| |
| |||||||
Log-Analyse und Auswertung: javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.08.2012, 09:27
| #1 |
| |  javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus) javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus) 1. google benutzt, finde nix brauchbares - hier im forum schon ähnliches thema http://www.trojaner-board.de/117322-...mx-starte.html -> und jetzt bin ich hier gelandet Fehlerbeschreibung hxxp://js.gmx.net/gmx/hp10/js/20120719/homepage.js: (irgendeine zahl) taucht immer auf, wenn ich auf gmx gehe.. der browser hängt sich auf, dies tut er aber nicht, wenn das adblockplus addon deaktiviert ist, aber dennoch den skriptfehler aufzeigt. fehler tritt seit geraumer zeit auf, kann leider nicht nachvollziehen, ob es mit irgendeiner installation eines addons oder ähnlichem zusammenhängt.. hier schon mal folgendes durchgeführt (lt. anderem eintrag s.o.) OTL _ OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.08.2012 09:45:50 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = F:\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,98 Gb Total Physical Memory | 12,97 Gb Available Physical Memory | 81,19% Memory free 23,96 Gb Paging File | 21,51 Gb Available in Paging File | 89,76% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,40 Gb Total Space | 31,00 Gb Free Space | 52,19% Space Free | Partition Type: NTFS Drive D: | 96,07 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 496,68 Gb Total Space | 125,17 Gb Free Space | 25,20% Space Free | Partition Type: NTFS Drive F: | 434,82 Gb Total Space | 79,05 Gb Free Space | 18,18% Space Free | Partition Type: NTFS Drive G: | 55,80 Gb Total Space | 45,45 Gb Free Space | 81,45% Space Free | Partition Type: NTFS Drive H: | 465,76 Gb Total Space | 216,11 Gb Free Space | 46,40% Space Free | Partition Type: NTFS Drive I: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: XXCCC| User Name: XXXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - F:\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Mozilla\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH) PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe () PRC - G:\Program Files (x86)\RocketDock\RocketDock.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\mozjs.dll () MOD - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\NSLDAP32V60.dll () MOD - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\NSLDAPPR32V60.dll () MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll () MOD - G:\Program Files (x86)\RocketDock\RocketDock.exe () MOD - G:\Program Files (x86)\RocketDock\RocketDock.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (Intel® PROSet Monitoring Service) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (SbieSvc) -- F:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (CLKMSVC10_C0976A51) -- F:\Programme\PowerDVD\PowerDVD9\NavFilter\kmsvc.exe (CyberLink) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (WDFME) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe () SRV - (WDSC) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe () SRV - (WDDMService) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation) DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (lvsels64) -- C:\Windows\SysNative\drivers\lvsels64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV - (SbieDrv) -- F:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D) DRV - (NTIOLib_1_0_4) -- G:\Programme (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI) DRV - (MSI_MSIBIOS_010507) -- G:\Programme (x86)\MSI\Live Update 5\msibios64_100507.sys (Your Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5B 07 CA 64 C9 76 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "IMDB" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://ecosia.org/" FF - prefs.js..keyword.URL: "https://startpage.com/do/search?q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: G:\Programme\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.12.12 10:14:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla\Mozilla Firefox\components [2012.08.02 11:07:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\components [2012.08.02 11:07:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla\Mozilla Firefox\components [2012.08.02 11:07:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Mozilla Firefox\plugins [2011.10.22 14:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Extensions [2012.08.10 09:35:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions [2012.08.01 21:12:04 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012.07.20 10:01:35 | 000,000,000 | ---D | M] (WOT) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.03.29 22:13:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.08.02 11:10:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.22 14:53:47 | 000,000,000 | ---D | M] (IE View Lite) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}(2) [2012.05.22 16:49:09 