Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Firefox startet doppelt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.08.2012, 20:34   #1
Sebbel
 
Firefox startet doppelt - Standard

Firefox startet doppelt



habe seit einiger Zeit das Problem, dass Firefox doppelt gestartet wird, wenn ich z.B. Links aus e-mails öffne.
ebenso habe ich meinen Desktop "gepimpt" mit Rainmeter und habe da ein Symbol wo ich mit einfach klick mein mail-programm starte und mit doppelklick wird das mail programm und Firefox gestartet.
hat alles auch immer normal funktioniert. aber wie schon gesagt, seit einiger Zeit wird Firefox immer doppelt gestartet. ist mir erst nur aufgefallen mit dem Rainmeter Symbol und jetzt hab ich mal aus net Mail nen link geklickt und war das selbe, ebenso doppelt geöffnet.
Wenn Firefox schon geöffnet ist, dann wird da nur ein neuer Tab gemacht, so wie es soll.

Kaspersky Internet Security 2012 hat nix gefunden.
Spybot S&D ebenso nicht's

malwarebytes hat beim flash-scan etwas gefunden
hier die LOG davon
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.17.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Sebbel :: SEBBEL-LAPTOP [Administrator]

Schutz: Aktiviert

17.08.2012 10:11:57
mbam-log-2012-08-17 (10-11-57).txt

Art des Suchlaufs: Flash-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Registrierung | Dateisystem | P2P
Durchsuchte Objekte: 146395
Laufzeit: 1 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)



habe ich natürlich entfernt

habe dann noch den Quick-Scan gemacht, da hat er nichts gefunden.

dann OTL Log
Code:
ATTFilter
OTL logfile created on: 17.08.2012 10:24:32 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Sebbel\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,84% Memory free
7,48 Gb Paging File | 5,65 Gb Available in Paging File | 75,53% Paging File free
Paging file location(s): c:\pagefile.sys 4599 5120 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 45,33 Gb Free Space | 45,33% Space Free | Partition Type: NTFS
Drive D: | 81,16 Gb Total Space | 60,46 Gb Free Space | 74,49% Space Free | Partition Type: NTFS
Drive E: | 190,22 Gb Total Space | 36,66 Gb Free Space | 19,27% Space Free | Partition Type: NTFS
Drive F: | 81,61 Gb Total Space | 5,91 Gb Free Space | 7,24% Space Free | Partition Type: NTFS
 
Computer Name: SEBBEL-LAPTOP | User Name: Sebbel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sebbel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Rainmeter\Rainmeter.exe ()
PRC - C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Programme\Core Temp\Core Temp.exe ()
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
PRC - C:\Programme\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll ()
MOD - C:\Users\Sebbel\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Programme\Rainmeter\Plugins\CoreTemp.dll ()
MOD - C:\Programme\Rainmeter\Plugins\RecycleManager.dll ()
MOD - C:\Programme\Rainmeter\Plugins\WebParser.dll ()
MOD - C:\Programme\Rainmeter\Plugins\PowerPlugin.dll ()
MOD - C:\Programme\Rainmeter\Rainmeter.exe ()
MOD - C:\Programme\Rainmeter\Rainmeter.dll ()
MOD - C:\Programme\Core Temp\Core Temp.exe ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Windows\PLFSetI.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (nlsX86cc) -- C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor9.0) -- C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys File not found
DRV - (cmnsusbser) -- system32\DRIVERS\cmnsusbser.sys File not found
DRV - (ALSysIO) -- C:\Users\Sebbel\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (a0i9e8c3) --  File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (WinRing0_1_2_0) -- C:\Users\Sebbel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0.sys (OpenLibSys.org)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (FPSensor) -- C:\Windows\System32\drivers\FPSensor.sys (EgisTec)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (hidshim) -- C:\Windows\System32\drivers\hidshim.sys (Windows (R) Win 7 DDK provider)
DRV - (nuvotonhidgeneric) -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys (Nuvoton Technology Corporation)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (Ser2at) -- C:\Windows\System32\drivers\ser2at.sys (Prolific Technology Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_7738
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_7738
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Font Size = 01 00 00 00  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_7738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {452772A5-BF18-449E-9356-3885D3AF7256}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{452772A5-BF18-449E-9356-3885D3AF7256}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:9.8.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.05.02 13:04:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.05.02 13:04:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.05.02 13:04:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 01:19:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.27 07:10:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.08.10 11:56:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.06.13 11:19:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{8C17574E-F5C5-41b8-8B36-333FC7E67980}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\THBExt_2_x [2011.06.14 20:53:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{FD9B3EC6-8265-41fb-8A2F-4C5A22A95A7B}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\THBExt_3_1_x [2011.06.14 20:53:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 01:19:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.27 07:10:44 | 000,000,000 | ---D | M]
 
