| |
| |||||||
Log-Analyse und Auswertung: Langsamer Boot, Flash Plugin Problem - woran liegts?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.07.2013, 19:56
| #1 | |
 |  Langsamer Boot, Flash Plugin Problem - woran liegts? Hallo, seit einigen Tagen habe ich Probleme mit dem Adobe Flash Player Plugin, Filme, Videos etc lassen sich nur noch langsam laden und es kann definitiv nicht an meiner Hardware oder Internetverbedingung liegen. Das Plugin stürzt dauernd ab, ich habe davon 2 Prozesse im Task-Manager. Ich habe probiert das Problem selbst zu fixen, aber nun dauert mein Boot länger als zuvor und sobald ich auf Windows angekommen bin, werde ich von einem Kaspersky-Programm gefragt, ob ich dieses Ausführen möchte oder nicht - keine Ahnung ob das etwas zu bedeuten hat, jedoch brauche ich eure Hilfe, da ich nicht weiß, wo genau das Problem liegt. defogger disable Zitat:
OTL OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 07.07.2013 20:45:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mKy\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 73,79% Memory free
15,89 Gb Paging File | 13,65 Gb Available in Paging File | 85,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 210,85 Gb Free Space | 45,28% Space Free | Partition Type: NTFS
Computer Name: MKY-PC | User Name: mKy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02BF2812-3025-4354-8E16-C0384CC6A7EF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02F5F83B-B966-41F6-A9CB-A8535DC22910}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1A004169-56F1-4DBA-9DFB-8266F847D467}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2341EEA4-42D0-4AC2-86F3-E703D5269581}" = rport=138 | protocol=17 | dir=out | app=system |
"{4207440D-DD7E-41E4-9C96-C3E518737E5D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A5D84FC-F01F-4FCB-9C36-B8FF916D450A}" = lport=445 | protocol=6 | dir=in | app=system |
"{5CE6DC8F-7DFB-4A31-A277-D9C2E5D2462E}" = lport=58346 | protocol=6 | dir=in | name=pando media booster |
"{5F231F75-8115-497C-A788-F49BE476F0B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{658642A4-A16B-4A69-8755-34C32D7D9D49}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B9DFA97-8AC6-4116-934D-35EDDD6EECCA}" = lport=58346 | protocol=6 | dir=in | name=pando media booster |
"{73999932-CCD6-4134-83A6-500BF6FE0935}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FF2CD87-7081-4D9A-9A59-596BFCC8462F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8BA9BA61-F321-4285-8BF4-4C6995C27180}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8D777446-0276-4A4C-9B90-FC610F4CC00E}" = lport=139 | protocol=6 | dir=in | app=system |
"{94EA1BCE-B2B6-48AD-9AA5-336407BE1546}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A12D09F-0F06-45DC-A713-797B3B3C257A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9A3593CA-F46E-41C4-838A-D0305873AC1D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A796C1CF-7BCE-4290-8D60-6251A2396E5C}" = lport=137 | protocol=17 | dir=in | app=system |
"{A9ADDE06-C017-4E4A-A54E-DA284070F528}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AA354D07-865F-43AD-835A-41B3751A042C}" = rport=445 | protocol=6 | dir=out | app=system |
"{AD8D8374-839E-4E05-BC65-685B34456100}" = lport=58346 | protocol=17 | dir=in | name=pando media booster |
"{B09BFEC5-E893-45A4-B299-74F501405005}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B5F54F16-A2DB-490A-A06F-5C84C5CE6F24}" = rport=137 | protocol=17 | dir=out | app=system |
"{C4E5A65E-0043-456D-8306-70C7193F4F29}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5F4A146-CE30-4512-913F-E8AEBF9D1800}" = lport=58346 | protocol=17 | dir=in | name=pando media booster |
"{C8A4CBC3-5ECA-4D73-957D-00E8C433F21D}" = lport=138 | protocol=17 | dir=in | app=system |
"{F573F369-6A7F-4C15-B1D1-2400F54A0C71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F9DACB79-EA42-41C1-A93A-0E162A00739F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC883D8D-D3D7-4BEB-9549-09CD1703BF65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0065AB62-3EAE-496B-8DD7-8E176FE7E435}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{07EE8AEB-6C3C-4242-9882-8E706D82CF0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{0E1FA946-C3DB-4401-80EF-7E52BC186FA1}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{105E8219-54BD-4001-BE4A-6A0AB350599F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{172ACB66-7355-4E1D-937B-C89FF51C0D7F}" = protocol=6 | dir=in | app=c:\spiele\steam\steam.exe |
