| anselmo123 | 10.08.2012 09:27 |
javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus)
javascriptfehler auf gmx via firefox -> hängt sich auf (aber nicht bei deaktiviertem adblockplus)
1. google benutzt, finde nix brauchbares - hier im forum schon ähnliches thema http://www.trojaner-board.de/117322-...mx-starte.html -> und jetzt bin ich hier gelandet
Fehlerbeschreibung
hxxp://js.gmx.net/gmx/hp10/js/20120719/homepage.js: (irgendeine zahl)
taucht immer auf, wenn ich auf gmx gehe..
der browser hängt sich auf, dies tut er aber nicht, wenn das adblockplus addon deaktiviert ist, aber dennoch den skriptfehler aufzeigt.
fehler tritt seit geraumer zeit auf, kann leider nicht nachvollziehen, ob es mit irgendeiner installation eines addons oder ähnlichem zusammenhängt..
hier schon mal folgendes durchgeführt (lt. anderem eintrag s.o.)
OTL _ OTL.txt
OTL Logfile: Code:
OTL logfile created on: 10.08.2012 09:45:50 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = F:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,98 Gb Total Physical Memory | 12,97 Gb Available Physical Memory | 81,19% Memory free
23,96 Gb Paging File | 21,51 Gb Available in Paging File | 89,76% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,40 Gb Total Space | 31,00 Gb Free Space | 52,19% Space Free | Partition Type: NTFS
Drive D: | 96,07 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 496,68 Gb Total Space | 125,17 Gb Free Space | 25,20% Space Free | Partition Type: NTFS
Drive F: | 434,82 Gb Total Space | 79,05 Gb Free Space | 18,18% Space Free | Partition Type: NTFS
Drive G: | 55,80 Gb Total Space | 45,45 Gb Free Space | 81,45% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 216,11 Gb Free Space | 46,40% Space Free | Partition Type: NTFS
Drive I: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: XXCCC| User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - F:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Mozilla\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe ()
PRC - G:\Program Files (x86)\RocketDock\RocketDock.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\NSLDAP32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\NSLDAPPR32V60.dll ()
MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll ()
MOD - G:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - G:\Program Files (x86)\RocketDock\RocketDock.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (Intel® PROSet Monitoring Service) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (SbieSvc) -- F:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (CLKMSVC10_C0976A51) -- F:\Programme\PowerDVD\PowerDVD9\NavFilter\kmsvc.exe (CyberLink)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (WDFME) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe ()
SRV - (WDSC) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe ()
SRV - (WDDMService) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (lvsels64) -- C:\Windows\SysNative\drivers\lvsels64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (SbieDrv) -- F:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (NTIOLib_1_0_4) -- G:\Programme (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI)
DRV - (MSI_MSIBIOS_010507) -- G:\Programme (x86)\MSI\Live Update 5\msibios64_100507.sys (Your Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5B 07 CA 64 C9 76 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "IMDB"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://ecosia.org/"
FF - prefs.js..keyword.URL: "https://startpage.com/do/search?q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: G:\Programme\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.12.12 10:14:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla\Mozilla Firefox\components [2012.08.02 11:07:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\components [2012.08.02 11:07:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla\Mozilla Firefox\components [2012.08.02 11:07:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Mozilla Firefox\plugins
[2011.10.22 14:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Extensions
[2012.08.10 09:35:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions
[2012.08.01 21:12:04 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012.07.20 10:01:35 | 000,000,000 | ---D | M] (WOT) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.03.29 22:13:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.08.02 11:10:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.22 14:53:47 | 000,000,000 | ---D | M] (IE View Lite) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}(2)
[2012.05.22 16:49:09 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\84tciy2v.default\extensions\foxyproxy@eric.h.jung
[2012.08.06 23:25:07 | 000,002,311 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\buecherde.xml
