| smileykiller | 22.09.2012 17:18 |
Danke für die schnelle Antwort!
Extras.txt:OTL Logfile: Code:
OTL Extras logfile created on: 22.09.2012 17:59:04 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 4,92 Gb Available Physical Memory | 61,82% Memory free
15,92 Gb Paging File | 12,48 Gb Available in Paging File | 78,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 74,14 Gb Free Space | 62,23% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 704,19 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{129F790C-7C10-4EB8-96C6-1667C5E73B4F}" = lport=57734 | protocol=17 | dir=in | name=pando media booster |
"{1452EE8B-E828-46CF-AEBF-DDFD86951FCF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30C12724-B247-4886-93B5-C9AADA3E1D57}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{343BD577-E630-42A3-BA65-64871FC418B5}" = lport=138 | protocol=17 | dir=in | app=system |
"{406457F8-0268-44A3-9E2A-FB66E527DEFA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{52E7BE09-C724-4BF9-BC04-3CE60275D9F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{62EFB66C-3F81-4A7B-B90A-FE92A6750A27}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67F2C1C2-E7F5-4CAA-997F-1F4B9F69CA15}" = lport=139 | protocol=6 | dir=in | app=system |
"{6947E4E2-68EF-4715-85B8-7E6C8E1F9011}" = lport=57734 | protocol=6 | dir=in | name=pando media booster |
"{6AA26399-8506-4B44-8EB7-72092C29E1C9}" = lport=57734 | protocol=17 | dir=in | name=pando media booster |
"{6D5BDEAF-CC49-4590-BE2D-9DD4572D1C64}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{799836FE-9EE9-4E1F-9555-AD0A040B0D32}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A6C23CC-9B36-4B2E-A22B-B9AA607F0FEC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7C8B5810-4D7C-4FA9-B13A-9D365D32FA9B}" = rport=137 | protocol=17 | dir=out | app=system |
"{81D4471B-BE17-459C-8351-68A80E876555}" = lport=57734 | protocol=6 | dir=in | name=pando media booster |
"{9996415F-6615-42FC-A328-AB458DBA5511}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B929B73A-0923-48D8-936B-C72B68C7B383}" = rport=445 | protocol=6 | dir=out | app=system |
"{BFD109BD-9078-444D-A611-E5B2E87CCFFD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CB3FBEF8-D020-4520-99FA-552F412A089C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D008F5F2-EC9E-42AA-974C-C68610F3F531}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2CEBEF1-8336-4397-8152-FA2762C2802E}" = rport=139 | protocol=6 | dir=out | app=system |
"{E6FF7B49-B80A-46F1-A669-980CA3ABE999}" = lport=445 | protocol=6 | dir=in | app=system |
"{ECD77091-B585-401E-8DDC-AB4126B91345}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EECE6DFA-F041-4E5F-98A3-A671AA843F99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0664A54-8AE4-45E5-A2C8-E6332F9C25D1}" = lport=137 | protocol=17 | dir=in | app=system |
"{F2DC3ABF-3DC1-43CE-B438-BC4EDAE4C1AD}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDD905EF-1D5B-4568-899E-B8117FF2C15C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FEE34E98-DD78-4354-BD55-792D407FA2B6}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02432A4D-50B7-4777-BC6E-BAB387E48891}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{02C3A722-FF30-44D4-AEEB-C59871D7BC07}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{062790DF-70D3-445E-BB90-CAB0DA531DF4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{07CBA544-3BA0-4F7A-8E37-8908E915C53B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{0D2CF638-09CB-4F82-8289-CDF5C1886512}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{118FB6FC-45FC-40E1-934C-EEA93A995090}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{18F779D2-9D19-4811-860C-6011870BEEB7}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{1F770692-C887-4792-8B0D-BBC4ED322AE7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1FEDB7C5-4585-41D7-87BC-A971A76D5234}" = protocol=6 | dir=in | app=c:\users\lars\appdata\roaming\spotify\spotify.exe |
"{28F6FB96-DD21-43D0-9F0D-0135408614A3}" = protocol=17 | dir=in | app=d:\downloads\null\pando networks\media booster\pmb.exe |
"{2AA9023A-C8DF-40AA-8555-4341AA82F3A3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2AFFD120-9DBC-47BA-A464-8E3195436FF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2FF84B91-1160-4B69-BB70-4FF1023A551D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{328EDAE9-4AB1-454E-90C9-9D5019F7509E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{371AFBB9-0904-4E90-ADC7-9F63B7E7DB01}" = protocol=58 | dir=in | app=system |