[2010.11.05 03:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebbel\AppData\Roaming\mozilla\Extensions
[2010.11.05 03:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebbel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.07.21 11:40:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebbel\AppData\Roaming\mozilla\Firefox\Profiles\v0k4xiaf.default\extensions
[2010.04.27 14:36:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sebbel\AppData\Roaming\mozilla\Firefox\Profiles\v0k4xiaf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.14 15:48:36 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Sebbel\AppData\Roaming\mozilla\Firefox\Profiles\v0k4xiaf.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011.11.11 09:14:58 | 000,000,000 | ---D | M] ("DownloadHelper [AU]") -- C:\Users\Sebbel\AppData\Roaming\mozilla\Firefox\Profiles\v0k4xiaf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.03.22 03:14:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.14 20:56:19 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2011.06.14 20:56:18 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2012.07.21 11:40:38 | 000,702,524 | ---- | M] () (No name found) -- C:\USERS\SEBBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0K4XIAF.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012.07.20 01:19:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.08.26 16:35:58 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.03.22 03:14:17 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.22 03:14:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.22 03:14:17 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.22 03:14:17 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.22 03:14:17 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.22 03:14:17 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.08.17 09:36:39 | 000,444,105 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1 sams.nikonimaging.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 15256 more lines...
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{492D7751-CB83-4A82-B4CA-0DE5BF260A3C}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: E:\Bilder\Wallpapers\1600 x 900\Gemma_1600 x 1200.jpg
O24 - Desktop BackupWallPaper: E:\Bilder\Wallpapers\1600 x 900\Gemma_1600 x 1200.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.05.24 01:16:23 | 000,000,000 | ---D | M] - E:\Automatisch zu iTunes hinzufügen -- [ NTFS ]
O32 - AutoRun File - [2012.07.11 12:33:26 | 000,000,000 | ---D | M] - F:\Automation -- [ NTFS ]
O33 - MountPoints2\{4016511d-66c8-11df-a6d7-001f16a3d6f0}\Shell - "" = AutoRun
O33 - MountPoints2\{4016511d-66c8-11df-a6d7-001f16a3d6f0}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{53c879d8-8312-11e0-9e37-0022fa71ec98}\Shell - "" = AutoRun
O33 - MountPoints2\{53c879d8-8312-11e0-9e37-0022fa71ec98}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{7fdd941e-4090-11df-9151-001f16a3d6f0}\Shell - "" = AutoRun
O33 - MountPoints2\{7fdd941e-4090-11df-9151-001f16a3d6f0}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{7fdd9425-4090-11df-9151-001f16a3d6f0}\Shell - "" = AutoRun
O33 - MountPoints2\{7fdd9425-4090-11df-9151-001f16a3d6f0}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{8494945b-15a9-11e0-915f-001f16a3d6f0}\Shell - "" = AutoRun
O33 - MountPoints2\{8494945b-15a9-11e0-915f-001f16a3d6f0}\Shell\AutoRun\command - "" = G:\OnSpcLCK.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.17 10:23:32 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Sebbel\Desktop\OTL.exe
[2012.08.17 10:09:36 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\AppData\Roaming\Malwarebytes
[2012.08.17 10:09:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.17 10:09:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.17 10:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.17 10:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.17 10:06:51 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Sebbel\Desktop\mbam-setup-1.62.0.1300.exe