[2010.04.30 08:15:20 | 000,002,354 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\ecosia.xml
[2008.08.12 18:12:34 | 000,001,504 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\imdb.xml
[2009.10.16 23:39:34 | 000,002,037 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\myvideo-suche-.xml
[2012.08.02 10:16:29 | 000,002,325 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\startpage-ssl.xml
[2009.04.30 13:40:18 | 000,004,140 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\84tciy2v.default\searchplugins\youtube.xml
[2012.07.16 10:50:21 | 000,457,304 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
[2011.04.30 16:19:00 | 000,022,573 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{987311C6-B504-4AA2-90BF-60CC49808D42}.XPI
[2011.11.15 11:27:05 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2012.01.21 14:40:35 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2011.10.19 08:56:30 | 000,026,136 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI
[2012.07.20 10:01:35 | 000,038,314 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\FIREPICKER@THEDARKONE.XPI
[2012.07.18 10:02:23 | 000,040,533 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\FLATBM@XULDEV.ORG.XPI
[2011.10.19 07:46:40 | 000,174,405 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\GUICONFIG@SLOSD.NET.XPI
[2012.08.02 10:21:56 | 000,053,072 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\YESSCRIPT@USERSTYLES.ORG.XPI
[2011.08.26 17:00:28 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84TCIY2V.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
O1 HOSTS File: ([2011.12.15 21:02:10 | 000,002,493 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKCU..\Run: [DAEMON Tools Lite] G:\Programme (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RocketDock] G:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CCF0B8-D70E-4F42-9DD1-5E660D426DFB}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.07.21 14:18:03 | 000,000,100 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.06.13 11:12:34 | 000,000,043 | RH-- | M] () - I:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{49d14881-b269-11e1-ade4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{49d14881-b269-11e1-ade4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2011.07.20 10:40:06 | 056,337,504 | R--- | M] (Buhl Data Service GmbH )
O33 - MountPoints2\{5c6b2f0c-d093-11e1-aabe-14dae90f8613}\Shell - "" = AutoRun
O33 - MountPoints2\{5c6b2f0c-d093-11e1-aabe-14dae90f8613}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\{b71cf894-96d6-11e1-8104-14dae90f8613}\Shell - "" = AutoRun
O33 - MountPoints2\{b71cf894-96d6-11e1-8104-14dae90f8613}\Shell\AutoRun\command - "" = I:\start.exe -- [2009.03.04 17:54:32 | 005,294,060 | R--- | M] (video2brain )
O33 - MountPoints2\{e9cfd5a9-2019-11e1-9c21-14dae90f8613}\Shell - "" = AutoRun
O33 - MountPoints2\{e9cfd5a9-2019-11e1-9c21-14dae90f8613}\Shell\AutoRun\command - "" = I:\Set-up.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 90 Days ==========
[2012.08.03 08:05:28 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\allrounder-j1.6_v1.4
[2012.08.03 08:04:30 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\allrounder-j1.6
[2012.08.03 08:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDiff3
[2012.08.02 11:14:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.02 11:14:33 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.02 11:14:33 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.02 11:14:29 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.02 11:14:29 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.02 11:12:33 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Local\Macromedia
[2012.08.02 11:12:25 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.02 11:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.08.02 11:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.08.02 11:08:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.08.02 11:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.08.02 11:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.08.02 11:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.07.26 14:52:55 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Buhl Data Service
[2012.07.26 14:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mein Verein
[2012.07.26 14:51:46 | 004,361,832 | ---- | C] (RAPWare) -- C:\Windows\SysNative\RwEasyMAPI64.exe
[2012.07.26 14:51:45 | 004,082,688 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\qtintf70.dll
[2012.07.26 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH
[2012.07.26 14:50:01 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Local\Buhl Data Service
[2012.07.21 01:13:29 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AVM_Driver
