Alles befolgt.
Hier der derzeitige OTL Log: Code:
OTL logfile created on: 02.08.2012 22:39:37 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Kev\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 65,63% Memory free
8,00 Gb Paging File | 6,42 Gb Available in Paging File | 80,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,05 Gb Total Space | 36,29 Gb Free Space | 24,35% Space Free | Partition Type: NTFS
Computer Name: KEV-PC | User Name: Kev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Kev\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\LOLReplay\LOLUtils.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (OverwolfUpdaterService) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe (Overwolf Ltd)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (xsherlock) -- C:\Windows\SysWOW64\xsherlock.xem (Wellbia.com Co., Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D5 D8 A6 55 75 23 CC 01 [binary data]
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 216.155.139.115:3128
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "64.120.226.94"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "64.120.226.94"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "64.120.226.94"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "64.120.226.94"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 01:58:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.02 22:36:51 | 000,000,000 | ---D | M]
[2011.04.18 21:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kev\AppData\Roaming\mozilla\Extensions
[2012.05.20 11:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions
[2012.05.20 11:31:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.04.19 14:45:06 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions\battlefieldheroespatcher@ea.com
[2011.07.08 17:34:40 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions\DefaultManager@Microsoft
[2012.04.26 15:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.08 23:45:00 | 000,061,705 | ---- | M] () (No name found) -- C:\USERS\KEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ILO8SUJG.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI
[2012.01.02 01:42:09 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\KEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ILO8SUJG.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012.04.29 21:29:12 | 000,004,404 | ---- | M] () (No name found) -- C:\USERS\KEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ILO8SUJG.DEFAULT\EXTENSIONS\YOUTUBEUNBLOCKER@UNBLOCKER.YT.XPI
[2012.07.18 01:58:02 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.13 22:58:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.13 22:58:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.13 22:58:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.06.11 22:59:39 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.02.13 22:58:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.13 22:58:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 22:58:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.08.02 18:58:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E88F556F-0087-4D8B-BDC0-4E06F860C0B7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E88F556F-0087-4D8B-BDC0-4E06F860C0B7}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.02 22:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.08.02 22:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.02 22:33:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.08.02 22:32:58 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.02 22:32:58 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.02 22:32:52 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.02 22:32:52 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.02 22:29:40 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\Macromedia
[2012.08.02 22:22:22 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.02 22:22:22 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.02 22:20:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.02 19:03:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.08.02 18:58:37 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.08.02 18:56:46 | 000,000,000 | ---D | C] -- C:\found.001
[2012.08.02 18:47:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.08.02 18:47:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.08.02 18:47:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.08.02 18:46:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.08.02 18:46:47 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.08.02 15:38:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.08.02 15:38:00 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Kev\Desktop\OTL.exe
[2012.08.02 07:02:56 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Roaming\Malwarebytes
[2012.08.02 07:02:41 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.02 07:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.02 07:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.02 07:02:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.02 07:02:25 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Kev\Desktop\mbam-setup-1.62.0.1300.exe