"{377E6FD7-DB1A-463F-9B3C-270030889D72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3A2B6928-1677-40B3-B04E-65750488283D}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{3BF85AF0-42B2-4354-9E78-94D62C982CA8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{415B6291-DF13-4148-98BA-325D4702FDCF}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{432C9CBC-74EE-4F87-8D5E-0014D1331022}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{4550A729-DD98-418C-B830-0DC834CB9BCA}" = protocol=6 | dir=in | app=d:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe |
"{45BC6CE0-F6AA-4C2A-8C0F-581CBF017218}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{4D01AA97-9A8F-4D1A-AAF2-EEBB213E711D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{4EE0F51C-CD2E-43C4-9746-0E004B2AA98B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{578C591D-564B-4B68-A28B-9819FAB46503}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{59692E95-963A-46B1-A6B7-4C346F2EAB56}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\fifa 13 demo\game\fifa13_demo.exe |
"{606956B3-2622-4C57-9477-8B337058D8D8}" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{61226DA1-43AD-4DEF-8E18-FBDED8C6A5A7}" = protocol=17 | dir=in | app=c:\users\lars\appdata\roaming\spotify\spotify.exe |
"{62D85AF4-38D0-48A7-AC6B-94D10D7645E0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{63976558-6EE5-4848-A4B7-9728F1B238D8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{65CB09DC-5E14-492D-8D69-F2FA61352326}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{693C1CF1-8ABD-4739-BB1C-F56EF9764C48}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{6DAAC1A6-B6FB-44E8-B19F-D8A51445A544}" = protocol=17 | dir=in | app=c:\users\lars\appdata\roaming\spotify\spotify.exe |
"{71C3DF2E-3A07-4C40-BEC1-8C35EDAD5752}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{775BE289-B37D-4A6C-96DF-42E4808C32D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7AAA134A-0281-4ED3-BEA3-60805EBDE40B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D7C3797-7CBD-4164-BDF4-E2B535B0AA1F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{80979667-46DC-4F37-AEFB-60CD4A2D3C23}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81429347-D58D-4DBA-9AF3-3598A2BF8D99}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{81FCDC2E-63E1-43A6-9EED-1DC33319FFCD}" = protocol=6 | dir=in | app=d:\downloads\null\pando networks\media booster\pmb.exe |
"{83D4DDC0-C9D6-462F-8E03-CCBE246361D3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{89E59B81-6CC4-4303-B242-AF1EBE151AD4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{8CD05519-357E-44F8-8E5D-82357E9EF748}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{8EA40EA3-EB5F-4C70-939C-433521AC786C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97EADECC-B2F4-490E-9A11-B1F8C7E39690}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\fifa 13 demo\game\fifa13_demo.exe |
"{99BD53C7-96DF-4E10-ACB1-E595467748B7}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{9A8B2934-7645-4200-8654-7D8CCFE45A1C}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{9A8CD802-B6B0-4575-A73F-49FAED069BF7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B0C5911-6037-4AFE-99E7-88446394396D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{9EC667CB-1BDB-4376-BD84-C5286865A57A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A08499EA-5869-40DD-A5D3-A2BB94E0CAC9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AB29342F-BEC1-4D2A-BA88-31E791C8189E}" = protocol=6 | dir=in | app=d:\program files (x86)\mirc\mirc.exe |
"{AF0487CE-5C6A-41FC-BE01-23841E0B5785}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B1858C76-B06A-43F9-A4B9-7CA4AAA8FDDE}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{B20795FF-E0C9-4713-BE9B-F8A296D01250}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B27DBA2B-A5C4-4414-94DB-664C5332B22C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{B2A2133C-A99C-4C77-931A-7BCDE75CEECB}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B5A536C8-0D50-43C7-ADFB-168BC128C649}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B6EAE9CA-2780-4B1D-B014-1BE44ACB3F4D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{BC8EA271-F4E9-482C-B2E7-7AC57347B127}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{BD5FF6D0-7EF8-4FD6-83D2-61AC83A731B6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE9E38AE-6268-4DE2-903C-8C42BAACB171}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{BFAB1031-5FAD-4E10-9236-1EBEABEC25F4}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C1160B6E-8A72-4E81-9ADB-B39EBF9FE709}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{C215C11B-51D8-43D3-AC80-92A9D6D34E4D}" = protocol=17 | dir=in | app=d:\downloads\null\pando networks\media booster\pmb.exe |