"{172F4832-8ED8-43BD-BCB3-469CE9D9C901}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17B31E01-5339-4E5F-B264-C6768FCED6B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{190969D8-FABA-418C-8066-5DC584ED5860}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{191C2040-2FFB-4180-81DB-8E882CAE698C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{22114C97-A0DD-4C8E-B754-7CA1515AD875}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{24F49438-94D2-4188-A166-578188F2E2BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{2590FDFA-BA75-42E9-A848-BBFAB4EA5362}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{28560045-A8E9-4353-94E9-9BF0E65CB215}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{306116EE-8DB7-4C1E-BBB6-2BA7B8DC4DA9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3068775F-5B0E-4EF3-B7FC-1298F035AD77}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{35D3D48C-BDD6-450C-B4AF-88B971BAA8A9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{36BF908D-4AB7-454E-B374-927AFCB6EFF7}" = dir=in | app=c:\program files\eslwire\wire.exe |
"{38DB0367-C4A9-4D01-AA44-D31F9C4822C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{3A4EDF72-2E10-4B95-AE2C-F3D909D58EEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{3AD8FA80-18D9-4E6D-9FFE-23000188755C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{42B88948-B014-4DEC-8E3B-F6DA492C5B59}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4A6C810D-95E3-464A-B467-7BE5A54256D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{5027278A-BFB5-41D1-85A6-C63F29CFAD54}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{57780257-1C6B-4C66-AC62-E49C18808628}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{59B66EE0-9603-4020-A120-F5FB27F3C4E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D124B33-AB5D-4A75-B84B-84283C71FB6F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{5D815110-B0AF-4CA3-85D9-F9E6C6C62104}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{5FCD55F4-6F3E-4D8E-8619-9773BFC03133}" = protocol=6 | dir=in | app=c:\users\public\games\runic games\torchlight 2\tl2.runic.launcher.exe |
"{61BB661F-A64F-4905-9D1E-848EAEEDC1C3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{6204ABB0-BF95-450F-B630-802492A0758D}" = protocol=17 | dir=in | app=c:\users\public\games\runic games\torchlight 2\torchlight2.exe |
"{65667721-E906-4CFE-A39F-47A67BFC9DA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{663E5A66-8B7B-4550-93C8-286E11798993}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{67083C86-BDEF-47F0-A41B-7726F7708418}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{719984BF-DDFA-4981-BB92-61A3F20A9884}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{774F1D86-BC32-4DA0-BB57-05AE4793DEB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{77700E0C-8DDF-4E45-BA59-BF1FA37A36E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{80418D4E-9B96-4237-AAA9-BA71681BA4A4}" = protocol=6 | dir=out | app=system |
"{8B76FC3D-F4A6-4903-9556-07A07A8399EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{8D06EA5A-B6A4-4B54-A41D-C9CB780D0D01}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{8D73B0AE-2EA9-4A07-8D57-C0F794C290D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{8DE5DC92-C3AA-4AF9-9ECA-494CE4050514}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9198722A-B8D8-416E-B225-C41EF9B160C4}" = protocol=58 | dir=in | app=system |
"{941C68D3-77A7-4E51-9374-3CDDB568DE1E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{98CDE2F5-E3BD-49F6-8A7D-7228802EC061}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9934840B-950C-460C-9DAC-29FF63485E5E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9B2A9893-8AAE-43D4-BF98-24918E2B4550}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{9F326DB7-71A9-4D29-B222-45722400B761}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A3948AAB-FAAE-4341-BE16-FF3B16FBF785}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A4B8179F-B0B3-427D-A2CD-FD658DB33155}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A9473783-80FF-41A6-AE06-B0A05B634FEC}" = protocol=17 | dir=in | app=c:\spiele\world of warcraft\launcher.patch.exe |