[2012.07.20 21:13:31 | 000,000,000 | ---D | C] -- C:\Users\XXXX\LuminanceHDR
[2012.07.11 03:00:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.11 03:00:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.11 03:00:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.11 03:00:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.11 03:00:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.11 03:00:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.11 03:00:35 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.11 03:00:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.11 03:00:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.11 03:00:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.11 03:00:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.11 03:00:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.11 03:00:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.11 00:48:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 00:48:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.11 00:48:31 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.11 00:48:07 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.11 00:48:07 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.09 20:20:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.07.09 20:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.09 20:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.06.30 22:38:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.06.30 22:38:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.06.23 07:10:31 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.23 07:10:31 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.23 07:10:31 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.23 07:10:28 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.23 07:10:28 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.23 07:10:28 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.23 07:10:27 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.23 07:10:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.13 22:31:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 22:31:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 22:31:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 22:31:51 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 22:31:51 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 22:31:51 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 22:31:50 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.06.13 22:31:49 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 22:31:48 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 22:31:48 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.09 21:24:19 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Local\Cyberlink
[2012.06.09 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Documents\CyberLink
[2012.06.09 21:22:31 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\CyberLink
[2012.06.09 21:21:33 | 000,000,000 | ---D | C] -- C:\Temp
[2012.06.09 21:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit
[2012.06.09 21:20:22 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2012.06.09 21:20:22 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb6stkit.dll
[2012.06.09 21:20:22 | 000,102,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6KO.DLL
[2012.06.09 21:20:22 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wbemdisp.tlb
[2012.06.09 21:20:22 | 000,016,384 | ---- | C] (BitLeader) -- C:\Windows\SysWow64\lgfwunis.exe
[2012.06.09 21:19:22 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012.06.09 21:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012.06.09 21:18:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2012.06.09 21:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2012.06.09 21:17:02 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012.06.09 21:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012.06.09 21:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012.06.09 21:02:10 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\dvdcss
[2012.06.09 21:02:08 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\vlc
[2012.05.17 11:12:15 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\elsterformular
[2012.05.17 11:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2012.05.17 11:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2012.08.10 07:24:50 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.10 07:24:50 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.10 07:21:49 | 001,766,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.10 07:21:49 | 000,759,454 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.10 07:21:49 | 000,703,364 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.10 07:21:49 | 000,169,072 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.10 07:21:49 | 000,137,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.10 07:17:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.08 17:08:11 | 000,101,868 | ---- | M] () -- C:\Users\XXXX\Desktop\swastika-film-proteger-servir.JPG