[2012.08.16 03:02:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.16 03:02:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.16 03:02:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.16 03:02:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.16 03:02:11 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.16 03:02:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.16 03:02:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.16 00:38:43 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.16 00:38:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.08.08 21:21:23 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\AppData\Local\Chromium
[2012.08.08 21:21:10 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\Documents\Rockstar Games
[2012.08.08 20:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2012.08.08 20:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.08.08 19:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games
[2012.08.08 12:49:43 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\temp
[2012.08.08 12:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012.07.30 14:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.07.30 13:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
[2012.07.30 13:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\NAVIGON
[2012.07.26 12:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012.07.26 12:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
[2012.07.26 12:07:38 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\Documents\SelfMV
[2012.07.26 10:30:10 | 000,000,000 | ---D | C] -- C:\Temp
[2012.07.26 10:19:04 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\AppData\Local\Samsung
[2012.07.26 10:18:57 | 000,000,000 | ---D | C] -- C:\Users\Sebbel\Documents\samsung
[2012.07.26 10:17:48 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.07.26 10:17:48 | 000,080,824 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.07.26 10:16:36 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdm.sys
[2012.07.26 10:16:36 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdfl.sys
[2012.07.26 10:16:36 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcmnt.sys
[2012.07.26 10:16:36 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcm.sys
[2012.07.26 10:16:36 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwhnt.sys
[2012.07.26 10:16:36 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwh.sys
[2012.07.26 10:16:35 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdbus.sys
[2012.07.26 10:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012.07.26 10:15:24 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2012.07.26 10:14:54 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2012.07.26 10:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012.07.26 10:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.17 10:23:35 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Sebbel\Desktop\OTL.exe
[2012.08.17 10:08:33 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Sebbel\Desktop\mbam-setup-1.62.0.1300.exe
[2012.08.16 20:38:19 | 000,191,308 | ---- | M] () -- C:\Users\Sebbel\Desktop\BM54-Pinout-b.jpg
[2012.08.16 03:33:26 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 03:33:26 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 03:30:23 | 000,673,270 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.16 03:30:23 | 000,633,412 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.16 03:30:23 | 000,138,470 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.16 03:30:23 | 000,114,114 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.16 03:25:57 | 000,417,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.16 03:25:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.16 03:25:21 | 2411,929,600 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.15 19:56:06 | 001,075,629 | ---- | M] () -- C:\Users\Sebbel\Desktop\BM54-03.JPG
[2012.08.15 19:55:56 | 001,252,182 | ---- | M] () -- C:\Users\Sebbel\Desktop\BM54-02.JPG
[2012.08.01 18:28:53 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.01 18:28:53 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.26 17:00:30 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2012.07.26 12:08:15 | 000,008,192 | ---- | M] () -- C:\Users\Sebbel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.24 11:56:46 | 000,013,958 | -HS- | M] () -- C:\Users\Sebbel\Desktop\Folder.jpg