"{ABDA658D-1397-46DC-8C23-22E7C3DBFC93}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\mkyrockt\counter-strike source\hl2.exe |
"{AD188A4D-CA68-45A9-B142-E96AE54E630A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{B09F1766-7834-47C7-B722-A779C3F03C0A}" = protocol=6 | dir=in | app=c:\users\public\games\runic games\torchlight 2\torchlight2.exe |
"{B13A4F55-9C7F-4F23-A0C2-0C8BF0EE2A6F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B19B3109-C913-4F2D-9FDA-AA1537C68D03}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{B268A16B-D26A-41C6-A9E3-4F1D94A0D51C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football superstars\patchbootstrap.exe |
"{B2AB7C83-F0C3-4CA2-80E7-3E2435BB8DD6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B318C361-4A5B-40F7-8D08-D32FE864702F}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\mkyrockt\counter-strike source\hl2.exe |
"{B3379AF0-DF82-4180-A018-C0DEDB9F4528}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{B3C79A66-548F-474C-9FCB-06953C7CF2A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\mkyrockt\counter-strike source\hl2.exe |
"{B9F5BC71-C28E-4077-8956-08DE27996EB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{BC5D82E5-02C5-4177-AD4A-3E521BBDB2C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BD347549-0B0F-4C5D-A3B6-181509B55777}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C09C2F64-00D8-4149-9C61-3FB16F99CA10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{C0DADAAD-433A-420F-831F-669F05289F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{C3E66B6D-BC91-401F-A66F-6B4FAD7730A2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C7305666-9EE8-4686-B84F-A8AE3AC16989}" = protocol=6 | dir=in | app=c:\spiele\world of warcraft\launcher.patch.exe |
"{C7EDB4C1-78DC-4B0D-A9EF-1BCD6018EC14}" = protocol=17 | dir=in | app=c:\spiele\steam\steam.exe |
"{C9C8D3A3-B985-4591-AB3B-452489074313}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{CBD1D279-A503-433E-A856-62204A96F56F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CC38E07D-8846-457B-BFAB-6B560342AE69}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CC6FCE2F-2C93-427E-926C-7D4765F2AACC}" = protocol=17 | dir=in | app=c:\users\public\games\runic games\torchlight 2\tl2.runic.launcher.exe |
"{CD9F61F1-93BC-43F4-BF46-E20CE8A01944}" = dir=in | app=c:\users\mky\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{D09C2B6B-82AB-47BB-A969-2C0CB1BB12A0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE8C7258-B2FF-452A-8257-1F02F3B0EC05}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\mkyrockt\counter-strike source\hl2.exe |
"{E11D0A7E-E08B-40DC-B318-CB5B7C546BCB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E3DFA8A1-07ED-40E1-9828-561CA21AE8AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{E49F546E-3077-44CF-9F64-22FE94C84C89}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{E624A546-45A2-4744-AF0B-6527949AA7EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{ED51FF24-2E5C-4E43-B43D-84B14E123BD4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EDC60BB3-F2E1-4A60-B102-9C2848766206}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{F05B0AD3-E21F-439E-932D-CCEBA6BC728E}" = dir=out | app=c:\program files\eslwire\wire.exe |
"{F69C7F18-5F59-4ABB-997C-7D3741EDDFDB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{F7D3A3C7-5075-415A-A0E6-A6A3F18A33C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7F0C7F7-7536-49A4-A1D6-0C19803380D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football superstars\patchbootstrap.exe |
"{FAE9A524-6F59-4926-A859-CC12FA21438C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{FBB29DC2-17F2-481B-AD26-723F694388A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{FEC7EDE6-4EB2-463D-8739-F5F31676DBCD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"TCP Query User{19B69521-5620-4764-901B-52C3D3FFFBD8}C:\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\spiele\world of warcraft\launcher.exe |
