| |
| |||||||
Alles rund um Windows: Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirktWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
20.02.2011, 15:43
| #1 |
| |  Problem: Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt Hallo, seit einigen Tagen läuft mein Firefox 3.6.13 unter Windows 7 64 Bit quälend langsam. Andere Browser sind nicht betroffen. Nachdem hier die ersten 6 Schritte durchprobiert habe: hxxp://www.firefox-browser.de/wiki/Problemdiagnose#Schritt_7:_firefox.exe_umbenennen hat der letzte Tip, firefox.exe umbenennen gewirkt. So gestartet ist Firefox gewohnt schnell. Jetzt meine Frage nach der Ursache: Malwarebytes, AdAware, Spybot S&D, Avira Antivir haben keinerlei Schadsoftware gefunden. Jemand eine Idee woran es liegen könnte? Ich möchte aus zeitlichen Gründen eine komplette Neuinstallation von Windows soweit wie möglich vermeiden... vielen Dank hier noch meine logauszüge laut anleitung: Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 5818 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.02.2011 15:56:07 mbam-log-2011-02-20 (15-56-07).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 174715 Laufzeit: 1 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~OTL Logfile: Code:
ATTFilter OTL logfile created on: 20.02.2011 15:57:40 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = F:\Desktop\MFTools 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): d:\pagefile.sys 5839 5839 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,53 Gb Total Space | 20,50 Gb Free Space | 34,44% Space Free | Partition Type: NTFS Drive D: | 8,01 Gb Total Space | 2,23 Gb Free Space | 27,91% Space Free | Partition Type: NTFS Drive E: | 1074,22 Gb Total Space | 545,50 Gb Free Space | 50,78% Space Free | Partition Type: NTFS Drive F: | 780,78 Gb Total Space | 254,07 Gb Free Space | 32,54% Space Free | Partition Type: NTFS Computer Name: UNREAL | User Name: axel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.20 15:49:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- F:\Desktop\MFTools\OTL.exe PRC - [2011.02.10 04:14:59 | 000,994,872 | ---- | M] (Google Inc.) -- C:\Users\axel\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2011.01.27 19:14:09 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Programme\CrashPlan\CrashPlanTray.exe PRC - [2010.12.11 13:31:17 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.08 20:54:18 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.08 20:54:18 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010.07.29 12:19:46 | 000,394,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Net\DTNetSrv.exe PRC - [2010.01.30 13:29:16 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.5\bin\statuscached.exe PRC - [2009.10.06 11:57:24 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\OpenMceIrService\OpenMceIrServiceX64.exe PRC - [2009.09.28 22:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\Apache2.2\bin\httpd.exe PRC - [2009.06.18 18:29:16 | 000,960,568 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2009.06.18 18:23:52 | 000,377,248 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2009.06.18 18:04:10 | 004,355,512 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008.01.08 02:05:08 | 000,049,152 | ---- | M] () -- F:\DProgs\MustHaves\googletalk-alwaysidle\gidle.exe PRC - [2007.04.09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe PRC - [2007.01.01 22:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\axel\AppData\Roaming\Google\Google Talk\googletalk.exe PRC - [2005.08.08 19:37:54 | 001,652,224 | ---- | M] (Steffen Schirmer) -- C:\Program Files (x86)\MiriServer\MiriServer.exe ========== Modules (SafeList) ========== MOD - [2011.02.20 15:49:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- F:\Desktop\MFTools\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010.01.30 13:29:16 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.5\lib\shellext32.dll MOD - [2009.07.14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009.07.14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009.07.14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009.07.14 02:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2009.07.14 02:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2006.02.28 12:42:30 | 000,094,208 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.01.27 19:15:46 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService) SRV - [2010.12.11 13:31:17 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.11.08 20:54:18 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.07.29 12:19:46 | 000,394,560 | ---- | M] (DT Soft Ltd) [Auto | Running] -- C:\Program Files (x86)\DAEMON Tools Net\DTNetSrv.exe -- (DTNetService) SRV - [2010.04.02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.30 13:29:16 | 000,216,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SmartSVN 6.5\bin\statuscached.exe -- (statuscached) SRV - [2010.01.23 18:00:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.01.05 18:34:50 | 002,130,944 | ---- | M] (South River Technologies, LLC) [Auto | Running] -- C:\Programme\WebDrive\wdService.exe -- (WebDriveService) SRV - [2009.12.16 21:53:34 | 007,618,048 | ---- | M] () [Auto | Running] -- C:\MySQL\bin\mysqld.exe -- (MySQL) SRV - [2009.10.06 11:57:24 | 000,192,000 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenMceIrService\OpenMceIrServiceX64.exe -- (OpenMceIrService) SRV - [2009.09.28 22:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Apache2.2\bin\httpd.exe -- (Apache2.2) SRV - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009.06.18 18:25:30 | 000,828,864 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.01.18 17:05:48 | 000,154,256 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010.11.24 09:55:42 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010.11.12 12:53:20 | 012,252,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.11.08 16:06:40 | 000,066,552 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozy.sys -- (mozyFilter) DRV:64bit: - [2010.09.29 12:02:30 | 000,314,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R) DRV:64bit: - [2010.07.31 11:57:51 | 000,502,256 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010.07.20 17:14:33 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2010.07.12 14:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2010.07.12 14:48:50 | 000,085,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010.01.26 20:37:42 | 001,462,304 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm228.sys -- (tdrpman228) Acronis Try&Decide and Restore Points filter (build 228) DRV:64bit: - [2010.01.26 20:37:41 | 000,880,160 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2010.01.26 20:37:41 | 000,222,240 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2010.01.26 20:37:41 | 000,083,488 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter) DRV:64bit: - [2009.11.27 05:15:14 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2009.08.24 09:14:30 | 000,054,784 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\azvusb.sys -- (azvusb) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007.12.04 22:07:54 | 000,630,528 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700) DRV:64bit: - [2007.10.11 10:40:00 | 000,027,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MosIrUsb.sys -- (MosIrUsb) DRV:64bit: - [2007.07.13 19:22:56 | 000,024,200 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC) DRV:64bit: - [2007.04.12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL) DRV:64bit: - [2007.04.10 06:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2007.04.10 04:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k) DRV:64bit: - [2007.04.10 04:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k) DRV:64bit: - [2007.04.10 04:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k) DRV:64bit: - [2007.04.10 04:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2007.04.10 04:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2007.04.10 04:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2007.04.10 04:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2007.04.10 04:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV:64bit: - [2007.04.10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV:64bit: - [2007.04.10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL) DRV:64bit: - [2007.04.10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV:64bit: - [2007.04.10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV:64bit: - [2007.04.10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV:64bit: - [2007.04.10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL) DRV:64bit: - [2007.04.10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV:64bit: - [2007.04.10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV:64bit: - [2007.04.10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL) DRV:64bit: - [2007.04.10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL) DRV:64bit: - [2005.12.14 00:53:42 | 000,007,808 | ---- | M] (GretagMacbeth LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\i1display_x64.sys -- (EyeOneDisplay) DRV - [2010.01.05 18:34:50 | 000,180,312 | ---- | M] () [File_System | Auto | Running] -- C:\Programme\WebDrive\wdfsd.sys -- (WebDriveFSD) DRV - [2008.01.21 17:43:42 | 000,036,368 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\hotcore3.sys -- (hotcore3) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ORF