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\foxyproxy@eric.h.jung [2012.08.06 23:25:07 | 000,002,311 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\buecherde.xml [2010.04.30 08:15:20 | 000,002,354 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\ecosia.xml [2008.08.12 18:12:34 | 000,001,504 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\imdb.xml [2009.10.16 23:39:34 | 000,002,037 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\myvideo-suche-.xml [2012.08.02 10:16:29 | 000,002,325 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\startpage-ssl.xml [2009.04.30 13:40:18 | 000,004,140 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\youtube.xml [2012.07.16 10:50:21 | 000,457,304 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI [2011.04.30 16:19:00 | 000,022,573 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{987311C6-B504-4AA2-90BF-60CC49808D42}.XPI [2011.11.15 11:27:05 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI [2012.01.21 14:40:35 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011.10.19 08:56:30 | 000,026,136 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI [2012.07.20 10:01:35 | 000,038,314 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\FIREPICKER@THEDARKONE.XPI [2012.07.18 10:02:23 | 000,040,533 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\FLATBM@XULDEV.ORG.XPI [2011.10.19 07:46:40 | 000,174,405 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\GUICONFIG@SLOSD.NET.XPI [2012.08.02 10:21:56 | 000,053,072 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\YESSCRIPT@USERSTYLES.ORG.XPI [2011.08.26 17:00:28 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI O1 HOSTS File: ([2011.12.15 21:02:10 | 000,002,493 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH) O4 - HKCU..\Run: [DAEMON Tools Lite] G:\Programme (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [RocketDock] G:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CCF0B8-D70E-4F42-9DD1-5E660D426DFB}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.07.21 14:18:03 | 000,000,100 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2007.06.13 11:12:34 | 000,000,043 | RH-- | M] () - I:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{49d14881-b269-11e1-ade4-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{49d14881-b269-11e1-ade4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2011.07.20 10:40:06 | 056,337,504 | R--- | M] (Buhl Data Service GmbH ) O33 - MountPoints2\{5c6b2f0c-d093-11e1-aabe-14dae90f8613}\Shell - "" = AutoRun O33 - MountPoints2\{5c6b2f0c-d093-11e1-aabe-14dae90f8613}\Shell\AutoRun\command - "" = J:\pushinst.exe O33 - MountPoints2\{b71cf894-96d6-11e1-8104-14dae90f8613}\Shell - "" = AutoRun O33 - MountPoints2\{b71cf894-96d6-11e1-8104-14dae90f8613}\Shell\AutoRun\command - "" = I:\start.exe -- [2009.03.04 17:54:32 | 005,294,060 | R--- | M] (video2brain ) O33 - MountPoints2\{e9cfd5a9-2019-11e1-9c21-14dae90f8613}\Shell - "" = AutoRun O33 - MountPoints2\{e9cfd5a9-2019-11e1-9c21-14dae90f8613}\Shell\AutoRun\command - "" = I:\Set-up.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 90 Days ========== [2012.08.03 08:05:28 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\allrounder-j1.6_v1.4 [2012.08.03 08:04:30 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\allrounder-j1.6 [2012.08.03 08:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDiff3 [2012.08.02 11:14:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.08.02 11:14:33 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.08.02 11:14:33 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.08.02 11:14:29 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.08.02 11:14:29 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.08.02 11:12:33 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Local\Macromedia [2012.08.02 11:12:25 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.02 11:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.08.02 11:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.08.02 11:08:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.08.02 11:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.08.02 11:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012.08.02 11:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012.07.26 14:52:55 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Buhl Data Service [2012.07.26 14:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mein Verein [2012.07.26 14:51:46 | 004,361,832 | ---- | C] (RAPWare) -- C:\Windows\SysNative\RwEasyMAPI64.exe [2012.07.26 14:51:45 | 004,082,688 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\qtintf70.dll [2012.07.26 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH [2012.07.26 14:50:01 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Local\Buhl Data Service [2012.07.21 01:13:29 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AVM_Driver [2012.07.20 21:13:31 | 000,000,000 | ---D | C] -- C:\Users\XXXX\LuminanceHDR [2012.07.11 