-07DC-4E2F-B376-35F5157A4840}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{5247A4E8-FDA7-4161-AB4B-E0AC7B7483BC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{546645AE-8811-47DD-8E71-B92D8F941762}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{57C60BD6-152E-427D-B5F9-3D5E3417B2F9}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{5AE0D171-CAC6-495D-B9BC-5DF4B3C95A06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{65946DE2-EDDA-49CD-8A1A-C9FFD1570B3F}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{72135142-0477-4CE5-B3AA-8D71F6F84864}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\foreign legion (buckets of blood)\foreign legion.exe | 
"{7410CF38-B6BF-423A-B631-6C14A7F86F40}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{74EDEA3B-D8BB-456E-8B83-AE68D525753D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe | 
"{75D6F55F-6FB2-4F4A-B251-7FE6945715E4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{79FF801A-9A6F-4F9B-AABE-CF6DEB52B9AB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{7AF2557A-3C50-494D-AB34-102F11315D17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{7EC3978D-EBAA-4C27-A2EA-342A4229107A}" = protocol=6 | dir=in | app=c:\program files (x86)\stonline\_launcher.exe | 
"{82BABD59-227D-437D-9CF4-E04C2EFFDAE4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe | 
"{8456F312-E8D6-4077-A8F2-BE067E0A3D5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe | 
"{897C6CCB-2A92-46A8-916A-4E43ED98E53D}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{8AE8979F-97D6-432C-A17B-5A22356741F0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{8FE68069-F76D-460D-83F9-DD5C56D22CB0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{99F33317-5E9F-4773-97AA-1A3F79495D43}" = protocol=6 | dir=in | app=c:\program files (x86)\vindictus eu\en-eu\nmservice.exe | 
"{9C0EA710-2D6A-4539-818D-09A1518315C6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{9C437C33-4207-4C69-B2F7-12574CCC2432}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{A4BB274D-901F-442A-95B6-D88AE97E7E9F}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{A72A3889-20DB-419D-BAF8-45D56E32D1D0}" = protocol=17 | dir=in | app=c:\program files (x86)\stonline\_launcher.exe | 
"{A7A614AB-9F30-457A-AA0D-35984B5FF4EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{AB767BA1-F04D-4D37-94A8-DAF830D54CB6}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{AFB3D9FE-D364-4F43-A342-B78115798B84}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{AFC784A1-3802-4E21-96E7-3F16AEB8D866}" = protocol=17 | dir=in | app=c:\program files (x86)\vindictus eu\en-eu\nmservice.exe | 
"{B8654023-A368-461C-A72A-332B43FA3504}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{B930FC25-F385-49C6-A7B2-1D89F18FF0E2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | 
"{B9A174A8-95CD-4F5D-AA4A-9CCB446454EF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{BD60C969-66AE-4AB8-B8F4-487316D83B38}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{C0BDB783-BE1E-499D-9FD0-0C048EC48C74}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{CC82434D-B32E-456C-B57D-86D2EB0C552F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D0118129-514B-4F25-8A1B-D2CCADA9F680}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{DE729EF0-79B6-494B-A48D-3D24DBB78ACB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{E2BAFE2D-50CA-4BC5-9299-B06C6F34CC9E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{E3275CCC-96C3-454E-AFD7-05240D468A21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\chaosboylu\counter-strike source\hl2.exe | 
"{E659913F-C0E9-4E4F-8BCC-3C8D4D921383}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{EFA9A252-699E-445F-B2A6-866184493CD3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{F2032317-AFA3-4D16-B04C-79282BC55BF2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{F3956E3E-AF37-4921-A522-D498866AB937}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{F4584134-5F18-4C6E-85B7-08708D8287A6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"TCP Query User{192DED1B-0257-46BB-BF5A-CEF245941A0C}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | 
"TCP Query User{292617FA-9D16-4C14-903C-3DF4C16C0B81}C:\program files (x86)\aos\server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aos\server.exe | 