"{C26D0922-AD88-4677-A602-841DA983F2C4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{C315C403-20C7-4D91-B7F3-A81AE7B0E5A7}" = protocol=17 | dir=in | app=d:\program files (x86)\mirc\mirc.exe |
"{C3DD3D3A-FF41-4B86-B46A-96E7D262C073}" = protocol=17 | dir=in | app=d:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe |
"{C5C0E0AA-EFC1-4B34-B409-638D509F2EDF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{C6B32807-8136-4A0A-8A83-A67CB1EB7482}" = dir=in | app=null\pando networks\media booster\pmb.exe |
"{CF5444C6-D48C-491E-A79E-EC7D11FF041E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{CFC872F3-D462-4B6D-A99C-F591696B02F8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D43A202A-CAE5-4713-A5E1-4F6485397502}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4F30E34-8731-41AF-90AA-C6846CA82F97}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D6571285-912D-4BB7-B23C-34D806BF4365}" = protocol=6 | dir=in | app=c:\users\lars\appdata\roaming\spotify\spotify.exe |
"{D8FCB6E9-3BD4-4EC6-A8A7-C4DE9C1D3500}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DBC20750-5B7A-40C9-8039-0E7FDFA3E2E7}" = protocol=6 | dir=in | app=d:\downloads\null\pando networks\media booster\pmb.exe |
"{E57AEAEA-8E47-416F-88F1-54EA8A914F1C}" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{F0BADD03-6E8D-463A-9A51-2C59128A727E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{F492CCC3-E8F1-499D-8170-7564318C53B3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F56CECA4-9F2C-47D1-940D-C172818266B3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{F76D365F-4C81-4E16-A1E4-D7DF253A19F0}" = protocol=6 | dir=out | app=system |
"{F80E251E-D183-4596-8367-6E1542D1A78A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FA2BFC05-E7CC-4EF8-99E3-B157B1B0EF95}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{FA591363-B9AA-4E7F-AA44-376B0EE40B64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FAECFBB9-2F6B-48C1-93DC-1D558FA4D436}" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{FB06DFF5-1AC3-4BDD-B310-56A07ECF54E0}" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{FD653D94-DD8E-4C85-97B2-EC888D5863FB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{FF03E5FF-C6EB-4BDF-B5B2-91CBB4DF3FC4}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"TCP Query User{5F512220-E4C6-40F7-AE98-06149BB5CC5C}D:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe" = protocol=6 | dir=in | app=d:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe |
"TCP Query User{A620881D-670C-403E-B789-BBFCE88E1AC8}D:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=d:\program files (x86)\mirc\mirc.exe |
"TCP Query User{F4690BBA-8048-4F3D-82BF-EBE45CC66A68}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{11BB74C6-28B8-4893-BB2D-C9E0AA46167D}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{4FCE29AF-652A-4A46-9CE9-2FC13B5D0893}D:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=d:\program files (x86)\mirc\mirc.exe |
"UDP Query User{D386F41E-ECA8-4466-B700-4094127D47E2}D:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe" = protocol=17 | dir=in | app=d:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1111706F-666A-4037-7777-211648764D10}" = JavaFX 2.1.1 (64-bit)
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{2222706F-666A-4037-7777-211648764D10}" = JavaFX 2.1.1 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{64A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Logitech Gaming Software" = Logitech Gaming Software 8.30
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{336DD6B4-B100-4048-B2B7-FBA7059FD959}" = Yu-Gi-Oh! Power of Chaos JOEY THE PASSION
"{3571656A-575D-4CED-809D-5547587121FF}" = Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}" = FIFA 13 Demo
"{485C9280-B899-4D46-86F3-B3E459636EE5}" = Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE
"{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU II
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU II
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"mIRC" = mIRC
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 113200" = The Binding of Isaac
"Steam App 12910" = Audiosurf Demo
"Steam App 201790" = Orcs Must Die! 2
"Steam App 240" = Counter-Strike: Source