[2012.07.24 11:56:46 | 000,003,587 | -HS- | M] () -- C:\Users\Sebbel\Desktop\AlbumArtSmall.jpg
[2012.07.23 17:22:55 | 000,116,189 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012.07.23 17:22:55 | 000,098,168 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012.07.22 23:26:34 | 000,067,437 | ---- | M] () -- C:\Users\Sebbel\Desktop\Kuendigungsschreiben-E-Plus-Service-GmbH-&-Co.KG.pdf
[2012.07.18 19:47:53 | 002,345,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.16 20:38:16 | 000,191,308 | ---- | C] () -- C:\Users\Sebbel\Desktop\BM54-Pinout-b.jpg
[2012.08.15 19:56:06 | 001,075,629 | ---- | C] () -- C:\Users\Sebbel\Desktop\BM54-03.JPG
[2012.08.15 19:55:54 | 001,252,182 | ---- | C] () -- C:\Users\Sebbel\Desktop\BM54-02.JPG
[2012.08.08 12:49:40 | 000,001,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012.07.22 23:26:33 | 000,067,437 | ---- | C] () -- C:\Users\Sebbel\Desktop\Kuendigungsschreiben-E-Plus-Service-GmbH-&-Co.KG.pdf
[2012.06.26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.06.26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.06.26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.06.26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.06.26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.02.29 03:38:33 | 000,017,408 | ---- | C] () -- C:\Users\Sebbel\AppData\Local\WebpageIcons.db
[2012.01.18 13:12:36 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.01.18 13:12:36 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.11.24 23:16:57 | 000,000,218 | ---- | C] () -- C:\Users\Sebbel\.recently-used.xbel
[2011.10.08 20:03:25 | 000,000,600 | ---- | C] () -- C:\Users\Sebbel\AppData\Roaming\winscp.rnd
[2011.10.03 23:09:46 | 000,001,699 | ---- | C] () -- C:\Users\Sebbel\AppData\Roaming\System Monitor II_Settings.ini
[2011.10.03 23:02:52 | 000,000,485 | ---- | C] () -- C:\Users\Sebbel\AppData\Roaming\GPU Monitor_Settings.ini
[2011.09.30 09:37:28 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2011.09.30 09:34:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\Folder Actions Handlers
[2011.09.30 09:34:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\External Build System
[2011.09.30 09:33:59 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Fruit
[2011.09.30 09:33:59 | 000,000,268 | RH-- | C] () -- C:\Users\Sebbel\AppData\Roaming\Font Book
[2011.09.30 09:31:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdy.DAT
[2011.09.22 18:31:04 | 000,003,584 | ---- | C] () -- C:\Windows\System32\ColorEfexPro4FC32.dll
[2011.03.11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2011.02.21 23:17:34 | 000,316,928 | ---- | C] () -- C:\Windows\System32\SilverEfexPro2FC32.dll
[2011.02.15 12:11:48 | 000,003,072 | ---- | C] () -- C:\Windows\System32\Viveza2FC32.dll
[2011.02.10 15:26:37 | 000,000,796 | ---- | C] () -- C:\Users\Sebbel\.ufrawrc
[2011.02.06 15:52:59 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2011.02.05 14:41:26 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2010.12.17 00:50:18 | 000,316,928 | ---- | C] () -- C:\Windows\System32\HDREfexProFC32.dll
[2010.10.17 19:40:18 | 000,008,192 | ---- | C] () -- C:\Users\Sebbel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.27 16:30:07 | 000,000,231 | ---- | C] () -- C:\Users\Sebbel\IfolorJavaUpload.data
[2010.03.17 23:38:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.03.03 22:32:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010.02.05 11:53:51 | 000,007,651 | ---- | C] () -- C:\Users\Sebbel\AppData\Local\Resmon.ResmonCfg
[2010.02.04 04:52:37 | 000,000,094 | ---- | C] () -- C:\Users\Sebbel\AppData\Local\fusioncache.dat
[2010.01.16 17:14:26 | 000,022,328 | ---- | C] () -- C:\Users\Sebbel\AppData\Roaming\PnkBstrK.sys
[2009.12.02 03:33:57 | 000,000,993 | ---- | C] () -- C:\Users\Sebbel\bestvw32.ini
[2009.11.21 14:10:20 | 000,994,304 | -HS- | C] () -- C:\Users\Sebbel\ehthumbs_vista.db
[2009.08.25 19:33:46 | 000,000,268 | RH-- | C] () -- C:\Users\Sebbel\AppData\Roaming\Folder Actions
[2009.08.25 19:27:24 | 000,000,268 | RH-- | C] () -- C:\Users\Sebbel\AppData\Roaming\Flanger
[2009.02.14 01:50:34 | 030,351,360 | ---- | C] () -- C:\Users\Sebbel\AppData\Roaming\data