"TCP Query User{2A433288-FC14-4220-B816-EA6342C97E61}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe | 
"TCP Query User{5A0A7DB0-BF39-41C6-A1AD-C994BDEA7C3B}C:\program files (x86)\kvirc\kvirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kvirc\kvirc.exe | 
"TCP Query User{7BB66624-BE09-427A-874B-208AACF47CD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{A478C3A0-AA3D-43B8-9130-1E57627CF54B}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"TCP Query User{B388219E-921F-4213-8165-B6404063FDA2}C:\program files (x86)\steam\steamapps\chaosboylu\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\chaosboylu\team fortress 2\hl2.exe | 
"TCP Query User{C665FD4F-BA6D-4806-9D1A-E897F2E3948F}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{D291EC04-A783-4867-B636-63DBAE3AA87C}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"TCP Query User{DA895570-DE14-4462-A278-9F49D7B46651}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{DF4A84A1-D669-42CA-9B86-AFD80CE0C089}C:\users\fallenhero\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\fallenhero\appdata\local\temp\gw2.exe | 
"TCP Query User{FD1DC9A3-D164-4B91-AE80-5715200DE568}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe | 
"UDP Query User{0091ECA3-67D6-4B6F-8D6A-8268BAF9E6F9}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{1AB3F5EA-3C92-48A9-8673-8700D6F0EE57}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"UDP Query User{20316C6F-1759-4264-863D-F1B64E66E8A1}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe | 
"UDP Query User{60EC22A1-035D-47B4-9344-02C8BF75671C}C:\program files (x86)\aos\server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aos\server.exe | 
"UDP Query User{6E5CE682-BCD8-4B4F-B1C1-8CBF6830CE85}C:\program files (x86)\kvirc\kvirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kvirc\kvirc.exe | 
"UDP Query User{759E17E3-E80C-49BC-A210-7189BF2F0BC2}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe | 
"UDP Query User{82A4D25A-7921-4153-BB4E-5474686E2206}C:\users\fallenhero\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\fallenhero\appdata\local\temp\gw2.exe | 
"UDP Query User{B8C5A9ED-64F0-43FD-A986-485CB0ED4F70}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"UDP Query User{D82504D2-8B74-4C0F-AE67-89B491ACF604}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{D8B3BE79-2B55-46E6-9766-9723B57EED90}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | 
"UDP Query User{E382EE6A-ACC9-45F7-BE17-8A6619172959}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{E5191952-F191-4F67-B753-DF06A4FD31B3}C:\program files (x86)\steam\steamapps\chaosboylu\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\chaosboylu\team fortress 2\hl2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62140B07-129A-2BD0-81D2-2A1A7408ADC8}" = ATI Catalyst Install Manager
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8BA78FA6-E817-454C-9D32-8DE04404119E}" = Panda Cloud Antivirus
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Logitech Gaming Software" = Logitech Gaming Software 8.30
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{14FE48DA-E172-4CC5-B397-92ECA4B0E088}" = STOnline
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"FileZilla Client" = FileZilla Client 3.5.3
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"Katawa Shoujo" = Katawa Shoujo
"KVIrc" = KVIrc
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.00.1467" = Opera 12.00
"Panda Universal Agent Endpoint" = Panda Cloud Antivirus
"PunkBusterSvc" = PunkBuster Services
"Steam App 240" = Counter-Strike: Source
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 620" = Portal 2
"Vindictus EU" = Vindictus EU
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.07.2012 06:05:59 | Computer Name = FallenHero-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: StubInstaller.exe, Version: 2.0.10.0,
 Zeitstempel: 0x4fd0c43b  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
 Zeitstempel: 0x4ec49d10  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002e3c6  ID des fehlerhaften
 Prozesses: 0x988  Startzeit der fehlerhaften Anwendung: 0x01cd6e3a985605b2  Pfad der
 fehlerhaften Anwendung: C:\Users\FALLEN~1\AppData\Local\Temp\RarSFX0\StubInstaller.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 28e9273a-da2e-11e1-a31f-14dae93d62f3
 