03:00:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.11 03:00:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.11 03:00:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.11 03:00:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.11 03:00:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.11 03:00:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.11 03:00:35 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.11 03:00:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.11 03:00:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.11 03:00:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.11 03:00:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.11 03:00:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.11 03:00:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.11 00:48:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.11 00:48:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.11 00:48:31 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.11 00:48:07 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.11 00:48:07 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.09 20:20:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.07.09 20:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.07.09 20:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.06.30 22:38:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.06.30 22:38:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.06.23 07:10:31 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.23 07:10:31 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.23 07:10:31 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.23 07:10:28 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.23 07:10:28 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.23 07:10:28 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.23 07:10:27 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.23 07:10:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.13 22:31:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.06.13 22:31:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.13 22:31:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.06.13 22:31:51 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.06.13 22:31:51 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.06.13 22:31:51 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.06.13 22:31:50 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012.06.13 22:31:49 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.06.13 22:31:48 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.06.13 22:31:48 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.06.09 21:24:19 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Local\Cyberlink [2012.06.09 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Documents\CyberLink [2012.06.09 21:22:31 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\CyberLink [2012.06.09 21:21:33 | 000,000,000 | ---D | C] -- C:\Temp [2012.06.09 21:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit [2012.06.09 21:20:22 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX [2012.06.09 21:20:22 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb6stkit.dll [2012.06.09 21:20:22 | 000,102,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6KO.DLL [2012.06.09 21:20:22 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wbemdisp.tlb [2012.06.09 21:20:22 | 000,016,384 | ---- | C] (BitLeader) -- C:\Windows\SysWow64\lgfwunis.exe [2012.06.09 21:19:22 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [2012.06.09 21:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [2012.06.09 21:18:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink [2012.06.09 21:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink [2012.06.09 21:17:02 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll [2012.06.09 21:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2012.06.09 21:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2012.06.09 21:02:10 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\dvdcss [2012.06.09 21:02:08 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\vlc [2012.05.17 11:12:15 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\elsterformular [2012.05.17 11:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular [2012.05.17 11:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2012.08.10 07:24:50 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.10 07:24:50 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.10 07:21:49 | 001,766,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.10 07:21:49 | 000,759,454 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.10 07:21:49 | 000,703,364 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.10 07:21:49 | 000,169,072 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.10 07:21:49 | 000,137,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.10 07:17:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.08 