[2012.08.02 05:49:50 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.07.28 14:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2012.07.24 14:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.07.24 14:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012.07.24 13:56:30 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\Risen
[2012.07.24 13:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver
[2012.07.19 14:48:10 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\SKIDROW
[2012.07.19 14:48:10 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\Risen2
[2012.07.19 01:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.07.19 00:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.07.19 00:44:20 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.19 00:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.07.12 02:16:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.12 02:16:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.12 02:16:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.12 02:16:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.12 02:16:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.12 02:16:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.12 02:16:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.12 02:16:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.12 02:16:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.12 02:16:41 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.12 02:16:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.12 02:16:41 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.12 02:16:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.12 01:20:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.12 01:20:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.12 01:20:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.12 01:16:50 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.12 01:16:49 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.08 15:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.02 22:32:43 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.02 22:32:43 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.02 22:22:22 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.02 22:22:22 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.02 19:31:04 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.02 19:13:59 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 19:13:59 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 19:10:53 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.02 19:10:53 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.02 19:10:53 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.02 19:10:53 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.02 19:10:52 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.02 19:06:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.02 19:06:01 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.02 18:58:35 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.08.02 18:57:26 | 000,003,536 | ---- | M] () -- C:\bootsqm.dat
[2012.08.02 06:59:08 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Kev\Desktop\mbam-setup-1.62.0.1300.exe
[2012.08.02 06:58:56 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Kev\Desktop\OTL.exe
[2012.08.02 06:56:47 | 004,503,728 | ---- | M] () -- C:\ProgramData\ras_0oed.pad
[2012.08.02 00:39:03 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.08.02 00:39:03 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.02 00:38:47 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.08.01 02:56:52 | 000,001,354 | ---- | M] () -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2012.07.28 15:04:35 | 050,846,578 | ---- | M] () -- C:\Users\Kev\Desktop\Raplays.rar
[2012.07.28 14:19:51 | 000,001,993 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.07.28 14:19:51 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.07.27 16:50:43 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.07.19 00:45:28 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.07.19 00:44:20 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.12 23:50:20 | 000,000,080 | ---- | M] () -- C:\Users\Kev\AppData\Roaming\mBot.ini
[2012.07.05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.07.05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.07.05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.02 22:36:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.02 19:31:04 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.02 18:57:26 | 000,003,536 | ---- | C] () -- C:\bootsqm.dat
[2012.08.02 18:47:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.08.02 18:47:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.08.02 18:47:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.08.02 18:47:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.08.02 18:47:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.08.02 02:50:29 | 004,503,728 | ---- | C] () -- C:\ProgramData\ras_0oed.pad
[2012.08.01 02:56:52 | 000,001,354 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2012.07.28 15:04:22 | 050,846,578 | ---- | C] () -- C:\Users\Kev\Desktop\Raplays.rar