Error - 30.07.2012 06:06:08 | Computer Name = FallenHero-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: StubInstaller.exe, Version: 2.0.10.0,
 Zeitstempel: 0x4fd0c43b  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
 Zeitstempel: 0x4ec49d10  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002e3c6  ID des fehlerhaften
 Prozesses: 0x988  Startzeit der fehlerhaften Anwendung: 0x01cd6e3a985605b2  Pfad der
 fehlerhaften Anwendung: C:\Users\FALLEN~1\AppData\Local\Temp\RarSFX0\StubInstaller.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 2dd96a8d-da2e-11e1-a31f-14dae93d62f3
 
Error - 30.07.2012 12:16:07 | Computer Name = FallenHero-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4febb13c  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ff1ec29  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6890e279
ID
 des fehlerhaften Prozesses: 0xa00  Startzeit der fehlerhaften Anwendung: 0x01cd6e695b9deeef
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\chaosboylu\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 ddcc3056-da61-11e1-8f5a-14dae93d62f3
 
Error - 01.08.2012 07:23:57 | Computer Name = FallenHero-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1f5c    Startzeit:
 01cd6fd3e3f2fa1c    Endzeit: 43    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 5d179d9e-dbcb-11e1-b853-14dae93d62f3  
 
Error - 01.08.2012 19:10:07 | Computer Name = FallenHero-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PSANHost.exe, Version: 4.0.0.726,
 Zeitstempel: 0x4fff1688  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
 Zeitstempel: 0x4ec49d10  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce903  ID des fehlerhaften
 Prozesses: 0x6bc  Startzeit der fehlerhaften Anwendung: 0x01cd70105202f08e  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 083d099a-dc2e-11e1-9a44-14dae93d62f3
 
Error - 02.08.2012 08:07:47 | Computer Name = FallenHero-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: e5c    Startzeit: 
01cd70a2749fcebd    Endzeit: 40    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 aa1903bc-dc9a-11e1-9eaf-14dae93d62f3  
 
Error - 02.08.2012 08:21:09 | Computer Name = FallenHero-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b6c    Startzeit: 
01cd70a76ee9f5a8    Endzeit: 47    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 88b6072b-dc9c-11e1-9eaf-14dae93d62f3  
 
Error - 02.08.2012 08:41:49 | Computer Name = FallenHero-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PSANHost.exe, Version: 4.0.0.726,
 Zeitstempel: 0x4fff1688  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
 Zeitstempel: 0x4ec49d10  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce903  ID des fehlerhaften
 Prozesses: 0x77c  Startzeit der fehlerhaften Anwendung: 0x01cd7096bed6b74d  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 6d000a98-dc9f-11e1-9eaf-14dae93d62f3
 
[ System Events ]
Error - 29.07.2012 19:24:37 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 29.07.2012 19:25:45 | Computer Name = FallenHero-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?07.?2012 um 01:24:54 unerwartet heruntergefahren.
 
Error - 30.07.2012 06:05:27 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Panda Cloud Antivirus Service" ist als interaktiver Dienst
 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 01.08.2012 14:07:25 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 01.08.2012 14:07:25 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 01.08.2012 19:11:46 | Computer Name = FallenHero-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?08.?2012 um 01:10:48 unerwartet heruntergefahren.
 
Error - 01.08.2012 19:20:47 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows-Fehlerberichterstattungsdienst erreicht.
 
Error - 01.08.2012 19:21:17 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows-Fehlerberichterstattungsdienst erreicht.
 
Error - 01.08.2012 19:21:24 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 02.08.2012 08:42:43 | Computer Name = FallenHero-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
 
< End of report >
Geändert von FallenHero (02.08.2012 um 13:57 Uhr)

Alt 05.08.2012, 12:12   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Programme frieren oft ein / geben keine Rückmeldung! Virus? - Standard

Programme frieren oft ein / geben keine Rückmeldung! Virus?


Wenn du schon öfter und auch vernünftig neu aufegsetzt hast, köntte hier ein Hardwareproblem wahrscheinlicher sein als ein Virenbefall.

Schonmal den Speicher mit Memtest86 geprüft?
Was sagen die Temperaturen?
__________________

__________________
Alt 05.08.2012, 14:21   #3
FallenHero
 
Programme frieren oft ein / geben keine Rückmeldung! Virus? - Standard

Programme frieren oft ein / geben keine Rückmeldung! Virus?


Die Temperaturen sind alle in Ordnung (bei großer Auslastung max. 60°C)
Mit dem Memtest64 muss ich warten bis ich mein Motherboard repariert bekommen habe, das schick ich demnächst zurück (der RAM-Steckplatz in Richtung Prozessor ist im Eimer)

An ein Hardwareproblem habe ich auch schon gedacht, aber ich wollte sicher gehen, dass man einen Virus 100%ig ausschließen kann...