"TCP Query User{304BB03E-C058-4DD0-8BD0-014E336E592C}C:\users\public\games\runic games\torchlight 2\tl2.runic.launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\runic games\torchlight 2\tl2.runic.launcher.exe |
"TCP Query User{434A499A-33D2-47A3-8EB0-8E958C47CD9A}C:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe" = protocol=6 | dir=in | app=c:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe |
"TCP Query User{56FCA1F7-3DF4-4DD1-83F4-1D87C0F2AA0D}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"TCP Query User{643C61C4-5089-4CBA-8BDE-0B801EA7E7E9}C:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe" = protocol=6 | dir=in | app=c:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe |
"TCP Query User{732C023D-AC26-4DD0-A659-191C56755B60}C:\users\mky\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mky\appdata\roaming\spotify\spotify.exe |
"TCP Query User{7D514DAA-259C-4865-A238-38650A132D20}C:\users\mky\downloads\sro_full_client_downloader_bmt_v7.exe" = protocol=6 | dir=in | app=c:\users\mky\downloads\sro_full_client_downloader_bmt_v7.exe |
"TCP Query User{93E7CF86-CE23-46E0-AD41-9B63D56D1257}C:\users\mky\downloads\psro_full_client_downloader_v3(1).exe" = protocol=6 | dir=in | app=c:\users\mky\downloads\psro_full_client_downloader_v3(1).exe |
"TCP Query User{AB3AA105-0F8E-4230-946A-13F586B6E053}C:\users\mky\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mky\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B16F071A-0F14-4B30-88EB-1E2E70C92C7B}C:\users\mky\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mky\appdata\local\akamai\netsession_win.exe |
"TCP Query User{CD5C2386-B6BB-4105-85A7-8C458B837CEB}C:\spiele\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\spiele\warcraft iii\war3.exe |
"TCP Query User{CF947D6B-3B3D-4C2D-8D9F-BCCCF5337AC2}C:\spiele\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\spiele\heroes of newerth\hon.exe |
"TCP Query User{E2B20030-2EC4-4BB6-AA5A-425040828A3D}C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"TCP Query User{EABFC875-FEC3-467C-B0BF-4A014CE18C81}C:\users\mky\downloads\psro_full_client_downloader_v3.exe" = protocol=6 | dir=in | app=c:\users\mky\downloads\psro_full_client_downloader_v3.exe |
"TCP Query User{F075032D-0DCC-4AEF-BE5F-EDF3B2540E00}C:\users\mky\downloads\psror_full_client_downloader_v3(1).exe" = protocol=6 | dir=in | app=c:\users\mky\downloads\psror_full_client_downloader_v3(1).exe |
"TCP Query User{F2203345-E8DF-49E8-8724-C43197F04CD0}C:\users\mky\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mky\appdata\local\akamai\netsession_win.exe |
"UDP Query User{066F79F4-F48F-45AB-9318-AA2B7C0E30C6}C:\users\mky\downloads\psro_full_client_downloader_v3(1).exe" = protocol=17 | dir=in | app=c:\users\mky\downloads\psro_full_client_downloader_v3(1).exe |
"UDP Query User{0D1562DC-77D9-407F-88C2-BBB34A2DB0AA}C:\users\mky\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mky\appdata\roaming\spotify\spotify.exe |
"UDP Query User{271AB538-D5C9-4025-BC67-BD2B791737EE}C:\users\mky\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mky\appdata\roaming\spotify\spotify.exe |
"UDP Query User{323134AD-52B4-4302-B4B9-79EE363F0187}C:\users\public\games\runic games\torchlight 2\tl2.runic.launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\runic games\torchlight 2\tl2.runic.launcher.exe |
"UDP Query User{3284D84F-B4A2-4C6D-8F79-45B1482CE168}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"UDP Query User{360ED17B-5EC7-4BAA-B5BD-65D42B6F5EC2}C:\users\mky\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mky\appdata\local\akamai\netsession_win.exe |
"UDP Query User{61965A92-BC82-42BF-8773-55815A176CB5}C:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe" = protocol=17 | dir=in | app=c:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe |
"UDP Query User{78F733CC-7B71-4BCF-8883-A8BF61513925}C:\users\mky\downloads\psror_full_client_downloader_v3(1).exe" = protocol=17 | dir=in | app=c:\users\mky\downloads\psror_full_client_downloader_v3(1).exe |