< End of report >
         
und

Code:
ATTFilter
OTL Extras logfile created on: 17.08.2012 10:24:32 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Sebbel\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,84% Memory free
7,48 Gb Paging File | 5,65 Gb Available in Paging File | 75,53% Paging File free
Paging file location(s): c:\pagefile.sys 4599 5120 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 45,33 Gb Free Space | 45,33% Space Free | Partition Type: NTFS
Drive D: | 81,16 Gb Total Space | 60,46 Gb Free Space | 74,49% Space Free | Partition Type: NTFS
Drive E: | 190,22 Gb Total Space | 36,66 Gb Free Space | 19,27% Space Free | Partition Type: NTFS
Drive F: | 81,61 Gb Total Space | 5,91 Gb Free Space | 7,24% Space Free | Partition Type: NTFS
 
Computer Name: SEBBEL-LAPTOP | User Name: Sebbel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0982DD00-83BA-4FD2-A3FC-AD193EB9D825}" = protocol=6 | dir=in | app=f:\far cry 2\bin\farcry2.exe | 
"{0A2A45B2-9912-45EE-B6D8-83FE19497154}" = protocol=17 | dir=in | app=f:\call of duty 4 - modern warfare\iw3mp.exe | 
"{0C86C043-5C4A-472B-8274-3D8D7AFC32B7}" = protocol=17 | dir=in | app=f:\battlefield 2\bf2.exe | 
"{12447328-4775-47F1-B878-02724A8BC580}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{21078CC6-B913-4BB9-AA2D-1AE5FD1902EB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{21EB10DD-2AA9-4EF0-ACAA-4484A45D8F15}" = protocol=17 | dir=in | app=f:\crysis\bin32\crysis.exe | 
"{34F81B5A-3789-4B6A-A78C-844DF32C3923}" = protocol=6 | dir=in | app=f:\crysis\bin32\crysisdedicatedserver.exe | 
"{3748A02B-81A0-4209-B693-AF6EBA30DD3C}" = protocol=6 | dir=in | app=f:\call of duty 4 - modern warfare\iw3mp.exe | 
"{3DF267D7-0167-48BB-B0BB-C265315C75DD}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{4B3A9181-203C-4C2C-AA76-0219761884D1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{56E0DFAE-6772-4CF8-BB01-ADB984044F9E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{5766175A-6ACD-45BA-AA5E-29190EF538D5}" = protocol=6 | dir=in | app=f:\far cry 2\bin\fc2launcher.exe | 
"{5942B663-E254-4D3E-9E12-14028AFBDE09}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{5C3BE6C0-C42C-4B10-8BF8-197F377E705A}" = protocol=6 | dir=in | app=f:\far cry 2\bin\fc2editor.exe | 
"{73846683-59F8-4C7E-9E6F-1D5E387EDDD1}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{75AD75DD-43CF-47E6-9DE6-52125879E316}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{767396C6-97AA-4E69-B6DE-4A709E7559B0}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"{8A58AE36-3BFF-4EFF-B126-BAFAFF9E977C}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{8D8272FB-F117-4EDD-9D4B-0AF1C2243A56}" = protocol=17 | dir=in | app=f:\far cry 2\bin\farcry2.exe | 
"{94730061-AF80-48C8-A427-8D94BF92EFAA}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{9A7ACE9D-D691-4B52-81A2-53B7D4154446}" = protocol=17 | dir=in | app=f:\far cry 2\bin\fc2editor.exe | 
"{A5B97F04-2D41-499D-AACB-D87885BB5754}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{B1515AFD-BCE0-40A5-9B67-37DBC1349612}" = protocol=17 | dir=in | app=f:\far cry 2\bin\fc2launcher.exe | 
"{B605D06C-8BB3-4EDF-8643-7596E81C21A2}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe | 
"{BAAECB3B-488C-40E5-A637-0693F7B509A3}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{BBDE9B04-5E1A-45D1-9DA0-44BCB75D19C6}" = protocol=6 | dir=in | app=f:\battlefield 2\bf2.exe | 
"{BC50639C-3919-4808-9004-57681D8BE131}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{C2363F15-6A22-44A4-B437-F5EA8FBA7698}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{CF2B55CF-0976-4209-9305-4F2972D8FFFC}" = protocol=17 | dir=in | app=f:\max payne 3\playmaxpayne3.exe | 
"{D33083BD-5560-4E01-A761-F4C33425B659}" = protocol=17 | dir=in | app=f:\crysis\bin32\crysisdedicatedserver.exe | 
"{D55F331A-41AC-44B3-8F41-CDBE39BB007D}" = protocol=6 | dir=in | app=f:\crysis\bin32\crysis.exe | 
"{E4848E1C-0A9E-48A9-8A36-D274028B094F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{EEB00607-1B07-40F3-A84D-5041F4F028CB}" = protocol=6 | dir=in | app=f:\max payne 3\playmaxpayne3.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{233B7701-98CE-4EB2-B6CD-670E2A855C0A}_is1" = Simson Tuning-Werkstatt 3D Version 2.4.4
