|
Anzeige:
|
|
|||||||
| Viren-Forum über Viren, Dialer, Trojaner, Spyware etc. |
EM-Tippspiel
Paule bei Facebook
Paule bei Twitter
Navigation
Letzte Forenthemen
Anzeige:
|
 |
|
|
LinkBack | Themen-Optionen | Ansicht |
01.11.2011, 19:03
|
#1 (Direktlink) |
|
Forenmaskottchen
 Registriert seit: 06.08.2005
Beiträge: 889
|
Firefox stürzt ab
Hallo,
Ich habe folgendes Problem. Firefox verhält sich seit geraumer seit etwas komisch. Es ist die aktuellste Version installiert. Öfters stürzt firefox einfach ab, vorallem aber, wenn ich eine Seite mit animierten bildern öffnen will, wo natürlich die ladezeit etwas länger dauert. Möchte aber sichergehen, bevor ich evtl. Firefox deinstalliere, neuinstalliere, einrichte. Manchmal habe ich das Gefühl, als ob Firefox irgendwas downloadet o.ä. Aber im Hintergrund  Hochfahren/Herunterfahren keinerlei Probleme. Auch an der Auslastung/Geschwindigkeit ist alles in Ordnung. Malwarebytes zeigt 0 Funde an. Habe einen Online-Scan durchgeführt: 0 Funde. Avira: 0 Funde RSIT: Info.txt Code:
info.txt logfile of random's system information tool 1.09 2011-11-01 18:59:43
======Uninstall list======
-->"C:\Program Files (x86)\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
Abacus UAV Predator for FSX-->MsiExec.exe /X{5F1B0E61-396D-4E09-AC6B-04BD33284D3E}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe -maintain plugin
Adobe Reader X (10.1.1) - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-AA1000000001}
Aerosoft's - F-16 Fighting Falcon-->C:\Program Files (x86)\InstallShield Installation Information\{A663BED9-978C-4A04-82A3-3029245055BE}\setup.exe -runfromtemp -l0x0007 -removeonly
Apple Application Support-->MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Asmedia ASM104x USB 3.0 Host Controller Driver-->MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
Atheros WiFi Driver Installation-->"C:\Program Files (x86)\InstallShield Installation Information\{7D916FA5-DAE9-4A25-B089-655C70EAF607}\setup.exe" -runfromtemp -l0x0407 -removeonly
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Audacity 1.3.13 (Unicode)-->"C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe"
Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield 2(TM)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x7 -removeonly
Battlefield 2: Special Forces-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x7 -removeonly
Brother MFL-Pro Suite MFC-J265W-->"C:\Program Files (x86)\InstallShield Installation Information\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}\Setup.exe" -runfromtemp -l0x0007 UNINSTALL Reg=BH9e2_C1 -removeonly
Common-->MsiExec.exe /I{C6017EEA-9E51-4129-84BA-EFA9520E69D8}
Contents-->MsiExec.exe /I{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}
Corel VideoStudio Pro X4-->c:\Program Files (x86)\Corel\Corel VideoStudio Pro X4\Setup\{AA902C31-B49D-4608-BCCF-2519EB77722D}\SetupARP.exe /arp
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DeviceIO-->MsiExec.exe /I{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}
DiRT 3-->MsiExec.exe /I{434D0FA0-AB8C-497F-B30A-7A1000018201}
Driver Genius Professional Edition-->"C:\Program Files (x86)\Driver-Soft\DriverGenius\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
Flughafen-Feuerwehr-Simulator Version 1.0-->"D:\Spiele\Flughafen-Feuerwehr-Simulator\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
GIANTS Editor 4.1.9-->"C:\Program Files (x86)\GIANTS Software\GIANTS_Editor_4.1.9\unins000.exe"
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
ICA-->MsiExec.exe /I{AA902C31-B49D-4608-BCCF-2519EB77722D}
ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
IPM_VS_Pro-->MsiExec.exe /I{A567895C-1D23-48ED-BE83-FB3ED7D30442}
ISCOM-->MsiExec.exe /I{D68897FC-7E8D-4849-819A-726B2489713C}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022F0}
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
Landwirtschafts Simulator 2011-->"D:\Spiele\Landwirtschafts Simulator 2011\unins000.exe"
Malwarebytes' Anti-Malware Version 1.51.2.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mozilla Firefox 7.0.1 (x86 de)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (7.0.1)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser und SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NVIDIA 3D Vision Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
OMSI - Der Omnibussimulator-->"C:\Program Files (x86)\InstallShield Installation Information\{9AE850A4-B89D-4875-A159-B1B64D717EFB}\setup.exe" -runfromtemp -l0x0407 -removeonly
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
OpenOffice.org 3.3-->MsiExec.exe /I{4286716B-1287-48E7-9078-3DC8248DBA96}
PureHD-->MsiExec.exe /I{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}
QuickTime-->MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}