17:08:11 | 000,101,868 | ---- | M] () -- C:\Users\XXXX\Desktop\swastika-film-proteger-servir.JPG [2012.08.06 15:18:37 | 000,071,190 | ---- | M] () -- C:\Users\XXXX\Desktop\Unbenannt.JPG [2012.08.05 21:54:44 | 001,859,003 | ---- | M] () -- C:\Users\XXXX\Desktop\20120805_INGDiBa_Fest.PDF [2012.08.03 13:16:39 | 000,002,267 | ---- | M] () -- C:\Users\XXXX\.kdiff3rc [2012.08.03 09:20:56 | 000,000,600 | ---- | M] () -- C:\Users\XXXX\AppData\Local\PUTTY.RND [2012.08.02 13:33:03 | 000,001,948 | ---- | M] () -- C:\Windows\Sandboxie.ini [2012.08.02 11:14:26 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.08.02 11:14:26 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.08.02 11:14:26 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.08.02 11:14:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.08.02 11:14:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.08.02 11:12:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.02 11:12:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.07.26 19:35:54 | 000,000,132 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.07.22 08:41:12 | 004,858,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.20 22:23:57 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.07.20 22:23:57 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.07.20 22:23:36 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.07.09 13:49:55 | 000,001,456 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.06.16 09:15:50 | 000,001,106 | ---- | M] () -- C:\Users\XXXX\Desktop\ED - AGFA II - Verknüpfung.lnk [2012.06.16 09:15:46 | 000,001,030 | ---- | M] () -- C:\Users\XXXX\Desktop\KW - Verknüpfung.lnk [2012.06.10 07:17:54 | 000,000,334 | ---- | M] () -- C:\Windows\lgfwup.ini [2012.06.09 21:41:38 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll [2012.06.09 21:22:28 | 000,016,384 | ---- | M] (BitLeader) -- C:\Windows\SysWow64\lgfwunis.exe [2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.02 14:12:17 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.06.02 14:04:50 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.06.02 14:04:25 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.06.02 14:01:40 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.06.02 14:00:33 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.06.02 13:57:36 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.06.02 13:54:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.06.02 10:25:03 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.06.02 10:23:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.06.02 10:20:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.06.02 10:19:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.06.02 10:17:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.06.02 10:14:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.06.02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.05.26 06:45:18 | 000,007,597 | ---- | M] () -- C:\Users\XXXX\AppData\Local\resmon.resmoncfg [2012.05.17 17:44:17 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.05.14 17:10:23 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\InstallationInfs [2012.05.14 17:10:09 | 000,139,360 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys [2012.05.14 17:10:09 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.14 17:10:09 | 000,114,128 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys [2012.05.14 17:10:09 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.08 17:07:33 | 000,101,868 | ---- | C] () -- C:\Users\XXXX\Desktop\swastika-film-proteger-servir.JPG [2012.08.06 15:18:37 | 000,071,190 | ---- | C] () -- C:\Users\XXXX\Desktop\Unbenannt.JPG [2012.08.05 21:48:12 | 001,859,003 | ---- | C] () -- C:\Users\XXXX\Desktop\20120805_INGDiBa_Fest.PDF [2012.08.03 13:16:39 | 000,002,267 | ---- | C] () -- C:\Users\XXXX\.kdiff3rc [2012.07.26 19:13:48 | 000,446,801 | ---- | C] () -- C:\Users\XXXX\Desktop\make your own.psd [2012.07.22 08:41:03 | 004,858,568 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.16 09:15:50 | 000,001,106 | ---- | C] () -- C:\Users\XXXX\Desktop\ED - AGFA II - Verknüpfung.lnk [2012.06.16 09:15:46 | 000,001,030 | ---- | C] () -- C:\Users\XXXX\Desktop\KW - Verknüpfung.lnk [2012.06.09 21:20:25 | 000,000,334 | ---- | C] () -- C:\Windows\lgfwup.ini [2012.05.26 06:43:54 | 000,007,597 | ---- | C] () -- C:\Users\XXXX\AppData\Local\resmon.resmoncfg [2012.05.14 17:10:22 | 000,000,040 | ---- | C] () -- C:\Windows\SysNative\InstallationInfs [2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.01.04 13:32:23 | 000,000,132 | ---- | C] () -- C:\Users\XXXX\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011.12.13 13:15:36 | 000,001,456 | ---- | C] () -- C:\Users\XXXX\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2011.12.13 12:53:44 | 000,000,132 | ---- | C] () -- C:\Users\XXXX\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.12.11 07:49:43 | 000,001,948 | ---- | C] () -- C:\Windows\Sandboxie.ini [2011.11.16 10:26:06 | 000,000,600 | ---- | C] () -- C:\Users\XXXX\AppData\Local\PUTTY.RND [2011.10.13 08:21:48 | 000,000,218 | ---- | C] () -- C:\Users\XXXX\.recently-used.xbel [2011.09.22 12:29:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.09.22 12:29:21 | 000,282,296 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.09.22 12:29:21 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.09.21 18:29:46 | 001,626,780 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.21 18:20:40 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.09.21 18:20:40 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.09.21 18:17:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.09.21 18:17:36 | 000,030,663 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.08.31 19:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.08.31 19:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.08.31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll < End of report > OTL_Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.08.2012 09:45:50 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = F:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,98 Gb Total Physical Memory | 12,97 Gb Available Physical Memory | 81,19% Memory free
23,96 Gb Paging File | 21,51 Gb Available in Paging File | 89,76% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,40 Gb Total Space | 31,00 Gb Free Space | 52,19% Space Free | Partition Type: NTFS
Drive D: | 96,07 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 496,68 Gb Total Space | 125,17 Gb Free Space | 25,20% Space Free | Partition Type: NTFS
Drive F: | 434,82 Gb Total Space | 79,05 Gb Free Space | 18,18% Space Free | Partition Type: NTFS
Drive G: | 55,80 Gb Total Space | 45,45 Gb Free Space | 81,45% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 216,11 Gb Free Space | 46,40% Space Free | Partition Type: NTFS
Drive I: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: XXCCC | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- Reg Error: Value error. File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = jsfile] -- Reg Error: Value error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- G:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- G:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7E724204-B166-44E5-A165-946D6219E2B6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A05551FA-52CD-48CA-A287-9F8467578641}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17212989-5B10-499E-8701-54B8C45D26DD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{23310062-34F9-4B1C-8F35-D2213DD71CC4}" = dir=in | app=f:\programme\powerdvd\powerdvd9\powerdvd9.exe |
"{336A987C-1F95-4E63-8240-DA4CC4CC989E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{34BB9AA1-7FE2-430F-8529-543FB690193A}" = protocol=17 | dir=in | app=c:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe |
"{36DEBBD0-9EBF-46FA-AEBD-D515F249EE32}" = dir=in | app=f:\programme\powerdvd\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{3E17A32B-0F6C-4718-A376-41304C9A6138}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3F15D000-8F14-42D4-ABB2-CFFC414CC802}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{45E70AF0-FCE5-4E89-A07B-5EEEB9B42034}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{74ABFFC6-3AF5-4086-8CAA-93F19A482D84}" = protocol=6 | dir=in | app=c:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe |
"{79AABC6A-FA13-4CE6-A2C2-685C710044A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{833E6A20-8954-4823-BBAD-A2F0132E32D1}" = protocol=17 | dir=in | app=f:\spiele\bf\bc\bfbc2updater.exe |
"{8495BD01-9231-4146-9A7A-67C166E82F79}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B367F5ED-9D76-4ED2-B24B-EC35345362D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DDDAA265-CE9B-48BE-A6A1-8FB431C07538}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{E272CA11-1E34-4F01-B4B7-C3D992B44388}" = protocol=6 | dir=in | app=f:\spiele\bf\bc\bfbc2updater.exe |
"{F3B47F7F-30E4-4B68-BA28-C169FCBFBDAF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{F6FF0691-4C74-4F60-AE8A-A42B55474E86}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802" = CanoScan LiDE 600F
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6F482C75-174D-42EB-A2CF-B00A1F354F7B}" = WD SmartWare
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 15.6.25.0
"Sandboxie" = Sandboxie 3.62 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 5.10
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.8.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1" = Mein Verein
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Programm für die Prozessorerkennung
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech-Webkamera-Treiber
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP2" = AIMP2
"Avira AntiVir Desktop" = Avira Internet Security 2012