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{23C08587-19F4-4BBC-9078-26CF8EB02256}" = PL-2303 Vista Driver Installer-ATEN
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi-Software
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4DC2C824-0D75-42C1-BECB-C5583676D253}" = The Panorama Factory V5 m32 Edition
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76CE5B47-F5A4-4E5C-99A0-CEFF6146EA4A}" = System Requirements Lab for Intel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91B7CEB3-4331-427B-AA7A-2898BE8F9DC6}" = Samsung PC Studio 3
"{92975DF9-EA36-4F36-A9AC-D412BC1D709E}" = Nuvoton EC Generic HID Driver
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9312191B-30A5-44E1-8D8D-6936FE06CDE8}" = Wanted: Weapons of Fate
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FDC7042-CB9F-4336-A14C-DF10F53762E2}" = Topaz Adjust 4
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AA0FB0B5-D853-4F87-9261-A4BC7D503E0D}" = Microsoft Image Composite Editor
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}" = Paragon Partition Manager 9.0 Professional
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.79.326
"{D155D300-C235-44FC-981C-F7B34683439C}" = Paragon Drive Backup 8.51 Professional Trial
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EA64BA80-4D21-4042-AEE5-CA708A564F64}" = DataLog
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE96C49B-DB90-405E-A00E-09E38372F880}" = Camera Control Pro 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Allied Intent Xtended" = Allied Intent Xtended 2.0
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"Automation" = Automation
"Bau AG" = Bau AG
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 4" = Color Efex Pro 4
"DataLog" = DataLog
"DriverAgent.exe" = DriverAgent by eSupport.com
"ElsterFormular  11.1.2.3848" = ElsterFormular 
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"Free Screen Video Recorder_is1" = Free Screen Video Recorder version 2.5.20.221
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IrfanView" = IrfanView (remove only)
"Kalender-Excel-8.8_is1" = Kalender-Excel-8.8
"LManager" = Launch Manager
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Modern Warfare 2 ALTERIWNET_is1" = Call of Duty Modern Warfare 2 ALTERIWNET(CREATED BY XEONKING©)
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.46b
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"New Coding Database" = New Coding Database 1.2
"Nokia Suite" = Nokia Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"OpenAL" = OpenAL
"PhotomatixPro41x32_is1" = Photomatix Pro version 4.1.2
"ProInst" = Intel PROSet Wireless
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sharpener Pro 3.0 Stand-Alone" = Sharpener Pro 3.0
"Silver Efex Pro 2" = Silver Efex Pro 2
"SysadmV10" = Sysadm
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 7" = TeamViewer 7
"TISV10" = Tis
"Topaz Adjust 4" = Topaz Adjust 4
"Trillian" = Trillian
"Tropico3" = Tropico 3 1.00
"UFRaw_is1" = UFRaw 0.17
"Videora iPod Converter" = Videora iPod Converter 6
"Viveza 2" = Viveza 2
"VLC media player" = VLC media player 1.0.1
"WinISD beta" = WinISD beta
"WinLiveSuite_Wave3" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.5
"Xvid_is1" = Xvid 1.2.2 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"MyFreeCodec" = MyFreeCodec
"PhotoZoom Pro 4" = BenVista PhotoZoom Pro 4.1
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.06.2012 19:11:29 | Computer Name = Sebbel-Laptop | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 28.06.2012 19:13:39 | Computer Name = Sebbel-Laptop | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 29.06.2012 11:45:51 | Computer Name = Sebbel-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
 Version: 11.3.300.262, Zeitstempel: 0x4fe20fae  Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
 Version: 11.3.300.262, Zeitstempel: 0x4fe21212  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x00490fb1  ID des fehlerhaften Prozesses: 0xbf4  Startzeit der fehlerhaften Anwendung:
 0x01cd560de93c5c63  Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
 804ea476-c201-11e1-8992-001f16a3d6f0
 