TVthek: Startseite - Aktuelle Empfehlungen, Themen, Sendungen und Beiträge IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.20 01:15:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.20 01:14:21 | 000,000,000 | ---D | M] [2011.02.20 01:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\axel\AppData\Roaming\mozilla\Extensions [2011.02.20 13:49:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\axel\AppData\Roaming\mozilla\Firefox\Profiles\ucfpxspn.default\extensions [2011.02.20 13:49:43 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\axel\AppData\Roaming\mozilla\Firefox\Profiles\ucfpxspn.default\extensions\firebug@software.joehewitt.com [2011.02.20 01:14:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.01.24 02:21:39 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES (X86)\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.02.19 16:21:37 | 000,001,859 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.southrivertech.com O1 - Hosts: 127.0.0.1 sfproject.localhost O1 - Hosts: 127.0.0.1 sftestproject.localhost O1 - Hosts: 127.0.0.1 oewmR10.localhost O1 - Hosts: 127.0.0.1 tin.localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - File not found O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - File not found O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AsioReg] File not found O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [googletalk] C:\Users\axel\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) O4 - HKCU..\Run: [MiriServAutoStart] C:\Program Files (x86)\MiriServer\MiriServer.exe (Steffen Schirmer) O4 - Startup: C:\Users\axel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () O4 - Startup: C:\Users\axel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gidle.exe - Verknüpfung.lnk = F:\DProgs\MustHaves\googletalk-alwaysidle\gidle.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{335cf50e-083f-11df-b6e9-00270e05327d}\Shell - "" = AutoRun O33 - MountPoints2\{335cf50e-083f-11df-b6e9-00270e05327d}\Shell\AutoRun\command - "" = H:\Adobe_CS3\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk - C:\Apache2.2\bin\ApacheMonitor.exe - (Apache Software Foundation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartSVN 6.5 (background).lnk - - File not found MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - C:\PROGRA~2\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Argus Monitor - hkey= - key= - File not found MsConfig:64bit - StartUpReg: ContentTransferWMDetector.exe - hkey= - key= - C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DivX Download Manager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\axel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - File not found MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: Reader Library Launcher - hkey= - key= - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig:64bit - StartUpReg: uTorrent - hkey= - key= - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) MsConfig:64bit - StartUpReg: WebDriveTray - hkey= - key= - C:\Program Files\WebDrive\webdrive.exe (South River Technologies, LLC) MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2011.02.20 15:54:23 | 000,000,000 | ---D | C] -- F:\Desktop\reg-backup [2011.02.20 15:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2011.02.20 15:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2011.02.20 15:44:56 | 000,000,000 | ---D | C] -- F:\Desktop\MFTools [2011.02.20 15:13:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.02.20 15:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.20 15:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.02.20 13:45:53 | 000,000,000 | ---D | C] -- F:\Desktop\test [2011.02.20 13:42:40 | 000,000,000 | ---D | C] -- F:\Desktop\101ND300 [2011.02.20 01:14:24 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Roaming\Mozilla [2011.02.20 01:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.02.20 01:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.02.18 01:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.02.17 22:46:10 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011.02.17 22:45:36 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Local\Sunbelt Software [2011.02.17 22:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011.02.16 01:39:25 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Local\{469F0E62-1C7E-49D4-B60B-14FF0BFD4F0A} [2011.02.16 01:39:12 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Roaming\Windows Live Writer [2011.02.16 01:39:12 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Local\Windows Live Writer [2011.02.16 01:37:46 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live [2011.02.11 00:56:19 | 