"Steam App 40800" = Super Meat Boy
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 43110" = Metro 2033
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8980" = Borderlands
"TeamViewer 7" = TeamViewer 7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.08.2012 12:07:49 | Computer Name = Lars-PC | Source = Application Hang | ID = 1002
Description = Programm TESV.exe, Version 1.7.7.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1bb8 Startzeit:
01cd79682315be01 Endzeit: 0 Anwendungspfad: d:\program files (x86)\steam\steamapps\common\skyrim\TESV.exe
Berichts-ID:
Error - 13.08.2012 12:25:51 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 21.0.1180.75,
Zeitstempel: 0x5020a04e Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004166 ID des fehlerhaften
Prozesses: 0x1a58 Startzeit der fehlerhaften Anwendung: 0x01cd796ecd25db90 Pfad der
fehlerhaften Anwendung: C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
8bd0f47b-e563-11e1-b602-902b3418c924
Error - 13.08.2012 13:07:27 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 21.0.1180.75,
Zeitstempel: 0x5020a04e Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004166 ID des fehlerhaften
Prozesses: 0x970 Startzeit der fehlerhaften Anwendung: 0x01cd797206e41f51 Pfad der
fehlerhaften Anwendung: C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
5b8a9d83-e569-11e1-b602-902b3418c924
Error - 13.08.2012 13:43:21 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TeamViewer.exe, Version: 7.0.13989.0,
Zeitstempel: 0x500424ab Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005953 ID des fehlerhaften
Prozesses: 0x1e4c Startzeit der fehlerhaften Anwendung: 0x01cd797a710e4bb6 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
5f6d4485-e56e-11e1-b602-902b3418c924
Error - 13.08.2012 13:44:44 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 21.0.1180.75,
Zeitstempel: 0x5020a04e Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004166 ID des fehlerhaften
Prozesses: 0x1e68 Startzeit der fehlerhaften Anwendung: 0x01cd79761cbf2146 Pfad der
fehlerhaften Anwendung: C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
909f863e-e56e-11e1-b602-902b3418c924
Error - 13.08.2012 13:49:58 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TeamViewer.exe, Version: 7.0.13989.0,
Zeitstempel: 0x500424ab Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005953 ID des fehlerhaften
Prozesses: 0x19c0 Startzeit der fehlerhaften Anwendung: 0x01cd797bfd5b6509 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
4c10243a-e56f-11e1-b602-902b3418c924
Error - 13.08.2012 14:07:19 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TeamViewer.exe, Version: 7.0.13989.0,
Zeitstempel: 0x500424ab Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005953 ID des fehlerhaften
Prozesses: 0xb88 Startzeit der fehlerhaften Anwendung: 0x01cd797cb21d4048 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
b88cd426-e571-11e1-b602-902b3418c924
Error - 13.08.2012 14:14:45 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TeamViewer.exe, Version: 7.0.13989.0,
Zeitstempel: 0x500424ab Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005953 ID des fehlerhaften
Prozesses: 0x18ec Startzeit der fehlerhaften Anwendung: 0x01cd797e7cba7ecf Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
c261946a-e572-11e1-b602-902b3418c924
Error - 14.08.2012 06:05:35 | Computer Name = Lars-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 21.0.1180.77,
Zeitstempel: 0x5022b2b6 Name des fehlerhaften Moduls: GvOsd.dll, Version: 1.0.0.1,
Zeitstempel: 0x4facd85c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004166 ID des fehlerhaften
Prozesses: 0x1278 Startzeit der fehlerhaften Anwendung: 0x01cd7a0367f39739 Pfad der
fehlerhaften Anwendung: C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Berichtskennung:
96d9c022-e5f7-11e1-ae65-902b3418c924
Error - 14.09.2012 11:32:20 | Computer Name = Lars-PC | Source = Application Hang | ID = 1002
Description = Programm LolClient.exe, Version 2.0.2.12610 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1434 Startzeit: 01cd928a0e301892 Endzeit: 5 Anwendungspfad: D:\Program
Files (x86)\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.203\deploy\LolClient.exe
Berichts-ID:
5e5a19da-fe81-11e1-b86f-902b3418c924
[ System Events ]
Error - 25.08.2012 04:23:49 | Computer Name = Lars-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?08.?2012 um 10:23:05 unerwartet heruntergefahren.
Error - 30.08.2012 04:39:52 | Computer Name = Lars-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver
Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive
Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 30.08.2012 04:39:52 | Computer Name = Lars-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
LogMeIn Hamachi Tunneling Engine erreicht.
Error - 30.08.2012 04:39:52 | Computer Name = Lars-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 05.09.2012 13:54:13 | Computer Name = Lars-PC | Source = BROWSER | ID = 8032
Description =
Error - 07.09.2012 15:00:12 | Computer Name = Lars-PC | Source = BROWSER | ID = 8032
Description =
Error - 09.09.2012 10:23:02 | Computer Name = ****-PC | Source = BROWSER | ID = 8032
Description =
Error - 13.09.2012 07:56:15 | Computer Name = ****-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?09.?2012 um 13:55:46 unerwartet heruntergefahren.
Error - 22.09.2012 05:39:06 | Computer Name = ****-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.136 registriert werden. Der Computer mit IP-Adresse 192.168.2.107
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 22.09.2012 07:09:30 | Computer Name = ****-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 5.118.174.164 registriert werden. Der Computer mit IP-Adresse 5.186.100.188
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
< End of report >
--- --- ---
OTL.Txt:OTL Logfile: Code:
OTL logfile created on: 22.09.2012 17:59:04 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 4,92 Gb Available Physical Memory | 61,82% Memory free
15,92 Gb Paging File | 12,48 Gb Available in Paging File | 78,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 74,14 Gb Free Space | 62,23% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 704,19 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Users\Lars\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH)
PRC - C:\Windows\KMService.exe ()
PRC - C:\Windows\SysWOW64\srvany.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
MOD - C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
MOD - C:\Users\Lars\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3e69dbe6f9b555749bd3a85191510075\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\5ec07328aedf81cf5aad194ff474df73\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (LADF_RenderOnly) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys (Logitech)
DRV:64bit: - (LADF_CaptureOnly) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys (Logitech)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (GPCIDrv) -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 57 55 EA CE 82 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lars\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lars\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Downloads\null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lars\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Lars\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: avast! WebRep = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Google Mail-Checker = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.3.6_0\
CHR - Extension: Facebook Notifications = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Google Mail = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0463FB82-26CA-47D4-A8F4-D751AB22DB3C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.22 12:32:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.22 12:32:07 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.22 12:32:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.22 12:32:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.22 12:32:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.22 12:32:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.22 12:32:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.22 12:32:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.22 12:32:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.22 12:32:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.22 12:32:05 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.22 12:32:05 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.22 12:32:04 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.22 12:32:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.22 12:32:04 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.22 01:57:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012.09.22 01:56:46 | 000,000,000 | ---D | C] -- C:\Users\Lars\Documents\FIFA 13 Demo
[2012.09.22 01:56:08 | 000,000,000 | ---D | C] -- C:\Users\Lars\Documents\FIFA 13