"UDP Query User{8767E5A9-1D49-42EF-A16A-1C431798BE7A}C:\users\mky\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mky\appdata\local\akamai\netsession_win.exe |
"UDP Query User{9324D04F-5E29-45E1-B88F-AF09A6414AD6}C:\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\spiele\world of warcraft\launcher.exe |
"UDP Query User{942DD162-2D35-4F46-9740-14B0A5B78A1B}C:\users\mky\downloads\psro_full_client_downloader_v3.exe" = protocol=17 | dir=in | app=c:\users\mky\downloads\psro_full_client_downloader_v3.exe |
"UDP Query User{C0C7B1B4-DB63-4941-98BA-A5DA75DCB978}C:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe" = protocol=17 | dir=in | app=c:\spiele\electronic arts\bioware\star wars-the old republic\launcher.exe |
"UDP Query User{C3451945-8502-46AD-B058-2CCCD56E1E00}C:\users\mky\downloads\sro_full_client_downloader_bmt_v7.exe" = protocol=17 | dir=in | app=c:\users\mky\downloads\sro_full_client_downloader_bmt_v7.exe |
"UDP Query User{DFB1CAFF-8E20-4205-B11C-71BF528726FB}C:\spiele\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\spiele\warcraft iii\war3.exe |
"UDP Query User{E0940D5C-A540-494A-BA99-1EB0D9951E62}C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"UDP Query User{F2CF5973-CDFC-4BE1-B07E-F7D0DDD1A58C}C:\spiele\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\spiele\heroes of newerth\hon.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC4
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB7F4312-8037-4EBF-9D0F-5513CDFD534C}" = ATI Catalyst Install Manager
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ESL Wire_is1" = ESL Wire 1.11.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.10 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}" = Torchlight 2
"{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 25
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface
"AudioCS" = Creative-Audiokonsole
"Avira AntiVir Desktop" = Avira Free Antivirus
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DivX Setup" = DivX-Setup
"ESE Account Manager" = ESE Account Manager 2.0.0.2
"hon" = Heroes of Newerth
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"RaidCall" = RaidCall
"Silkroad" = Silkroad
"SilkroadR" = SilkroadR
"SimpleScreenshot" = SimpleScreenshot 1.40
"Steam App 205790" = Dota 2 Test
"Steam App 219870" = Football Superstars
"Steam App 220240" = Far Cry® 3
"Steam App 240" = Counter-Strike: Source
"Steam App 49520" = Borderlands 2
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 745" = Counter-Strike: Global Offensive - SDK
"StepMania" = StepMania (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uplay" = Uplay
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.07.2013 09:13:57 | Computer Name = mKy-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Steam\steamapps\common\football superstars\DevWidgetsD_msvcrtd.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\Steam\steamapps\common\football
superstars\Microsoft.VC90.CRT.MANIFEST" in Zeile 4. Die im Manifest gefundene Komponenten-ID
stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.4148".
Definition:
Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Verwenden
Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 02.07.2013 09:13:57 | Computer Name = mKy-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Steam\steamapps\common\football superstars\DevWidgetsR_msvcrt.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\Steam\steamapps\common\football
superstars\Microsoft.VC90.CRT.MANIFEST" in Zeile 4. Die im Manifest gefundene Komponenten-ID
stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.4148".
Definition:
Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Verwenden
Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 02.07.2013 22:58:44 | Computer Name = mKy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 03.07.2013 05:35:19 | Computer Name = mKy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 05.07.2013 20:09:00 | Computer Name = mKy-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2013 20:11:50 | Computer Name = mKy-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist " ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte
Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen
Indexwerte enthalten.