000,000,000 | ---D | C] -- F:\Desktop\beran [2011.02.11 00:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011.02.09 14:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Girder 5 [2011.02.09 13:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Promixis [2011.02.08 22:53:04 | 000,066,552 | ---- | C] (Mozy, Inc.) -- C:\Windows\SysNative\drivers\mozy.sys [2011.02.08 20:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweetDeck [2011.02.08 15:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subversion [2011.02.08 15:06:34 | 000,000,000 | ---D | C] -- C:\Programme\SlikSvn [2011.02.08 13:39:16 | 000,000,000 | ---D | C] -- C:\Users\axel\.VirtualBox [2011.02.04 01:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.02.02 14:49:49 | 000,000,000 | ---D | C] -- C:\Programme\CrashPlan [2011.02.02 14:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrashPlan [2011.02.02 14:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CrashPlan [2011.02.02 14:46:03 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Roaming\CrashPlan [2011.02.02 12:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP [2011.02.02 12:37:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP [2011.02.02 11:55:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011.01.30 18:52:46 | 000,000,000 | ---D | C] -- C:\Users\axel\AppData\Local\{9C8129F0-D132-4C33-9386-9F1801EEE1C5} [2011.01.28 14:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.01.24 20:52:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Professional 10 Trial [2007.04.09 12:32:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll ========== Files - Modified Within 30 Days ========== [2011.02.20 15:54:02 | 000,001,108 | ---- | M] () -- C:\Users\axel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011.02.20 15:52:56 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.20 15:52:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.20 15:52:15 | 3061,809,152 | -HS- | M] () -- C:\hiberfil.sys [2011.02.20 15:51:36 | 000,034,416 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000000-00001102-00000004-20011102}.rfx [2011.02.20 15:51:36 | 000,034,416 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000000-00001102-00000004-20011102}.rfx [2011.02.20 15:51:36 | 000,030,168 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000003-00000000-00000000-00001102-00000004-20011102}.rfx [2011.02.20 15:51:36 | 000,030,168 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000004-20011102}.rfx [2011.02.20 15:51:36 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000000-00001102-00000004-20011102}.rfx [2011.02.20 15:51:34 | 000,006,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.20 15:51:34 | 000,006,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.20 15:33:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.20 15:17:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1018911637-695245808-224086101-1000UA.job [2011.02.20 15:13:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.20 14:55:32 | 000,006,004 | ---- | M] () -- C:\Windows\mozy.blk [2011.02.20 14:55:32 | 000,001,080 | ---- | M] () -- C:\Windows\mozy.flt [2011.02.20 01:15:24 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2011.02.20 01:14:23 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.02.20 00:17:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1018911637-695245808-224086101-1000Core.job [2011.02.19 17:47:11 | 000,001,126 | ---- | M] () -- F:\Desktop\Spybot - Search & Destroy.lnk [2011.02.18 14:15:07 | 000,000,130 | ---- | M] () -- F:\Desktop\Sporadically slow DNS in FF only under Win7 64-bit • mozillaZine Forums.url [2011.02.18 13:52:45 | 000,000,600 | ---- | M] () -- C:\Users\axel\PUTTY.RND [2011.02.18 01:50:01 | 000,000,308 | ---- | M] () -- C:\Windows\Brownie.ini [2011.02.17 22:46:10 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011.02.17 22:34:16 | 000,000,917 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2011.02.13 13:39:44 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2011.02.12 22:25:21 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\WsmSvc32.dll [2011.02.10 03:19:30 | 002,282,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.02.04 01:07:03 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.02.03 17:05:08 | 000,000,600 | ---- | M] () -- C:\Users\axel\AppData\Local\PUTTY.RND [2011.02.02 14:49:55 | 000,001,845 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2011.02.02 12:39:34 | 000,000,600 | ---- | M] () -- C:\Users\axel\AppData\Roaming\winscp.rnd ========== Files Created - No Company Name ========== [2011.02.20 15:54:02 | 000,001,108 | ---- | C] () -- C:\Users\axel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011.02.20 15:13:42 