[2012.09.22 01:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 13 Demo
[2012.09.21 21:27:15 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.09.16 15:01:02 | 000,000,000 | ---D | C] -- C:\Users\Lars\Desktop\Neuer Ordner (2)
[2012.09.16 15:00:15 | 000,000,000 | ---D | C] -- C:\Users\Lars\Desktop\Neuer Ordner
[2012.09.12 14:36:16 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.12 14:36:16 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.12 14:36:16 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.12 14:36:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.11 21:05:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2012.09.11 21:05:43 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\SysWow64\BRCrypt.dll
[2012.09.11 21:05:41 | 000,179,712 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrfxDA5b.dll
[2012.09.11 21:05:41 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\SysWow64\BrMfNt.dll
[2012.09.11 21:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2012.09.11 21:05:39 | 000,167,936 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2012.09.11 21:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012.09.05 17:25:08 | 000,000,000 | ---D | C] -- C:\Users\Lars\AppData\Local\ElevatedDiagnostics
[2012.08.30 10:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.08.30 10:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.08.25 18:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.08.24 15:57:46 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.24 15:57:45 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.24 15:57:45 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.24 15:57:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.24 15:57:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.24 15:57:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.24 15:57:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.24 15:57:44 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.22 17:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.22 17:50:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4083045089-1574488055-3593550146-1000UA.job
[2012.09.22 13:16:13 | 000,014,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 13:16:13 | 000,014,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 13:13:32 | 001,611,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.22 13:13:32 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.22 13:13:32 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.22 13:13:32 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.22 13:13:32 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.22 13:09:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.22 13:08:57 | 2117,562,367 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 01:55:48 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk
[2012.09.21 23:18:32 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.09.21 23:18:32 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.09.21 23:18:23 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.09.21 19:50:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4083045089-1574488055-3593550146-1000Core.job
[2012.09.20 19:58:41 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.09.20 19:58:41 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.09.11 21:05:46 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bd7820n.dat
[2012.09.04 14:45:51 | 000,002,410 | ---- | M] () -- C:\Users\Lars\Desktop\Google Chrome.lnk
[2012.08.30 10:39:50 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.08.28 10:42:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.08.25 10:23:50 | 000,414,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.24 12:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.24 12:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.24 08:51:02 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.24 08:47:26 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.22 01:55:48 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk
[2012.09.11 21:05:46 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bd7820n.dat
[2012.09.11 21:05:41 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012.08.12 23:25:50 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.08.12 23:20:17 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.08.12 17:23:16 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2012.08.12 17:23:16 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012.08.12 15:42:37 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.12 15:42:37 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.08.12 14:34:08 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2012.08.12 14:34:07 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2012.08.12 14:34:06 | 001,179,595 | ---- | C] () -- C:\Windows\unins001.exe