[2012.08.06 15:18:37 | 000,071,190 | ---- | M] () -- C:\Users\XXXX\Desktop\Unbenannt.JPG
[2012.08.05 21:54:44 | 001,859,003 | ---- | M] () -- C:\Users\XXXX\Desktop\20120805_INGDiBa_Fest.PDF
[2012.08.03 13:16:39 | 000,002,267 | ---- | M] () -- C:\Users\XXXX\.kdiff3rc
[2012.08.03 09:20:56 | 000,000,600 | ---- | M] () -- C:\Users\XXXX\AppData\Local\PUTTY.RND
[2012.08.02 13:33:03 | 000,001,948 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012.08.02 11:14:26 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.02 11:14:26 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.02 11:14:26 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.02 11:14:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.02 11:14:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.02 11:12:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.02 11:12:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.26 19:35:54 | 000,000,132 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.07.22 08:41:12 | 004,858,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.20 22:23:57 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.07.20 22:23:57 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.20 22:23:36 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.07.09 13:49:55 | 000,001,456 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.06.16 09:15:50 | 000,001,106 | ---- | M] () -- C:\Users\XXXX\Desktop\ED - AGFA II - Verknüpfung.lnk
[2012.06.16 09:15:46 | 000,001,030 | ---- | M] () -- C:\Users\XXXX\Desktop\KW - Verknüpfung.lnk
[2012.06.10 07:17:54 | 000,000,334 | ---- | M] () -- C:\Windows\lgfwup.ini
[2012.06.09 21:41:38 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012.06.09 21:22:28 | 000,016,384 | ---- | M] (BitLeader) -- C:\Windows\SysWow64\lgfwunis.exe
[2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.02 14:12:17 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.02 14:04:50 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.02 14:04:25 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.02 14:01:40 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.02 14:00:33 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.02 13:57:36 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.02 13:54:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.02 10:25:03 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.02 10:23:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.02 10:20:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.02 10:19:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.02 10:17:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.02 10:14:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.05.26 06:45:18 | 000,007,597 | ---- | M] () -- C:\Users\XXXX\AppData\Local\resmon.resmoncfg
[2012.05.17 17:44:17 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.14 17:10:23 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\InstallationInfs
[2012.05.14 17:10:09 | 000,139,360 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys
[2012.05.14 17:10:09 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.05.14 17:10:09 | 000,114,128 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys
[2012.05.14 17:10:09 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.08 17:07:33 | 000,101,868 | ---- | C] () -- C:\Users\XXXX\Desktop\swastika-film-proteger-servir.JPG
[2012.08.06 15:18:37 | 000,071,190 | ---- | C] () -- C:\Users\XXXX\Desktop\Unbenannt.JPG
[2012.08.05 21:48:12 | 001,859,003 | ---- | C] () -- C:\Users\XXXX\Desktop\20120805_INGDiBa_Fest.PDF
[2012.08.03 13:16:39 | 000,002,267 | ---- | C] () -- C:\Users\XXXX\.kdiff3rc
[2012.07.26 19:13:48 | 000,446,801 | ---- | C] () -- C:\Users\XXXX\Desktop\make your own.psd
[2012.07.22 08:41:03 | 004,858,568 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.16 09:15:50 | 000,001,106 | ---- | C] () -- C:\Users\XXXX\Desktop\ED - AGFA II - Verknüpfung.lnk
[2012.06.16 09:15:46 | 000,001,030 | ---- | C] () -- C:\Users\XXXX\Desktop\KW - Verknüpfung.lnk
[2012.06.09 21:20:25 | 000,000,334 | ---- | C] () -- C:\Windows\lgfwup.ini
[2012.05.26 06:43:54 | 000,007,597 | ---- | C] () -- C:\Users\XXXX\AppData\Local\resmon.resmoncfg
[2012.05.14 17:10:22 | 000,000,040 | ---- | C] () -- C:\Windows\SysNative\InstallationInfs