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.20 01:15:24 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.02.20 01:14:23 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.02.19 17:47:11 | 000,001,126 | ---- | C] () -- F:\Desktop\Spybot - Search & Destroy.lnk [2011.02.18 14:15:07 | 000,000,130 | ---- | C] () -- F:\Desktop\Sporadically slow DNS in FF only under Win7 64-bit • mozillaZine Forums.url [2011.02.16 01:38:08 | 000,001,462 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011.02.12 22:25:21 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\WsmSvc32.dll [2011.02.11 00:51:27 | 000,001,235 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.lnk [2011.02.11 00:50:31 | 000,001,357 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011.02.11 00:50:28 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011.02.11 00:50:22 | 000,001,266 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2011.02.11 00:49:53 | 000,001,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011.02.03 17:05:08 | 000,000,600 | ---- | C] () -- C:\Users\axel\AppData\Local\PUTTY.RND [2011.02.02 14:49:55 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2011.02.02 12:37:36 | 000,000,600 | ---- | C] () -- C:\Users\axel\AppData\Roaming\winscp.rnd [2011.01.05 14:36:58 | 000,000,037 | ---- | C] () -- C:\Windows\coolmp3.ini [2011.01.05 14:36:58 | 000,000,000 | ---- | C] () -- C:\Windows\COOLSYS.INI [2011.01.05 14:36:42 | 000,010,677 | ---- | C] () -- C:\Windows\coolkb2k.ini [2011.01.05 14:35:35 | 000,005,438 | ---- | C] () -- C:\Windows\COOL.INI [2011.01.05 00:38:57 | 000,007,680 | ---- | C] () -- C:\Users\axel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.22 22:12:34 | 000,000,029 | ---- | C] () -- C:\Windows\wordpad.ini [2010.12.22 22:12:25 | 000,000,029 | ---- | C] () -- C:\Windows\winzip32.ini [2010.12.08 00:32:58 | 004,244,744 | ---- | C] () -- C:\Windows\SysWow64\qtp-mt334.dll [2010.12.08 00:32:58 | 000,247,560 | ---- | C] () -- C:\Windows\SysWow64\prgiso.dll [2010.12.08 00:32:58 | 000,013,576 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll [2010.11.26 00:55:57 | 000,007,598 | ---- | C] () -- C:\Users\axel\AppData\Local\resmon.resmoncfg [2010.01.31 13:32:17 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor64.INI [2010.01.28 01:24:28 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2010.01.26 16:03:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.01.26 11:58:28 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2030.INI [2010.01.26 11:58:28 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2010.01.26 11:58:28 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini [2010.01.26 11:58:28 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2010.01.26 11:58:16 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.01.26 11:58:07 | 000,000,308 | ---- | C] () -- C:\Windows\Brownie.ini [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.02.05 13:28:20 | 000,000,051 | ---- | C] () -- C:\Users\axel\AppData\Local\setup.txt [2007.09.06 01:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll [2007.08.23 17:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2007.04.12 08:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\SysWow64\APOMgrH.dll [2007.04.09 12:55:14 | 000,097,785 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini [2007.04.09 12:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [2007.04.09 12:33:50 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CTBurst.dll [2006.10.02 09:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\SysWow64\kill.ini [2006.07.16 01:35:24 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\d3622e24.dll [2006.07.16 01:35:24 | 000,008,704 | ---- | C] () -- C:\Windows\SysWow64\87348538.dll [2006.07.16 01:35:23 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\cba97eb3.dll [2005.06.16 10:17:16 | 000,071,680 | ---- | C] () -- C:\Windows\SysWow64\ctmmactl.dll [2004.09.16 21:24:26 | 003,375,104 | ---- | C] () -- C:\Windows\SysWow64\qt-mt331.dll ========== LOP Check ========== [2010.05.12 23:32:11 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Acronis [2010.07.17 00:02:26 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\albumart [2010.03.20 13:14:50 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Alien Skin [2010.02.15 01:03:31 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Auto FX Software [2011.01.18 23:45:30 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\calibre [2010.07.13 22:09:32 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Canneverbe Limited [2011.02.02 14:49:54 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\CrashPlan [2010.01.23 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\DAEMON