[2012.07.28 14:18:56 | 000,001,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.07.28 14:18:56 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.07.19 00:45:28 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.03.29 17:37:09 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.03.29 17:37:09 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\bd4040cn.dat
[2012.03.29 17:37:09 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.01.27 16:52:38 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2012.01.27 16:52:38 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2012.01.04 04:42:06 | 000,000,080 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\mBot.ini
[2011.10.30 19:08:09 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.09.14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.01 01:30:54 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.09.01 01:30:54 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.09.01 01:30:54 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.08.31 22:04:46 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.08.15 15:28:47 | 000,100,712 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.07.02 20:37:53 | 000,000,031 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\esroLoader.ini
[2011.06.23 02:03:19 | 000,000,105 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\private_server_loader.ini
[2011.06.22 23:59:59 | 000,000,292 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.06.22 17:16:06 | 000,000,598 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.06.22 17:15:48 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011.05.14 09:33:49 | 001,598,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.19 15:17:23 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.19 15:17:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.18 22:22:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2011.06.22 23:59:59 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\BITS
[2012.08.02 19:31:31 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\DAEMON Tools Lite
[2011.06.22 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\FlashGet
[2011.06.22 17:15:41 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\FlashGetBHO
[2012.05.17 20:23:37 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\Leadertech
[2011.04.18 23:41:03 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\LolClient
[2012.05.24 16:33:08 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\LolClient2
[2011.11.18 21:00:33 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\OpenOffice.org
[2011.10.26 23:19:31 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\Origin
[2011.04.21 22:21:26 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\PunkBuster
[2012.01.12 01:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\QuickScan
[2011.04.19 11:34:07 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\SFBot
[2012.04.15 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\TeamViewer
[2012.08.02 19:31:29 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\TS3Client
[2012.06.26 16:59:33 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\wargaming.net
[2011.08.29 18:05:43 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\www.rene-zeidler.de
[2012.06.24 11:47:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extra-Log: Code:
OTL Extras logfile created on: 02.08.2012 22:39:37 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Kev\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 65,63% Memory free
8,00 Gb Paging File | 6,42 Gb Available in Paging File | 80,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,05 Gb Total Space | 36,29 Gb Free Space | 24,35% Space Free | Partition Type: NTFS
Computer Name: KEV-PC | User Name: Kev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06899AAF-E55A-436C-957E-0F70AC5A5467}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{094F37A6-47F8-4268-9CF3-E0352333817C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{129658BE-1364-420C-A067-7907A997FA76}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{16BF999B-A54A-461C-A443-18866C19BDED}" = lport=6900 | protocol=17 | dir=in | name=league of legends launcher |
"{18DC69EC-F6B7-4A4E-A08B-BBBEC537C4EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C30B52F-3572-40FC-AC47-084DF5C92919}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2290F550-86C1-4E48-91CA-4D64212456A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B0E1B0F-7422-49CD-9249-811E3A0D9E0E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E5BA39B-B2DD-48F2-8DC5-8CA26F881191}" = lport=49169 | protocol=6 | dir=in | name=akamai netsession interface |
"{2FD372C9-FC8A-4FFA-B9D1-68D0568ED7C3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{30DCC186-613B-4964-9791-83B522C78524}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{340DED20-CEEE-47B7-8C64-962666B96C2A}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{39E37FA2-2793-496F-97BC-687277B1858C}" = rport=139 | protocol=6 | dir=out | app=system |
"{3B1F684E-F560-4DE8-BB97-F15FDAB2794A}" = lport=445 | protocol=6 | dir=in | app=system |