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"FileZilla Client" = FileZilla Client 3.5.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"IrfanView" = IrfanView (remove only)
"KDiff3" = KDiff3 (remove only)
"MagniDriver" = marvell 91xx driver
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"RocketDock_is1" = RocketDock 1.3.5
"SumatraPDF" = SumatraPDF
"TeamViewer 6" = TeamViewer 6
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.08.2012 15:13:54 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1104 Startzeit:
01cd7019a1b76635 Endzeit: 31 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: fce767cd-dc0c-11e1-9e73-14dae90f8613
Error - 01.08.2012 16:05:45 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10a8 Startzeit:
01cd7020a97d005a Endzeit: 62 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: 3d1ef422-dc14-11e1-ab31-14dae90f8613
Error - 02.08.2012 04:05:58 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2b4 Startzeit:
01cd7085592f6e07 Endzeit: 31 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: dab904e9-dc78-11e1-ab31-14dae90f8613
Error - 02.08.2012 05:25:38 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 488 Startzeit:
01cd709071cf272e Endzeit: 47 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: fb5f3078-dc83-11e1-8658-14dae90f8613
Error - 03.08.2012 01:22:25 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 04.08.2012 02:39:53 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 05.08.2012 03:49:17 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.08.2012 01:00:50 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.08.2012 18:42:23 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e08 Startzeit:
01cd740ab25d26c0 Endzeit: 57 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: ef8e23f1-e017-11e1-be3a-14dae90f8613
Error - 08.08.2012 01:26:23 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 02.06.2012 14:36:52 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:37:31 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:37:32 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:37:43 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:38:30 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:11 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:12 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:15 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:18 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:27 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report >
CCleaner_ install.txt (installierte Programme) HTML-Code: 7-Zip 9.20 (x64 edition) Igor Pavlov 21.09.2011 4,53MB 9.20.00.0 Adobe AIR Adobe Systems Inc. 12.12.2011 1.5.3.9120 Adobe Community Help Adobe Systems Incorporated 12.12.2011 3.0.0.400 Adobe Creative Suite 5 Master Collection Adobe Systems Incorporated 12.12.2011 8,10GB 5.0 Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 12.12.2011 2,42MB 10.1.52.14 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 02.08.2012 6,00MB 11.3.300.268 Adobe Media Player Adobe Systems Incorporated 12.12.2011 1.8 AIMP2 AIMP DevTeam 21.09.2011 Apple Application Support Apple Inc. 02.08.2012 61,0MB 2.1.7 Apple Software Update Apple Inc. 08.01.2012 2,38MB 2.1.3.127 Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia Technology 21.09.2011 2,12MB 1.4.5.0 Avira Internet Security 2012 Avira 05.08.2012 111MB 12.0.0.1128 Battlefield: Bad Company™ 2 Electronic Arts 22.09.2011 5,72GB 1.0.0.0 Canon CanoScan Toolbox 5.0 22.09.2011 Canon iP4800 series Printer Driver 21.09.2011 CanoScan LiDE 600F 22.09.2011 CCleaner Piriform 22.06.2012 3.20 CyberLink Blu-ray Disc Suite CyberLink Corp. 09.06.2012 16,5MB 6.0.3226 CyberLink PowerDVD 9 CyberLink Corp. 09.06.2012 192MB 9.0.4322.52 CyberLink PowerProducer CyberLink Corp. 09.06.2012 165MB 5.0.1.1520 DAEMON Tools Lite DT Soft Ltd 05.05.2012 4.45.4.0315 Dropbox Dropbox, Inc. 14.06.2012 1.4.8 ElsterFormular Landesfinanzdirektion Thüringen 17.05.2012 160MB 13.2.0.8623p FileZilla Client 3.5.3 FileZilla Project 11.01.2012 16,5MB 3.5.3 Intel(R) Network Connections 15.6.25.0 Intel 21.09.2011 14,4MB 15.6.25.0 Intel(R) Processor Graphics Intel Corporation 28.09.2011 8.15.10.2372 Intel(R) Programm für die Prozessorerkennung Intel Corporation 13.11.2011 4,64MB 4.40.0000 IrfanView (remove only) Irfan Skiljan 19.11.2011 1,50MB 4.30 Java(TM) 6 Update 31 Oracle 08.03.2012 95,1MB 6.0.310 Java(TM) 7 Update 5 Oracle 02.08.2012 101MB 7.0.50 JDownloader 0.9 AppWork GmbH 20.11.2011 0.9 KDiff3 (remove only) 03.08.2012 LG Tool Kit 09.06.2012 9.01.1124.01 Live Update 5 MSI 07.05.2012 28,5MB 5.0.081 Logitech High Quality Video 25.09.2011 Logitech-Webkamera-Treiber Logitech Inc. 03.07.2012 2.0 marvell 91xx driver Marvell 21.09.2011 1.0.0.1045 Mein Verein Buhl Data Service GmbH 26.07.2012 245MB 13.0 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 21.09.2011 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 21.09.2011 2,93MB 4.0.30319 Microsoft Silverlight Microsoft Corporation 02.08.2012 50,6MB 5.1.10411.