Tools Lite [2010.07.31 12:04:31 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\DAEMON Tools Net [2010.05.10 10:22:40 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\DBDesigner4 [2010.07.13 21:49:24 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\DeepBurner [2011.02.09 13:21:51 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\FileZilla [2010.09.08 12:34:04 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\FireShot [2010.10.13 13:15:15 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Inventic [2010.04.10 23:51:41 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\IrfanView [2010.09.19 22:13:27 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Local [2010.06.27 14:00:42 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Mp3tag [2011.01.05 14:48:42 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\muvee Technologies [2010.10.13 13:15:16 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\OrmDesignerCore [2010.07.24 21:15:00 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Promixis [2011.01.11 18:03:22 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\SecondLife [2010.12.22 22:09:55 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Spesoft Audio Converter [2011.02.08 15:06:48 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Subversion [2010.07.22 22:00:28 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\syntevo [2010.07.20 17:16:27 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\TrueCrypt [2010.01.23 19:39:15 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2011.02.20 00:53:22 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\uTorrent [2011.02.16 01:39:12 | 000,000,000 | ---D | M] -- C:\Users\axel\AppData\Roaming\Windows Live Writer [2010.12.21 10:35:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.02.11 02:57:07 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.01.12 14:26:07 | 000,000,000 | ---D | M] -- C:\android-sdk [2010.11.01 13:26:47 | 000,000,000 | ---D | M] -- C:\Apache2.2 [2010.06.08 21:22:55 | 000,000,000 | RHSD | M] -- C:\bootwiz [2010.12.27 01:58:07 | 000,000,000 | ---D | M] -- C:\dev [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.01.23 23:29:46 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2010.12.30 12:51:13 | 000,000,000 | ---D | M] -- C:\EbuDllTmpDir [2011.01.19 16:02:00 | 000,000,000 | ---D | M] -- C:\eclipse [2010.01.23 16:36:48 | 000,000,000 | ---D | M] -- C:\Intel [2011.01.10 16:40:00 | 000,000,000 | ---D | M] -- C:\java [2011.01.08 20:27:47 | 000,000,000 | ---D | M] -- C:\JDownloader 0.8 [2010.04.10 22:56:08 | 000,000,000 | ---D | M] -- C:\links [2010.08.05 11:15:04 | 000,000,000 | ---D | M] -- C:\log [2010.01.24 12:55:44 | 000,000,000 | RH-D | M] -- C:\MSOCache [2010.01.24 19:24:20 | 000,000,000 | ---D | M] -- C:\MySQL [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2010.01.24 19:38:49 | 000,000,000 | ---D | M] -- C:\PHP52 [2011.02.20 15:02:33 | 000,000,000 | R--D | M] -- C:\Programme [2011.02.20 15:53:59 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.02.19 22:14:04 | 000,000,000 | -H-D | M] -- C:\ProgramData [2010.01.23 23:29:46 | 000,000,000 | -HSD | M] -- C:\Programme [2010.01.23 23:29:46 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.02.20 14:56:32 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.02.17 22:59:25 | 000,000,000 | ---D | M] -- C:\temp [2010.10.07 21:21:58 | 000,000,000 | R--D | M] -- C:\Users [2011.02.20 14:55:32 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: USERINIT.EXE > [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:319E7F0B @Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:F4CE9946 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:638E6F6B < End of report > ~~~~~~~~~~~~~~~~~~~~~~~~OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.02.2011 15:57:40 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = F:\Desktop\MFTools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): d:\pagefile.sys 5839 5839 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 20,50 Gb Free Space | 34,44% Space Free | Partition Type: NTFS
Drive D: | 8,01 Gb Total Space | 2,23 Gb Free Space | 27,91% Space Free | Partition Type: NTFS
Drive E: | 1074,22 Gb Total Space | 545,50 Gb Free Space | 50,78% Space Free | Partition Type: NTFS
Drive F: | 780,78 Gb Total Space | 254,07 Gb Free Space | 32,54% Space Free | Partition Type: NTFS
Computer Name: UNREAL | User Name: axel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
.js [@ = jsfile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC113\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC113\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC113\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC113\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Girder5\girder.exe" = C:\Girder5\girder.exe:*:Enabled:Trust Girder