Error - 05.07.2013 20:40:09 | Computer Name = mKy-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Steam\steamapps\common\football superstars\DevWidgetsD_msvcrtd.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\Steam\steamapps\common\football
superstars\Microsoft.VC90.CRT.MANIFEST" in Zeile 4. Die im Manifest gefundene Komponenten-ID
stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.4148".
Definition:
Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Verwenden
Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 05.07.2013 20:40:09 | Computer Name = mKy-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Steam\steamapps\common\football superstars\DevWidgetsR_msvcrt.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\Steam\steamapps\common\football
superstars\Microsoft.VC90.CRT.MANIFEST" in Zeile 4. Die im Manifest gefundene Komponenten-ID
stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.4148".
Definition:
Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Verwenden
Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 07.07.2013 14:33:22 | Computer Name = mKy-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.07.2013 14:36:23 | Computer Name = mKy-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist " ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte
Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen
Indexwerte enthalten.
[ System Events ]
Error - 14.12.2012 00:38:41 | Computer Name = mKy-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.141.1697.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9002.0 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes
Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Error - 14.12.2012 13:48:17 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 15.12.2012 21:28:54 | Computer Name = mKy-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.141.1942.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9002.0 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes
Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Error - 18.12.2012 18:20:06 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver
Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive
Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 18.12.2012 18:20:06 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
LogMeIn Hamachi Tunneling Engine erreicht.
Error - 18.12.2012 18:20:06 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 18.12.2012 18:20:36 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver
Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive
Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 18.12.2012 18:20:36 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
LogMeIn Hamachi Tunneling Engine erreicht.
Error - 18.12.2012 18:20:36 | Computer Name = mKy-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 18.12.2012 18:38:56 | Computer Name = mKy-PC | Source = bowser | ID = 8003
Description =
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.07.2013 20:45:25 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mKy\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 73,79% Memory free 15,89 Gb Paging File | 13,65 Gb Available in Paging File | 85,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 210,85 Gb Free Space | 45,28% Space Free | Partition Type: NTFS Computer Name: MKY-PC | User Name: mKy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.07 20:44:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mKy\Desktop\OTL.exe PRC - [2013.07.07 20:33:28 | 004,640,768 | ---- | M] (Spotify Ltd) -- C:\Users\mKy\AppData\Roaming\Spotify\Spotify.exe PRC - [2013.07.03 04:59:13 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.06.28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2013.06.05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\mKy\AppData\Local\Akamai\netsession_win.exe PRC - [2013.01.10 11:05:32 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.12 23:08:12 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.08.08 20:01:11 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011.01.17 19:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 19:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.03.18 20:17:48 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe PRC - [2010.02.12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2008.02.09 11:00:30 | 002,255,360 | ---- | M] (Mirko Böer) -- C:\Program Files (x86)\SSS\SimpleScreenshot.exe ========== Modules (No Company Name) ========== MOD - [2013.07.07 20:33:22 | 024,985,600 | ---- | M] () -- C:\Users\mKy\AppData\Roaming\Spotify\Data\libcef.dll MOD - [2013.07.03 04:58:48 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013.01.10 11:05:32 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2012.03.04 23:55:40 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.07.03 04:59:12 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2013.05.27 00:30:12 | 005,127,200 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2013.03.15 18:29:10 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.03.01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.12 23:08:12 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.10.03 00:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.01.28 20:34:27 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2012.01.24 14:50:46 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc) SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.24 14:50:38 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC) DRV:64bit: - [2012.01.24 14:50:38 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:64bit: - [2011.03.21 15:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.04 07:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011.03.04 07:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011.02.24 11:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011.02.24 11:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2010.12.16 06:06:46 | 000,047,232 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.11.25 05:27:42 | 000,120,408 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.09.30 21:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.09.30 21:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.03.18 21:52:18 | 000,295,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k) DRV:64bit: - [2010.03.18 21:52:10 | 000,259,672 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k) DRV:64bit: - [2010.03.18 21:52:02 | 001,360,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k) DRV:64bit: - [2010.03.18 21:51:50 | 000,147,544 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2010.03.18 21:51:34 | 000,290,392 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2010.03.18 21:51:26 | 000,016,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2010.03.18 21:51:18 | 000,221,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2010.03.18 21:50:52 | 000,866,264 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) DRV:64bit: - [2010.03.18 21:50:42 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2010.03.18 21:40:10 | 000,141,912 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTERFXFX.sys -- (CTERFXFX.SYS) DRV:64bit: - [2010.03.18 21:40:10 | 000,141,912 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTERFXFX.sys -- (CTERFXFX) DRV:64bit: - [2010.03.18 21:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX.SYS) DRV:64bit: - [2010.03.18 21:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX) DRV:64bit: - [2010.03.18 21:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX.SYS) DRV:64bit: - [2010.03.18 21:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX) DRV:64bit: - [2010.03.18 21:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX.SYS) DRV:64bit: - [2010.03.18 21:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2007.04.10 05:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV:64bit: - [2007.04.10 05:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL) DRV:64bit: - [2007.04.10 05:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV:64bit: - [2007.04.10 05:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV:64bit: - [2007.04.10 05:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV:64bit: - [2007.04.10 05:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV:64bit: - [2007.04.10 05:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{3C75F07A-7838-4B12-8017-932CA5A8F50F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=80f45a53-c7f6-45d2-a543-782228bf2a8e&apn_sauid=0B2E63F2-E13A-479C-94A7-F4E2BE1F5E1F IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local> ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\mKy\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF - HKLM\Software\MozillaPlugins\@raidcall.kr/RCplugin: C:\Users\mKy\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\mKy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.05 16:16:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.03 04:58:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.03 04:58:44 | 000,000,000 | ---D | M] [2012.01.28 20:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mKy\AppData\Roaming\mozilla\Extensions [2013.07.04 01:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mKy\AppData\Roaming\mozilla\Firefox\Profiles\wbur3zd3.default-1372892069866\extensions [2013.07.04 01:01:16 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\mKy\AppData\Roaming\mozilla\firefox\profiles\wbur3zd3.default-1372892069866\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.07.03 04:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions [2013.07.03 04:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.07.03 04:59:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [SimpleScreenshot] C:\PROGRA~2\SSS\SIMPLESCREENSHOT.EXE (Mirko Böer) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\mKy\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Facebook Update] C:\Users\mKy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent File not found O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Spotify] C:\Users\mKy\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\mKy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - Startup: C:\Users\mKy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F07C9AEF-E6C0-4ED7-907C-C2CB0AF89D08}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.07 20:44:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mKy\Desktop\OTL.exe [2013.07.07 19:41:06 | 000,000,000 | ---D | C] -- C:\Users\mKy\Desktop\RK_Quarantine [2013.07.07 19:38:44 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013.07.07 19:38:09 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\31978637.sys [2013.07.06 02:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.07.06 02:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2013.07.06 02:08:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.07.05 07:52:09 | 000,000,000 | ---D | C] -- C:\Users\mKy\AppData\Local\Programs [2013.07.04 00:54:32 | 000,000,000 | ---D | C] -- C:\Users\mKy\Desktop\Alte Firefox-Daten [2013.07.03 04:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.06.27 23:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Silkroad [2013.06.27 22:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SilkroadR [2013.06.27 21:13:05 | 005,127,200 