[2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.04 13:32:23 | 000,000,132 | ---- | C] () -- C:\Users\XXXX\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.12.13 13:15:36 | 000,001,456 | ---- | C] () -- C:\Users\XXXX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.12.13 12:53:44 | 000,000,132 | ---- | C] () -- C:\Users\XXXX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.12.11 07:49:43 | 000,001,948 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011.11.16 10:26:06 | 000,000,600 | ---- | C] () -- C:\Users\XXXX\AppData\Local\PUTTY.RND
[2011.10.13 08:21:48 | 000,000,218 | ---- | C] () -- C:\Users\XXXX\.recently-used.xbel
[2011.09.22 12:29:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.09.22 12:29:21 | 000,282,296 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.22 12:29:21 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.21 18:29:46 | 001,626,780 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.21 18:20:40 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.21 18:20:40 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.09.21 18:17:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.09.21 18:17:36 | 000,030,663 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.08.31 19:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.31 19:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
< End of report >
--- --- ---
OTL_Extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 10.08.2012 09:45:50 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = F:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,98 Gb Total Physical Memory | 12,97 Gb Available Physical Memory | 81,19% Memory free
23,96 Gb Paging File | 21,51 Gb Available in Paging File | 89,76% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,40 Gb Total Space | 31,00 Gb Free Space | 52,19% Space Free | Partition Type: NTFS
Drive D: | 96,07 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 496,68 Gb Total Space | 125,17 Gb Free Space | 25,20% Space Free | Partition Type: NTFS
Drive F: | 434,82 Gb Total Space | 79,05 Gb Free Space | 18,18% Space Free | Partition Type: NTFS
Drive G: | 55,80 Gb Total Space | 45,45 Gb Free Space | 81,45% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 216,11 Gb Free Space | 46,40% Space Free | Partition Type: NTFS
Drive I: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: XXCCC | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- Reg Error: Value error. File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = jsfile] -- Reg Error: Value error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- G:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- G:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7E724204-B166-44E5-A165-946D6219E2B6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A05551FA-52CD-48CA-A287-9F8467578641}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17212989-5B10-499E-8701-54B8C45D26DD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{23310062-34F9-4B1C-8F35-D2213DD71CC4}" = dir=in | app=f:\programme\powerdvd\powerdvd9\powerdvd9.exe |
"{336A987C-1F95-4E63-8240-DA4CC4CC989E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{34BB9AA1-7FE2-430F-8529-543FB690193A}" = protocol=17 | dir=in | app=c:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe |
"{36DEBBD0-9EBF-46FA-AEBD-D515F249EE32}" = dir=in | app=f:\programme\powerdvd\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{3E17A32B-0F6C-4718-A376-41304C9A6138}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3F15D000-8F14-42D4-ABB2-CFFC414CC802}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{45E70AF0-FCE5-4E89-A07B-5EEEB9B42034}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{74ABFFC6-3AF5-4086-8CAA-93F19A482D84}" = protocol=6 | dir=in | app=c:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe |
"{79AABC6A-FA13-4CE6-A2C2-685C710044A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{833E6A20-8954-4823-BBAD-A2F0132E32D1}" = protocol=17 | dir=in | app=f:\spiele\bf\bc\bfbc2updater.exe |
"{8495BD01-9231-4146-9A7A-67C166E82F79}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B367F5ED-9D76-4ED2-B24B-EC35345362D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DDDAA265-CE9B-48BE-A6A1-8FB431C07538}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{E272CA11-1E34-4F01-B4B7-C3D992B44388}" = protocol=6 | dir=in | app=f:\spiele\bf\bc\bfbc2updater.exe |
"{F3B47F7F-30E4-4B68-BA28-C169FCBFBDAF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{F6FF0691-4C74-4F60-AE8A-A42B55474E86}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802" = CanoScan LiDE 600F
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6F482C75-174D-42EB-A2CF-B00A1F354F7B}" = WD SmartWare
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 15.6.25.0
"Sandboxie" = Sandboxie 3.62 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 5.10
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.8.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1" = Mein Verein