"C:\Girder5\grunt.exe" = C:\Girder5\grunt.exe:*:Enabled:Trust Girder Runtime
"C:\Girder5\girder.exe" = C:\Girder5\girder.exe:*:Enabled:Trust Girder
"C:\Girder5\grunt.exe" = C:\Girder5\grunt.exe:*:Enabled:Trust Girder Runtime
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Girder5\girder.exe" = C:\Girder5\girder.exe:*:Enabled:Trust Girder
"C:\Girder5\grunt.exe" = C:\Girder5\grunt.exe:*:Enabled:Trust Girder Runtime
"C:\Girder5\girder.exe" = C:\Girder5\girder.exe:*:Enabled:Trust Girder
"C:\Girder5\grunt.exe" = C:\Girder5\grunt.exe:*:Enabled:Trust Girder Runtime
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C119DA-E229-4331-9723-BB9E19CD0164}" = FastPictureViewer (64-bit)
"{08D831E5-1B2E-4CCA-B90A-9374D0D0959F}" = FastPictureViewer 1.3 (64-bit)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C9B6B1F-0A8E-402A-A60C-110BBB38D67E}" = Intel(R) Network Connections 15.7.176.0
"{8F41F431-071E-5B44-2EEE-5C51173D6498}" = MozyHome
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B49FFF4A-6C56-4EAE-A37E-726C59B1681A}" = MySQL Server 5.1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D773B0F5-5511-4812-B1A0-C6635F7AD6B8}" = Slik Subversion 1.6.15 (x64)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F08E87FD-F62B-4BAC-A2D6-A94755653F30}" = WebDrive
"{F11F5A1D-67F1-49D2-A7C6-5632B6004C5C}" = CrashPlan
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 15.7.176.0
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9C (x64)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C0D96F6-030C-4216-9C8F-A62CA0D6A8A8}" = SmartSVN 6.5
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{10F5D9BB-E2F2-4B18-A65D-928B73D22E6F}" = USB-IrDA Adapter
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{16372200-4B55-4C94-97B4-D904B3EC42AB}" = PHP 5.2.10
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{294BB21B-0091-492F-87D2-A9192DA3E448}" = System Requirements Lab for Intel
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{30161931-E14F-42B5-BFC0-1AB5ADE4459B}" = muvee autoProducer 5.0
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D7CBD6E-6111-4AC5-9C92-C7CF943D72A9}" = Brother HL-2030
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62D416D9-C992-40DE-8A37-2EA9A55F44A9}" = Aladdin Expander 5.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{662E930A-FBF8-4451-A5A6-4C094160B4BC}" = Intel(R) Desktop Utilities
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6F51CDE0-1391-878A-C593-BD340AD9D0DE}" = TweetDeck
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71B7840D-BB4D-409C-87A2-9EFD10BC0C3D}" = VC90_CRT_x64
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7B312BFD-6C04-4409-AB6F-DD41CCD67463}" = muvee autoProducer 6.1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}" = Apache HTTP Server 2.2.14
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A45C37B-7612-4C6A-95EA-25AB5744D88D}_is1" = OpenMceIrService 0.4.0
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9f549817-2ffc-4734-851a-41bac06ba3c7}" = Nero 9 Essentials
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}" = Paragon Partition Manager 9.0 Professional
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E0E859-F46D-4708-A41D-ED90C0C1822A}" = Acronis*True*Image*Home
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Evaluation
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2CBF3FE-A24F-40DF-B25D-8C9E05F0CD63}" = UltraEdit 15.20
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Album Cover Art Downloader" = Album Cover Art Downloader 1.6.6
"Android SDK Tools" = Android SDK Tools
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cool Edit 2000" = Cool Edit 2000
"Digital Editions" = Adobe Digital Editions
"DivX Setup.divx.com" = DivX-Setup
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.4.1
"Girder5Stuff_is1" = Promixis Girder 5.0.1.535
"HD Tune Pro_is1" = HD Tune Pro 3.50
"HijackThis" = HijackThis 2.0.2
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MiriServer_is1" = MiriServer 1.8.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mp3tag" = Mp3tag v2.46a
"MysticalTTC" = Uninstall MysticalTTC
"OrmDesignerCore" = ORM Designer
"RealPlayer 12.0" = RealPlayer
"SmartSynchronize 3.1_is1" = SmartSynchronize 3.1.6
"Spesoft Audio Converter_is1" = Spesoft Audio Converter 2.30
"SystemRequirementsLab" = System Requirements Lab
"TrueCrypt" = TrueCrypt
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.2.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.02.2011 10:52:53 | Computer Name = unreal | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.1.20
for ServerName .