[2012.08.12 14:34:06 | 000,010,818 | ---- | C] () -- C:\Windows\unins001.dat
[2012.08.12 14:32:54 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2012.08.12 14:32:54 | 000,004,259 | ---- | C] () -- C:\Windows\unins000.dat
[2012.08.12 14:32:42 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.10 21:35:48 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
< End of report >
--- --- ---
aswMBR:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-22 18:14:37
-----------------------------
18:14:37.491 OS Version: Windows x64 6.1.7601 Service Pack 1
18:14:37.491 Number of processors: 4 586 0x3A09
18:14:37.492 ComputerName: LARS-PC UserName: Lars
18:14:37.618 Initialize success
18:14:37.652 AVAST engine defs: 12092200
18:14:39.004 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:14:39.007 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 122104MB BusType: 3
18:14:39.010 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
18:14:39.012 Disk 1 Vendor: ST1000DM CC4B Size: 953869MB BusType: 3
18:14:39.018 Disk 0 MBR read successfully
18:14:39.021 Disk 0 MBR scan
18:14:39.026 Disk 0 Windows 7 default MBR code
18:14:39.028 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:14:39.031 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
18:14:39.034 Disk 0 scanning C:\Windows\system32\drivers
18:14:40.881 Service scanning
18:14:43.297 Modules scanning
18:14:43.306 Disk 0 trace - called modules:
18:14:43.315 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
18:14:43.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007764060]
18:14:43.323 3 CLASSPNP.SYS[fffff88001d2943f] -> nt!IofCallDriver -> [0xfffffa800716a7f0]
18:14:43.327 5 ACPI.sys[fffff88000ecf7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800716d050]
18:14:43.476 AVAST engine scan C:\Windows
18:14:43.859 AVAST engine scan C:\Windows\system32
18:15:02.063 AVAST engine scan C:\Windows\system32\drivers
18:15:03.180 AVAST engine scan C:\Users\Lars
18:15:33.310 Disk 0 MBR has been saved successfully to "C:\Users\Lars\Desktop\MBR.dat"
18:15:33.314 The log file has been saved successfully to "C:\Users\Lars\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-22 18:14:37
-----------------------------
18:14:37.491 OS Version: Windows x64 6.1.7601 Service Pack 1
18:14:37.491 Number of processors: 4 586 0x3A09
18:14:37.492 ComputerName: LARS-PC UserName: Lars
18:14:37.618 Initialize success
18:14:37.652 AVAST engine defs: 12092200
18:14:39.004 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:14:39.007 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 122104MB BusType: 3
18:14:39.010 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
18:14:39.012 Disk 1 Vendor: ST1000DM CC4B Size: 953869MB BusType: 3
18:14:39.018 Disk 0 MBR read successfully
18:14:39.021 Disk 0 MBR scan
18:14:39.026 Disk 0 Windows 7 default MBR code
18:14:39.028 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:14:39.031 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
18:14:39.034 Disk 0 scanning C:\Windows\system32\drivers
18:14:40.881 Service scanning
18:14:43.297 Modules scanning
18:14:43.306 Disk 0 trace - called modules:
18:14:43.315 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
18:14:43.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007764060]
18:14:43.323 3 CLASSPNP.SYS[fffff88001d2943f] -> nt!IofCallDriver -> [0xfffffa800716a7f0]
18:14:43.327 5 ACPI.sys[fffff88000ecf7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800716d050]
18:14:43.476 AVAST engine scan C:\Windows
18:14:43.859 AVAST engine scan C:\Windows\system32
18:15:02.063 AVAST engine scan C:\Windows\system32\drivers
18:15:03.180 AVAST engine scan C:\Users\Lars
18:15:33.310 Disk 0 MBR has been saved successfully to "C:\Users\Lars\Desktop\MBR.dat"
18:15:33.314 The log file has been saved successfully to "C:\Users\Lars\Desktop\aswMBR.txt"
18:15:35.950 AVAST engine scan C:\ProgramData
18:15:38.111 Scan finished successfully
18:15:45.712 Disk 0 MBR has been saved successfully to "C:\Users\Lars\Desktop\MBR.dat"
18:15:45.715 The log file has been saved successfully to "C:\Users\Lars\Desktop\aswMBR.txt"
Ich hoffe du kannst mir weiterhelfen, danke!
LG |