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Programm für die Prozessorerkennung
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech-Webkamera-Treiber
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP2" = AIMP2
"Avira AntiVir Desktop" = Avira Internet Security 2012
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"FileZilla Client" = FileZilla Client 3.5.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"IrfanView" = IrfanView (remove only)
"KDiff3" = KDiff3 (remove only)
"MagniDriver" = marvell 91xx driver
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"RocketDock_is1" = RocketDock 1.3.5
"SumatraPDF" = SumatraPDF
"TeamViewer 6" = TeamViewer 6
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.08.2012 15:13:54 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1104 Startzeit:
01cd7019a1b76635 Endzeit: 31 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: fce767cd-dc0c-11e1-9e73-14dae90f8613
Error - 01.08.2012 16:05:45 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10a8 Startzeit:
01cd7020a97d005a Endzeit: 62 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: 3d1ef422-dc14-11e1-ab31-14dae90f8613
Error - 02.08.2012 04:05:58 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2b4 Startzeit:
01cd7085592f6e07 Endzeit: 31 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: dab904e9-dc78-11e1-ab31-14dae90f8613
Error - 02.08.2012 05:25:38 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 488 Startzeit:
01cd709071cf272e Endzeit: 47 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: fb5f3078-dc83-11e1-8658-14dae90f8613
Error - 03.08.2012 01:22:25 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 04.08.2012 02:39:53 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 05.08.2012 03:49:17 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.08.2012 01:00:50 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.08.2012 18:42:23 | Computer Name = XXCCC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e08 Startzeit:
01cd740ab25d26c0 Endzeit: 57 Anwendungspfad: C:\Program Files (x86)\Mozilla\Mozilla
Firefox\firefox.exe Berichts-ID: ef8e23f1-e017-11e1-be3a-14dae90f8613
Error - 08.08.2012 01:26:23 | Computer Name = XXCCC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 02.06.2012 14:36:52 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:37:31 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:37:32 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:37:43 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.06.2012 14:38:30 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:11 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:12 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:15 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:18 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 03.06.2012 00:52:27 | Computer Name = XXCCC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report >
--- --- ---
CCleaner_ install.txt (installierte Programme) HTML-Code:
7-Zip 9.20 (x64 edition) Igor Pavlov 21.09.2011 4,53MB 9.20.00.0
Adobe AIR Adobe Systems Inc. 12.12.2011 1.5.3.9120
Adobe Community Help Adobe Systems Incorporated 12.12.2011 3.0.0.400
Adobe Creative Suite 5 Master Collection Adobe Systems Incorporated 12.12.2011 8,10GB 5.0
Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 12.12.2011 2,42MB 10.1.52.14
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 02.08.2012 6,00MB 11.3.300.268
Adobe Media Player Adobe Systems Incorporated 12.12.2011 1.8
AIMP2 AIMP DevTeam 21.09.2011
Apple Application Support Apple Inc. 02.08.2012 61,0MB 2.1.7
Apple Software Update Apple Inc. 08.01.2012 2,38MB 2.1.3.127
Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia Technology 21.09.2011 2,12MB 1.4.5.0
Avira Internet Security 2012 Avira 05.08.2012 111MB 12.0.0.1128
Battlefield: Bad Company™ 2 Electronic Arts 22.09.2011 5,72GB 1.0.0.0
Canon CanoScan Toolbox 5.0 22.09.2011
Canon iP4800 series Printer Driver 21.09.2011
CanoScan LiDE 600F 22.09.2011
CCleaner Piriform 22.06.2012 3.20
CyberLink Blu-ray Disc Suite CyberLink Corp. 09.06.2012 16,5MB 6.0.3226
CyberLink PowerDVD 9 CyberLink Corp. 09.06.2012 192MB 9.0.4322.52
CyberLink PowerProducer CyberLink Corp. 09.06.2012 165MB 5.0.1.1520
DAEMON Tools Lite DT Soft Ltd 05.05.2012 4.45.4.0315
Dropbox Dropbox, Inc. 14.06.2012 1.4.8
ElsterFormular Landesfinanzdirektion Thüringen 17.05.2012 160MB 13.2.0.8623p
FileZilla Client 3.5.3 FileZilla Project 11.01.2012 16,5MB 3.5.3
Intel(R) Network Connections 15.6.25.0 Intel 21.09.2011 14,4MB 15.6.25.0
Intel(R) Processor Graphics Intel Corporation 28.09.2011 8.15.10.2372
Intel(R) Programm für die Prozessorerkennung Intel Corporation 13.11.2011 4,64MB 4.40.0000
IrfanView (remove only) Irfan Skiljan 19.11.2011 1,50MB 4.30
Java(TM) 6 Update 31 Oracle 08.03.2012 95,1MB 6.0.310