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 10.05.2012 1,69MB 3.1.0000 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 10.05.2012 298KB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 30.12.2011 246KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 21.09.2011 786KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 10.05.2012 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 21.09.2011 596KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 10.05.2012 600KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 10.05.2012 15,2MB 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 10.05.2012 16,5MB 10.0.40219 MozBackup 1.5.1 Pavel Cvrcek 22.10.2011 Mozilla Firefox 14.0.1 (x86 de) Mozilla 18.07.2012 36,3MB 14.0.1 Mozilla Maintenance Service Mozilla 18.07.2012 309KB 14.0.1 Mozilla Thunderbird 14.0 (x86 de) Mozilla 18.07.2012 39,4MB 14.0 NVIDIA Grafiktreiber 296.10 NVIDIA Corporation 07.05.2012 296.10 NVIDIA HD-Audiotreiber 1.3.12.0 NVIDIA Corporation 07.05.2012 1.3.12.0 NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Corporation 16.03.2012 9.12.0213 OpenOffice.org 3.3 OpenOffice.org 21.09.2011 414MB 3.3.9567 PDF Settings CS5 21.09.2011 PDF24 Creator 3.8.0 PDF24.org 17.11.2011 33,5MB PunkBuster Services Even Balance, Inc. 22.09.2011 0.988 QuickTime Apple Inc. 02.08.2012 73,2MB 7.72.80.56 Rainmeter 13.10.2011 2.1 r959 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 21.09.2011 6.0.1.6251 ROCCAT Kone[+] Mouse Driver Roccat GmbH 03.12.2011 13,0MB RocketDock 1.3.5 Punk Software 13.10.2011 Samsung_MonSetup Samsung 30.12.2011 1.00.0000 Sandboxie 3.62 (64-bit) SANDBOXIE L.T.D 11.12.2011 3.62 Skype™ 5.10 Skype Technologies S.A. 09.07.2012 19,1MB 5.10.115 SumatraPDF Krzysztof Kowalczyk 21.09.2011 8,85MB 1.8 TeamViewer 6 TeamViewer GmbH 21.09.2011 6.0.11117 VLC media player 2.0.3 VideoLAN 02.08.2012 2.0.3 WD SmartWare Western Digital 22.09.2011 39,6MB 1.4.1.1 Windows Live Essentials Microsoft Corporation 10.05.2012 15.4.3555.0308 Windows Media Player Firefox Plugin Microsoft Corp 10.10.2011 600KB 1.0.0.8 HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:22:05, on 10.08.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: G:\Program Files (x86)\RocketDock\RocketDock.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe F:\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [RocketDock] "G:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Programme (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'DefaultAppPool') O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'DefaultAppPool') O4 - Global Startup: Rainmeter.lnk = G:\Programme\Rainmeter\Rainmeter.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira Email Schutz (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Browser Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: CyberLink Product - 2012/06/09 21:42:06 (CLKMSVC10_C0976A51) - CyberLink - F:\Programme\PowerDVD\PowerDVD9\NavFilter\kmsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - F:\Programme\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 8712 bytes hab jetzt auch das ergebnis der Malwarebytes analyse HTML-Code: Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.10.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 XXXX:: XXCCC[Administrator] 10.08.2012 12:56:04 mbam-log-2012-08-10 (13-49-37).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 655364 Laufzeit: 51 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) seltsamerweise hat beim ablaufen des Malwarebytes auch der avira was gefunden HTML-Code: Die Datei 'C:\Users\ZaphodB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\79d59b9b-41388eea' enthielt einen Virus oder unerwünschtes Programm 'JAVA/Dldr.Lamar.DW' [virus]. Durchgeführte Aktion(en): Die Datei wurde erfolgreich überschrieben! Die Datei wurde gelöscht. keinerlei änderungen.. gmx.. nach wie vor.. javascriptfehler.. wie beschrieben.. den fehler gibts nur im firefox andere browser ohne diesen javascriptfehler internet explorer -> keine ahnung, woran das liegt.. habe bereits alle addons und sonstige erweiterungen im firefox beendet und wieder gestartet herunter- und hochgefahren  u.v.m.hoffe hier auf den ein oder anderen tipp.. wie ich das problem gelöst bekomme |
|
12.08.2012, 09:52
| #2 |
| | Virus? GMX - Seite Javascriptfehler?? mist, kann mir scheinbar auch niemand weiterhelfen hier.
__________________ |
|
31.12.2012, 22:37
| #3 |
| | javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus) alles gelöscht und neu aufgespielt - fehler weg
__________________ |
|
| Themen zu javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus) |
| 7-zip, antivir, autorun, avira, bho, browser, browser hängt, canon, desktop, email, error, erweiterungen, fehler, firefox, flash player, format, google, hängt, install.exe, installation, jdownloader, langs, logfile, monitor.exe, mp3, plug-in, problem gelöst, realtek, registry, richtlinie, rundll, scan, schutz, security, software, usb 3.0, windows |
Linear-Darstellung