Error - 29.06.2012 18:31:36 | Computer Name = Sebbel-Laptop | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 29.06.2012 18:33:52 | Computer Name = Sebbel-Laptop | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 30.06.2012 19:35:23 | Computer Name = Sebbel-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
 Version: 11.3.300.262, Zeitstempel: 0x4fe20fae  Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
 Version: 11.3.300.262, Zeitstempel: 0x4fe21212  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x0002e214  ID des fehlerhaften Prozesses: 0x1160  Startzeit der fehlerhaften Anwendung:
 0x01cd5717ac32133e  Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
 42b05020-c30c-11e1-8992-001f16a3d6f0
 
Error - 02.07.2012 03:59:48 | Computer Name = Sebbel-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.07.2012 05:23:08 | Computer Name = Sebbel-Laptop | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 02.07.2012 05:25:23 | Computer Name = Sebbel-Laptop | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 03.07.2012 11:44:29 | Computer Name = Sebbel-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
 Version: 11.3.300.262, Zeitstempel: 0x4fe20fae  Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
 Version: 11.3.300.262, Zeitstempel: 0x4fe21212  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x0002e214  ID des fehlerhaften Prozesses: 0x177c  Startzeit der fehlerhaften Anwendung:
 0x01cd5932428e66f6  Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
 f91730e9-c525-11e1-9705-001f16a3d6f0
 
Error - 04.07.2012 04:53:45 | Computer Name = Sebbel-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.07.2012 04:54:50 | Computer Name = Sebbel-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 04.07.2012 04:54:50 | Computer Name = Sebbel-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 04.07.2012 06:45:40 | Computer Name = Sebbel-Laptop | Source = RasClient | ID = 20227
Description = 
 
[ OSession Events ]
Error - 11.02.2012 18:22:52 | Computer Name = Sebbel-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3285
 seconds with 3120 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 02.07.2012 03:59:30 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?07.?2012 um 01:00:42 unerwartet heruntergefahren.
 
Error - 04.07.2012 04:53:30 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?04.?07.?2012 um 09:08:47 unerwartet heruntergefahren.
 
Error - 09.07.2012 20:12:02 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?09.?07.?2012 um 13:13:10 unerwartet heruntergefahren.
 
Error - 11.07.2012 06:42:25 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?07.?2012 um 12:36:10 unerwartet heruntergefahren.
 
Error - 22.07.2012 19:46:19 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?23.?07.?2012 um 01:45:04 unerwartet heruntergefahren.
 
Error - 24.07.2012 05:38:18 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?24.?07.?2012 um 11:34:35 unerwartet heruntergefahren.
 