Error - 20.02.2011 10:53:52 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 10:54:52 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 10:55:52 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 10:56:50 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 10:57:50 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 10:58:50 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 10:59:50 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 11:00:50 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
Error - 20.02.2011 11:01:50 | Computer Name = unreal | Source = SDWinSec.exe | ID = 0
Description =
[ System Events ]
Error - 20.02.2011 09:52:37 | Computer Name = unreal | Source = Service Control Manager | ID = 7034
Description = Dienst "DTNetService" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 20.02.2011 09:57:06 | Computer Name = unreal | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Terminal Services Application Compatibility DLL erreicht.
Error - 20.02.2011 09:57:07 | Computer Name = unreal | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 20.02.2011 09:57:07 | Computer Name = unreal | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.02.2011 10:48:28 | Computer Name = unreal | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Terminal Services Application Compatibility DLL erreicht.
Error - 20.02.2011 10:48:29 | Computer Name = unreal | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 20.02.2011 10:48:29 | Computer Name = unreal | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.02.2011 10:52:50 | Computer Name = unreal | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Terminal Services Application Compatibility DLL erreicht.
Error - 20.02.2011 10:52:51 | Computer Name = unreal | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 20.02.2011 10:52:51 | Computer Name = unreal | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
|
|
21.02.2011, 17:10
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt Anleitung / Hilfe Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
21.02.2011, 20:12
| #3 |
| | Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt Details Hallo,
__________________sorry es gab noch logs, hier die restlichen: Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 5817 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.02.2011 15:45:33 mbam-log-2011-02-20 (15-45-33).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 230111 Laufzeit: 10 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 5817 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.02.2011 15:31:05 mbam-log-2011-02-20 (15-31-05).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 175394 Laufzeit: 1 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 5817 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.02.2011 15:29:34 mbam-log-2011-02-20 (15-29-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 159936 Laufzeit: 7 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
21.02.2011, 20:33
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lösung: Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirktZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.02.2011, 20:37
| #5 |
| | Wie Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt ich bin softwareentwickler, das sind projekte die bei mir auf apache am localhost laufen. gruß axel |
|
21.02.2011, 20:38
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wo Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt Lösung! Du arbeitest bei oder für southrivertech.com?
__________________ --> Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt |
|
| Themen zu Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt |
| 64-bit, adaware, alternate, andere, antivir, aufbau, avgntflt.sys, avira, avira antivir, browser, c:\windows\system32\rundll32.exe, cpu-z, firefox, frage, gefunde, gestartet, google chrome, gründe, home premium, ieframe.dll, install.exe, jdownloader, komplette, langsamer, launch, location, microsoft office word, neuinstallation, office 2007, oldtimer, plug-in, programdata, safer networking, saver, schadsoftware, searchplugins, security update, seite, seitenaufbau, shell32.dll, shortcut, sptd.sys, spybot, start menu, syswow64, tagen, umbenennen, vermeide, webcheck, windows, windows 7, windows 7 64 bit, woran |
Firefox pötzlich langsamer Seitenaufbau, firefox.exe umbenennen wirkt
Linear-Darstellung