Danke für die Hilfe, ich melde mich wieder, wenn das Motherboard repariert wurde und ich den Memtest machen konnte!

Edit: Der RAM-Riegel der imo drauf ist ist ganz neu, hatte nämlich zuerst gedacht, der RAM-Riegel wäre das Problem, nicht der Steckplatz.
Immerhin kommen jetzt nicht schon beim Starten von Memtest64 Fehlermeldungen.. Mal abwarten bis das MB repariert ist.
__________________
Antwort

Themen zu Programme frieren oft ein / geben keine Rückmeldung! Virus?
autorun, bho, cloud, computer, down, downloader, error, firefox, flash player, format, grand theft auto, helper, install.exe, keine rückmeldung, keine viren, langs, logfile, mozilla, nicht möglich, ntdll.dll, nvidia update, object, pando media booster, plug-in, problem, rarsfx0, realtek, registry, rundll, scan, security, software, teamspeak, trojaner-board, viren, virus, windows, wrapper


« computerkriminalität des criminal intelligence service einheit 5.2 Österreich - Bundespolizei | Virus, Service.exe, Angriffe auf meinen PC »


Ähnliche Themen: Programme frieren oft ein / geben keine Rückmeldung! Virus?


  1. "Keine Rückmeldung": Programme starten langsam und bleiben oft hängen
    Log-Analyse und Auswertung - 13.06.2015 (10)
  2. Laptop läd Programme sehr langsam, Programme-Fehlermeldung (keine Rückmeldung) & im Chrome Seiten laden nicht
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (5)
  3. Pc wird immer langsamer, Programme zeigen "keine Rückmeldung"
    Log-Analyse und Auswertung - 13.06.2014 (9)
  4. Teamspeak und andere Prozesse geben aufeinmal keine Rückmeldung
    Plagegeister aller Art und deren Bekämpfung - 16.02.2014 (13)
  5. Windows Vista: PC immer langsamer & Programme melden gehäuft "keine Rückmeldung"
    Log-Analyse und Auswertung - 09.09.2013 (15)
  6. Keine Rückmeldung bei Mozilla u. bei Virenscann stürzt Laptop ab. Virus?
    Plagegeister aller Art und deren Bekämpfung - 29.04.2013 (6)
  7. Programme geben oft "Keine Rückmeldung"
    Antiviren-, Firewall- und andere Schutzprogramme - 29.03.2013 (8)
  8. Ständig (Keine Rückmeldung), Programme öffnen sich nicht, ebenso Taskmanager
    Log-Analyse und Auswertung - 31.01.2013 (1)
  9. programme frieren ein !
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (3)
  10. 50€ Virus scheinbar beseitigt, Malwarebytes Anti Malware (Keine Rückmeldung)
    Log-Analyse und Auswertung - 07.03.2012 (5)
  11. PC wird langsamer, Programme hängen sich öfters auf (=keine Rückmeldung)etc.
    Log-Analyse und Auswertung - 05.10.2011 (7)
  12. Programme geben OFT keine Rückmeldung, System verseucht?
    Log-Analyse und Auswertung - 29.09.2010 (20)
  13. XP reagiert langsam, findet instalierte Programme nicht mehr und gibt häufig keine Rückmeldung
    Log-Analyse und Auswertung - 26.09.2010 (1)
  14. XP reagiert langsam, findet instalierte Programme nicht mehr und gibt häufig keine Rückmeldung
    Mülltonne - 25.09.2010 (1)
  15. Alle 10 Minuten "Keine Rückmeldung", im Browser/Desktop, Programme...
    Log-Analyse und Auswertung - 29.08.2010 (1)
  16. LOG bitte prüfen! Programme frieren ein!
    Log-Analyse und Auswertung - 20.09.2009 (12)
  17. 80% meiner programme keine rückmeldung
    Log-Analyse und Auswertung - 13.10.2007 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Programme frieren oft ein / geben keine Rückmeldung! Virus? - Hallo, liebes Trojaner-Board Team! Seit ein paar Wochen habe ich ein Problem, das scheinbar in ähnlicher Weise schoneinmal in diesem Forum gepostet wurde. Dazu sage ich schonmal im Vorraus: Einer - Programme frieren oft ein / geben keine Rückmeldung! Virus?...
Archiv
Du betrachtest: Programme frieren oft ein / geben keine Rückmeldung! Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54