"{3D325BBC-75CB-45D9-AECD-70B158E3DFBA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4317AC17-A4F7-4EBB-8E51-B846D960281B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{4F8E3366-9105-4DF0-A276-28125FC63668}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher |
"{61845226-8B84-4927-A695-9579C011F5CE}" = rport=137 | protocol=17 | dir=out | app=system |
"{697138E3-8B41-4543-9472-2EAC4DE4E300}" = lport=139 | protocol=6 | dir=in | app=system |
"{762A79D9-9B9E-48BC-B940-4A593766F867}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{80EC02E3-B068-49C8-927F-748D0A0C8A9D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{811B8076-3994-4528-B422-4227FD2238CC}" = lport=49175 | protocol=6 | dir=in | name=akamai netsession interface |
"{85E7C377-6ADB-4597-9043-65528C884E87}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{87DE1166-DF1E-45D5-9340-BC1809C32D3F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9013E1D1-5CD7-4AE0-8A69-D5E17E5C281B}" = lport=49195 | protocol=6 | dir=in | name=akamai netsession interface |
"{952E55AE-A6B0-4989-8FD9-25B6E56ECDAE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{99240B89-1C8E-4971-BD0F-2934EA5251C7}" = lport=6900 | protocol=6 | dir=in | name=league of legends launcher |
"{9DACBF95-2D20-4243-B4D6-930DBCA956AA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AB6D2BBB-FC07-4513-909E-0510B7174D01}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AC7CA488-04A0-4198-8DE5-50CD591D14B8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B416EC4E-1964-4198-9BA9-101DD684D41E}" = lport=137 | protocol=17 | dir=in | app=system |
"{BACBB0B5-4D6C-4464-8891-81E9F69A088E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC880336-957F-4647-8CD0-6B8950596F42}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{BCC5ADA0-B77B-492F-A3BE-96758471721D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{C0B1ECE5-6BC2-460A-B9F2-3CB8BC3AC5E2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C5520744-7AE6-48AB-AA52-03A7183F3AEA}" = lport=138 | protocol=17 | dir=in | app=system |
"{C93C3361-917F-453E-A996-43F9B68BFD37}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CC0653FB-F25D-41FA-BDB2-CCC3CDB966C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4D6F56D-CF4E-4D64-99D9-71444D2F484C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D8301A37-4A62-4C01-A7EB-858F88FF9D14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF47ADF3-1B5E-4A27-A7B2-31D14BD4BC88}" = lport=49182 | protocol=6 | dir=in | name=akamai netsession interface |
"{DF9C3A56-F22D-4020-9D9C-AF6ABAC5E721}" = rport=445 | protocol=6 | dir=out | app=system |
"{E93D3E22-2331-4995-965B-3F46B156DD0B}" = rport=138 | protocol=17 | dir=out | app=system |
"{E9DAA044-4BDA-42CE-AE18-8E640A0BAD4C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB421CB5-BEF9-4BD8-8B7B-F15DD2401567}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher |
"{EC1FF399-47D7-4AF3-B584-ED84A59FCF10}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0CC8030-4D06-4CE2-B0C5-9C3397C9EB8D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F77DEC57-F1F5-474A-9CA4-3DAA9244D1E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002D0026-E596-4656-93BF-FCA3CBAF63FB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{139B59F1-129C-4890-95B0-B355EEFFA77D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1845DD98-797A-40CB-A951-004356740405}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{18566774-4DDF-44EA-90ED-CEB18CC49811}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21F8C564-0A6D-4D53-BF22-0BAF4F5E3173}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{259E79AA-693E-4E63-AFEC-5CA61C514AA0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{302F7C49-4D00-4887-93EF-EF7A01711741}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{32CB6DE0-9BC6-45BE-9210-CB67B671970F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{35CA1254-12DB-4ABF-8AAD-6236EE5DB1DD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3AB9962C-033D-41F7-ABFB-8AF42C1B2417}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3B159C87-E076-4862-A06B-3B88B02A97BF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{3DDD1944-7DD4-4813-BF09-E76B8AC55276}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{420A3B12-5963-4F36-AEB9-49273A6D23DF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{52CF82A9-AD96-4229-AD2E-3186E4DDFD67}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{54787DBD-A967-46FB-BED6-4F624E8601A8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5A7C78D4-32DD-43EE-B76D-DCA0795333A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61BEEDE4-1FF1-4D8F-A9A8-D8F6F610057A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{62D6F4B3-FCD2-46F0-98E1-6EFFE37243F5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{680010D0-438D-40AB-9C31-FF1BA27DF3A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E17D508-0117-4246-9E8A-E0180B309BC8}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{6FF48710-D60E-4938-A4CF-5BF00EDC8A4E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{71BBB0C0-3E7C-45CD-8FED-B33CE730585D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{742E9162-0469-49B3-AF0D-AC4BC9C0DCDB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78475BEB-1CDB-4CEE-A684-47191CD0E249}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{80C67BF7-1537-433C-89A8-A1AF815D0AD4}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{859DA5B1-1686-470B-8C30-E3105DB42A5B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8854119F-2C1C-4CAB-8133-C6151A312BBC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9B8FAA93-C559-4B15-A58A-BF4F155B100C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{AA8F5570-5931-488A-A676-1EBBA108BB76}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{AC228EC3-1B8F-4E3E-AB09-888F57C768DC}" = protocol=6 | dir=out | app=system |