Error - 01.08.2012 12:26:44 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?08.?2012 um 18:25:11 unerwartet heruntergefahren.
 
Error - 08.08.2012 15:43:32 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?08.?08.?2012 um 21:41:52 unerwartet heruntergefahren.
 
Error - 14.08.2012 15:44:45 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?08.?2012 um 21:43:18 unerwartet heruntergefahren.
 
Error - 15.08.2012 21:26:00 | Computer Name = Sebbel-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?16.?08.?2012 um 03:24:09 unerwartet heruntergefahren.
 
 
< End of report >
         

Alt 21.08.2012, 12:14   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox startet doppelt - Standard

Firefox startet doppelt



Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Antwort

Themen zu Firefox startet doppelt
7-zip, adobe, audacity, avp.exe, bho, bonjour, converter, defender, desktop, error, explorer, fehler, firefox, flash player, format, home, install.exe, internet, launch, link geklickt, logfile, mozilla, mp3, msvcrt, office 2007, problem, pum.hijack.help, realtek, registry, richtlinie, rundll, safer networking, security, software, taskhost.exe, tastatur, temp, wallpapers



Ähnliche Themen: Firefox startet doppelt


  1. Doppelt unterstrichene Wörter in Firefox
    Plagegeister aller Art und deren Bekämpfung - 01.12.2014 (12)
  2. Windows 8: doppelt unterstrichene Wörter in Firefox, u.a. mpcdn1 . com
    Log-Analyse und Auswertung - 30.09.2014 (9)
  3. Blaue doppelt unterstrichene Wörter, Werbung (Firefox)
    Log-Analyse und Auswertung - 12.09.2014 (19)
  4. Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...
    Plagegeister aller Art und deren Bekämpfung - 07.07.2014 (20)
  5. Manche Wörter in Firefox grün und doppelt unterstrichen, virus?
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (11)
  6. Firefox, doppelt unterstrichene, grüne Textstellen, bei Mauszeigerkontakt Pop-up Werbung
    Log-Analyse und Auswertung - 18.01.2014 (5)
  7. Firefox, doppelt unterstrichene, grüne Textstellen, bei Mauszeigerkontakt Pop-up Werbung
    Plagegeister aller Art und deren Bekämpfung - 14.01.2014 (11)
  8. firefox, doppelt-unterstrichene grüne links mit popups
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (1)
  9. doppelt unterstrichene Wörter, Werbetabs, Popups bei Firefox
    Log-Analyse und Auswertung - 24.12.2013 (7)
  10. doppelt unterstrichene Wörter, Werbungsfenster, Firefox
    Log-Analyse und Auswertung - 20.11.2013 (13)
  11. Doppelt unterstrichene rote Links in Firefox
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (8)
  12. auch bei mir: doppelt unterstrichene Wörter, Werbungsfenster, Firefox
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (6)
  13. Firefox öffnet Tab zu Kreditwerbung oder FIrefox startet auch selbsbt mit der Krditwerbung
    Log-Analyse und Auswertung - 18.01.2012 (1)
  14. [doppelt] Searchqu im Firefox lässt sich nicht löschen!
    Mülltonne - 17.01.2012 (0)
  15. ie doppelt im TM und startet nach Beendigung von alleine neu
    Plagegeister aller Art und deren Bekämpfung - 24.02.2010 (15)
  16. Internet Explorer startet doppelt
    Plagegeister aller Art und deren Bekämpfung - 27.01.2010 (1)
  17. Firefox hat doppelt so viel Schwachstellen, als IE ....
    Alles rund um Windows - 03.10.2005 (3)

Zum Thema Firefox startet doppelt - habe seit einiger Zeit das Problem, dass Firefox doppelt gestartet wird, wenn ich z.B. Links aus e-mails öffne. ebenso habe ich meinen Desktop "gepimpt" mit Rainmeter und habe da ein - Firefox startet doppelt...
Archiv
Du betrachtest: Firefox startet doppelt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.