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2013.06.27 21:12:47 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2013.06.27 21:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2013.06.27 20:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf [2013.06.27 20:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf [2013.06.27 20:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf [2013.06.27 20:44:47 | 000,000,000 | ---D | C] -- C:\Users\mKy\AppData\Local\Overwolf [2013.06.27 20:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Games-Masters.com [2012.12.08 18:58:42 | 001,178,624 | ---- | C] (CPUID) -- C:\Users\mKy\AppData\Roaming\siw_sdk.dll ========== Files - Modified Within 30 Days ========== [2013.07.07 20:44:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mKy\Desktop\OTL.exe [2013.07.07 20:44:08 | 000,000,000 | ---- | M] () -- C:\Users\mKy\defogger_reenable [2013.07.07 20:42:59 | 000,050,477 | ---- | M] () -- C:\Users\mKy\Desktop\Defogger.exe [2013.07.07 20:39:15 | 000,035,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.07 20:39:15 | 000,035,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.07 20:31:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.07 20:31:29 | 2104,512,511 | -HS- | M] () -- C:\hiberfil.sys [2013.07.07 20:29:20 | 000,034,240 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000007-00000000-00000005-00001102-00000004-20021102}.rfx [2013.07.07 20:29:20 | 000,034,240 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000007-00000000-00000005-00001102-00000004-20021102}.rfx [2013.07.07 20:29:20 | 000,030,528 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000007-00000000-00000005-00001102-00000004-20021102}.rfx [2013.07.07 20:29:20 | 000,030,528 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000007-00000000-00000005-00001102-00000004-20021102}.rfx [2013.07.07 20:29:20 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000007-00000000-00000005-00001102-00000004-20021102}.rfx [2013.07.07 19:38:10 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\31978637.sys [2013.07.07 18:39:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1268233647-2086190670-3795427419-1000UA.job [2013.07.07 00:39:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1268233647-2086190670-3795427419-1000Core.job [2013.07.05 07:52:23 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.07.01 16:00:10 | 506,566,888 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.06.30 00:27:09 | 000,301,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.06.27 23:28:56 | 000,001,889 | ---- | M] () -- C:\Users\mKy\Desktop\Silkroad.lnk [2013.06.27 22:20:01 | 000,001,898 | ---- | M] () -- C:\Users\mKy\Desktop\SilkroadR.lnk ========== Files Created - No Company Name ========== [2013.07.07 20:44:08 | 000,000,000 | ---- | C] () -- C:\Users\mKy\defogger_reenable [2013.07.07 20:42:58 | 000,050,477 | ---- | C] () -- C:\Users\mKy\Desktop\Defogger.exe [2013.06.27 22:20:01 | 000,001,898 | ---- | C] () -- C:\Users\mKy\Desktop\SilkroadR.lnk [2013.06.27 22:12:25 | 000,001,889 | ---- | C] () -- C:\Users\mKy\Desktop\Silkroad.lnk [2013.06.27 21:12:47 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2012.12.12 23:08:14 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.12.12 23:08:12 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.12.03 15:34:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.12.03 15:34:58 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.02.17 17:35:39 | 1292,652,314 | ---- | C] () -- C:\Users\mKy\SilkroadOnline_GlobalOfficial_v1_346_LEGEND_8.exe [2012.01.29 20:20:38 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2012.01.29 02:59:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.01.29 02:59:18 | 000,023,866 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012.01.28 20:33:54 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012.01.28 20:33:54 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.01.04 12:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.28 05:09:26 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\Babylon [2013.05.06 03:28:16 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\Downloaded Installations [2013.04.02 09:32:06 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\ICQ [2013.01.26 09:28:18 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\LolClient [2012.12.12 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\Notepad++ [2013.05.28 05:09:06 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\OpenCandy [2012.03.04 23:55:57 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\OpenOffice.org [2013.06.07 01:40:07 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\raidcall [2012.11.30 15:40:58 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\RCKR [2013.06.08 09:24:12 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\SimpleScreenshot [2013.07.07 20:38:30 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\Spotify [2013.07.04 00:47:04 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\TS3Client [2012.12.08 19:01:16 | 000,000,000 | ---D | M] -- C:\Users\mKy\AppData\Roaming\TuneUp Software ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 5120 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys @Alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys @Alternate Data Stream - 4096 bytes -> C:\Users\mKy\Documents\desktop.ini:gs5sys < End of report > Vielen Dank für Ihre Hilfe! Geändert von mKy (07.07.2013 um 20:03 Uhr) |
|
07.07.2013, 20:31
| #2 |
| /// the machine /// TB-Ausbilder    | Langsamer Boot, Flash Plugin Problem - woran liegts? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
Linear-Darstellung