"{AC7D552B-2571-436A-AFC4-14621E35451D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4E2C6B3-2DD9-44D9-9053-D0D9A5D50A6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B68E13BC-DE84-43B9-813A-4755921859E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BE34357C-9AE7-4DDE-944D-28B8BCCF5A16}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CFA8871C-12DD-4A35-9685-C45896D9C2F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D05C3A84-2280-42B6-AE5F-56E542A4D516}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D403CC78-D022-4BDE-84E1-4A694504B654}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D464B792-A60A-41CE-BBF9-2B81421E76E1}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{D5C2AAB7-7C78-419F-9079-BFC56683176C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DC6F38B7-B134-4661-9D02-B32780BA832B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DC6FD7C5-5C23-4FB7-A666-F485D35B5322}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2554337-6958-4387-8C0E-FFF00512E75E}" = protocol=6 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe |
"{E484DB76-08F0-4EE6-87EC-BD3836BDB17B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4AB8A94-2375-4762-BBDF-8B6EE7AAE94D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E9E7C839-0593-4C15-AD0D-D14D5E4A6BF2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB28E950-F62E-452A-A93C-4C1929061C3E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{ECE4B7B2-2B18-4230-B57C-C8E517888023}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{EE98AE5F-F0DD-4F2A-B259-0CCA6E9DF2E9}" = protocol=17 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe |
"{F0145CE3-430C-402E-BC53-E9E9E857668E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F39386CC-DD50-474A-9971-A514C3DF796F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{F6C01D38-B9DB-4D46-BAFB-80847EF7947B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F969D79D-0763-4D2E-A487-8663B764A41B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FDBE4F2A-82D4-443A-8080-F0DBC19C3050}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"TCP Query User{0800EBC8-4723-40F6-A09B-41EFC7F05FA9}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe |
"TCP Query User{239A2806-E01F-4EB7-A8C3-757D07D191F2}C:\program files (x86)\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike\hl.exe |
"TCP Query User{456A7327-1996-4118-B237-888B6BB40AF5}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"TCP Query User{4B347490-CCF9-403A-AA91-EA6EDAEF0078}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{4DAA6127-213A-4488-8A0F-E936D2449BC3}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{7516672F-41BF-4D28-A633-D061120CB9AF}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{9CF2CA1F-3743-4680-B52F-BAFF7A2E0DFB}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{A1820E9D-A4BA-4070-AAB5-EAF708049DD9}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{B97B8DB1-84A2-435E-A195-FD79C231222F}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{BC1968F0-0363-4656-BA14-0DA17504B498}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{C958B64F-E58C-4277-B1AF-8A6A34C17EDE}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{D52CAB53-DE6E-456D-A679-DD2EA19644EE}C:\users\kev\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D9AC46FF-A296-4188-94CE-54B942DE4770}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{DD695EE1-2F6D-44AB-83CC-283AB66E6F6A}C:\program files\jowood\die gilde gold-edition\gildegold.exe" = protocol=6 | dir=in | app=c:\program files\jowood\die gilde gold-edition\gildegold.exe |
"TCP Query User{E04444BD-ACA8-4691-AE57-FB5D7685AB3A}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe |
"TCP Query User{E23A0A0F-B602-45A5-BD9A-4E2D483EBB56}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E87BFAEA-C15A-4F1B-A597-81C678E0231C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{EDD87E9F-3D0C-42CC-9396-1FF606345763}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{0244E1A6-4D16-459A-A459-47635936E1C5}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{17F5EE90-85D0-4068-BEF9-8A7BA7B5F5A7}C:\program files\jowood\die gilde gold-edition\gildegold.exe" = protocol=17 | dir=in | app=c:\program files\jowood\die gilde gold-edition\gildegold.exe |
"UDP Query User{31267D8F-1B58-45BA-A102-08EA674187E6}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe |
"UDP Query User{416C0085-EB9C-4E10-AC33-21051CBBA04F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{480DF683-7974-41FE-9306-2B323EB5E207}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{612723A5-1E02-44DE-A604-08368F88C700}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{6A6466B6-B875-4D51-BF74-9B687B719536}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{70B320A2-4A4E-44F3-8DCD-D9BA4CD08E58}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe |
"UDP Query User{8B4477AB-AF9B-4A71-A5CD-627DAA0ECF45}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{986803BB-588D-4072-A79E-7B6553915AC5}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"UDP Query User{9C4EB171-C45E-4100-A6BB-636F5C3D4E0C}C:\users\kev\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe |
"UDP Query User{9D1D5AEE-BFCA-4477-B8AD-18612C5C9479}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D527B651-A1DD-4104-BDA6-E2C5697E16EB}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{D73411A3-C61E-4893-98CD-F7C186CF4E53}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{DB66DBDA-3991-4326-9D82-093883049F5D}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{F11EA530-C3D7-4CCA-A55C-BABBD1569B9E}C:\program files (x86)\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike\hl.exe |
"UDP Query User{F9CDACFD-4129-49D8-8A27-C0EDEF2D5B38}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{FD480489-688A-463C-9CDA-6FF5427C5D0F}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0CC44ABB-62F1-FDA7-02C8-DCCC2A239DDE}" = AMD Fuel
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{44E3AB6B-453B-8DAE-9777-1C48F5AB8965}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}" = User's Guides
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = AMD VISION Engine Control Center
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4150D0B5-D203-419B-9C49-9B615AF11BAF}" = Overwolf
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Locks Pro" = Locks Pro
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"c23188044ae10ee6" = Lol Account maker
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2012 09:40:49 | Computer Name = Kev-PC | Source = BugSplat | ID = 1
Description =
Error - 23.07.2012 09:42:16 | Computer Name = Kev-PC | Source = BugSplat | ID = 1
Description =
Error - 23.07.2012 11:31:30 | Computer Name = Kev-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00480038 ID des fehlerhaften
Prozesses: 0x10b8 Startzeit der fehlerhaften Anwendung: 0x01cd68dbb628c1c2 Pfad der
fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.175\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.175\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 78fa35c9-d4db-11e1-8c27-00ff01000001
Error - 24.07.2012 08:05:55 | Computer Name = Kev-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 25.07.2012 12:42:36 | Computer Name = Kev-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00480048 ID des fehlerhaften
Prozesses: 0x7f0 Startzeit der fehlerhaften Anwendung: 0x01cd6a64e5a555bd Pfad der
fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.176\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.176\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: bcebe0d1-d677-11e1-a07f-00ff01000001
Error - 25.07.2012 22:08:33 | Computer Name = Kev-PC | Source = BugSplat | ID = 1
Description =
Error - 28.07.2012 09:30:07 | Computer Name = Kev-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 30.07.2012 18:08:51 | Computer Name = Kev-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: a58 Startzeit: 01cd6e9fdae87f71 Endzeit: 1 Anwendungspfad: C:\Users\Kev\Downloads\LOLPBE(1)\LOLPBE\RADS\system\rads_user_kernel.exe
Berichts-ID:
23746baf-da93-11e1-808a-00ff01000001
Error - 30.07.2012 18:09:15 | Computer Name = Kev-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 13c Startzeit: 01cd6e9fe9059fe3 Endzeit: 1 Anwendungspfad: C:\Users\Kev\Downloads\LOLPBE(1)\LOLPBE\RADS\system\rads_user_kernel.exe
Berichts-ID:
318d1f44-da93-11e1-808a-00ff01000001
Error - 30.07.2012 18:09:42 | Computer Name = Kev-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: af4 Startzeit: 01cd6e9ff710bec3 Endzeit: 1 Anwendungspfad: C:\Users\Kev\Downloads\LOLPBE(1)\LOLPBE\RADS\system\rads_user_kernel.exe
Berichts-ID:
3c1d17a1-da93-11e1-808a-00ff01000001
Error - 02.08.2012 12:58:47 | Computer Name = Kev-PC | Source = Avira Antivirus | ID = 4122
Description = Die Datei AvShadow konnte nicht geladen werden. Fehlercode: 0x3fa
[ System Events ]
Error - 02.08.2012 12:51:53 | Computer Name = Kev-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolume1" den Befehl "chkdsk" aus.
Error - 02.08.2012 12:52:04 | Computer Name = Kev-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolume1" den Befehl "chkdsk" aus.
Error - 02.08.2012 12:52:05 | Computer Name = Kev-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolume1" den Befehl "chkdsk" aus.
Error - 02.08.2012 12:52:59 | Computer Name = Kev-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 02.08.2012 12:53:31 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 02.08.2012 12:53:37 | Computer Name = Kev-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolume1" den Befehl "chkdsk" aus.
Error - 02.08.2012 12:58:27 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 02.08.2012 12:59:48 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 02.08.2012 12:59:48 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 02.08.2012 13:00:16 | Computer Name = Kev-PC | Source = DCOM | ID = 10005
Description =
< End of report >
|