Java(TM) 7 Update 5 Oracle 02.08.2012 101MB 7.0.50
JDownloader 0.9 AppWork GmbH 20.11.2011 0.9
KDiff3 (remove only) 03.08.2012
LG Tool Kit 09.06.2012 9.01.1124.01
Live Update 5 MSI 07.05.2012 28,5MB 5.0.081
Logitech High Quality Video 25.09.2011
Logitech-Webkamera-Treiber Logitech Inc. 03.07.2012 2.0
marvell 91xx driver Marvell 21.09.2011 1.0.0.1045
Mein Verein Buhl Data Service GmbH 26.07.2012 245MB 13.0
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 21.09.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 21.09.2011 2,93MB 4.0.30319
Microsoft Silverlight Microsoft Corporation 02.08.2012 50,6MB 5.1.10411.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 10.05.2012 1,69MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 10.05.2012 298KB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 30.12.2011 246KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 21.09.2011 786KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 10.05.2012 788KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 21.09.2011 596KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 10.05.2012 600KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 10.05.2012 15,2MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 10.05.2012 16,5MB 10.0.40219
MozBackup 1.5.1 Pavel Cvrcek 22.10.2011
Mozilla Firefox 14.0.1 (x86 de) Mozilla 18.07.2012 36,3MB 14.0.1
Mozilla Maintenance Service Mozilla 18.07.2012 309KB 14.0.1
Mozilla Thunderbird 14.0 (x86 de) Mozilla 18.07.2012 39,4MB 14.0
NVIDIA Grafiktreiber 296.10 NVIDIA Corporation 07.05.2012 296.10
NVIDIA HD-Audiotreiber 1.3.12.0 NVIDIA Corporation 07.05.2012 1.3.12.0
NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Corporation 16.03.2012 9.12.0213
OpenOffice.org 3.3 OpenOffice.org 21.09.2011 414MB 3.3.9567
PDF Settings CS5 21.09.2011
PDF24 Creator 3.8.0 PDF24.org 17.11.2011 33,5MB
PunkBuster Services Even Balance, Inc. 22.09.2011 0.988
QuickTime Apple Inc. 02.08.2012 73,2MB 7.72.80.56
Rainmeter 13.10.2011 2.1 r959
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 21.09.2011 6.0.1.6251
ROCCAT Kone[+] Mouse Driver Roccat GmbH 03.12.2011 13,0MB
RocketDock 1.3.5 Punk Software 13.10.2011
Samsung_MonSetup Samsung 30.12.2011 1.00.0000
Sandboxie 3.62 (64-bit) SANDBOXIE L.T.D 11.12.2011 3.62
Skype™ 5.10 Skype Technologies S.A. 09.07.2012 19,1MB 5.10.115
SumatraPDF Krzysztof Kowalczyk 21.09.2011 8,85MB 1.8
TeamViewer 6 TeamViewer GmbH 21.09.2011 6.0.11117
VLC media player 2.0.3 VideoLAN 02.08.2012 2.0.3
WD SmartWare Western Digital 22.09.2011 39,6MB 1.4.1.1
Windows Live Essentials Microsoft Corporation 10.05.2012 15.4.3555.0308
Windows Media Player Firefox Plugin Microsoft Corp 10.10.2011 600KB 1.0.0.8
Hijackthis.log
HiJackthis Logfile: Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:22:05, on 10.08.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
G:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
F:\Downloads\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RocketDock] "G:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Programme (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'DefaultAppPool')
O4 - Global Startup: Rainmeter.lnk = G:\Programme\Rainmeter\Rainmeter.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Email Schutz (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: CyberLink Product - 2012/06/09 21:42:06 (CLKMSVC10_C0976A51) - CyberLink - F:\Programme\PowerDVD\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - F:\Programme\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 8712 bytes
--- --- ---
hab jetzt auch das ergebnis der malwarebytes analyse HTML-Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.10.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
XXXX:: XXCCC[Administrator]
10.08.2012 12:56:04
mbam-log-2012-08-10 (13-49-37).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 655364
Laufzeit: 51 Minute(n), 17 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
seltsamerweise hat beim ablaufen des malwarebytes auch der avira was gefunden HTML-Code:
Die Datei 'C:\Users\ZaphodB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\79d59b9b-41388eea'
enthielt einen Virus oder unerwünschtes Programm 'JAVA/Dldr.Lamar.DW' [virus].
Durchgeführte Aktion(en):
Die Datei wurde erfolgreich überschrieben!
Die Datei wurde gelöscht.
wurde von mir überschrieben und gelöscht..
keinerlei änderungen.. gmx.. nach wie vor.. javascriptfehler.. wie beschrieben..
den fehler gibts nur im firefox
andere browser ohne diesen javascriptfehler
internet explorer
-> keine ahnung, woran das liegt.. habe bereits alle addons und sonstige erweiterungen im firefox beendet und wieder gestartet herunter- und hochgefahren :( u.v.m.
hoffe hier auf den ein oder anderen tipp.. wie ich das problem gelöst bekomme |