Railworks 3 Train Simulator 2012 Deluxe-->"D:\Spiele\Railworks 3 Train Simulator 2012 Deluxe\unins000.exe"
Rainmeter-->C:\Program Files\Rainmeter\uninst.exe
Rapture3D 2.4.9 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
Rigs of Rods 0.38.60-->"D:\Spiele\Rigs of Rods 0.38\uninst.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Setup-->MsiExec.exe /I{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}
Share-->MsiExec.exe /I{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}
Skiregion Simulator 2012-->"D:\Spiele\Skiregion Simulator 2012\unins000.exe"
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SmartSound Common Data-->"C:\Program Files (x86)\InstallShield Installation Information\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Common Data-->MsiExec.exe /I{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}
SmartSound Quicktracks 5-->"C:\Program Files (x86)\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Quicktracks 5-->MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
VIO-->MsiExec.exe /I{C4778408-3268-45CE-AE15-772D1739A1F1}
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSClassic-->MsiExec.exe /I{3990E632-42C3-4A25-ADFF-1101E3D6DD47}
VSPro-->MsiExec.exe /I{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Wise Registry Cleaner 6.14-->"C:\Program Files (x86)\Wise Registry Cleaner\unins000.exe"
======System event log======
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Dienst "Distributed Link Tracking Client" befindet sich jetzt im Status "stopped".
Record Number: 5
Source Name: Service Control Manager
Time Written: 20101121035831.108772-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Dienst "Desktop Window Manager Session Manager" befindet sich jetzt im Status "stopped".
Record Number: 4
Source Name: Service Control Manager
Time Written: 20101121035831.108772-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Dienst "Power" befindet sich jetzt im Status "stopped".
Record Number: 3
Source Name: Service Control Manager
Time Written: 20101121035831.108772-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Dienst "Windows Event Log" befindet sich jetzt im Status "stopped".
Record Number: 2
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Dienst "Diagnostic Policy Service" befindet sich jetzt im Status "stopped".
Record Number: 1
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: 37L4247F27-25
Event Code: 5617
Message: Die Subsysteme des Windows-Verwaltungsinstrumentationsdienstes wurden erfolgreich initialisiert.
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20110908190051.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110908190045.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110908190034.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247F27-25
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110908190033.743344-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: 37L4247F27-25
Event Code: 1532
Message: Das Benutzerprofil wurde angehalten
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4735
Message: Eine sicherheitsaktivierte lokale Gruppe wurde geändert.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: 37L4247F27-25$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Gruppe:
Sicherheits-ID: S-1-5-32-551
Gruppenname: Sicherungs-Operatoren
Gruppendomäne: Builtin
Geänderte Attribute:
SAM-Kontoname: -
SID-Verlauf: -
Weitere Informationen:
Berechtigungen: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110908190003.073690-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247F27-25
Event Code: 4731
Message: Eine sicherheitsaktivierte lokale Gruppe wurde erstellt.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: 37L4247F27-25$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Neue Gruppe:
Sicherheits-ID: S-1-5-32-551
Gruppenname: Sicherungs-Operatoren
Gruppendomäne: Builtin
Attribute:
SAM-Kontoname: Sicherungs-Operatoren
SID-Verlauf: -
Weitere Informationen:
Berechtigungen: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110908190003.042490-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Eine Benutzerrichtlinien-Überwachungstabelle wurde erstellt.
Anzahl von Elementen: 0
Richtlinienkennung: 0x318e3
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110908190002.605689-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-0-0
Kontoname: -
Kontodomäne: -
Anmelde-ID: 0x0
Anmeldetyp: 0
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x4
Prozessname:
Netzwerkinformationen:
Arbeitsstationsname: -
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: -
Authentifizierungspaket: -
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110908185959.236083-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Windows wird gestartet.
Dieses Ereignis wird protokolliert, wenn LSASS.EXE gestartet und das Überwachungssubsystem initialisiert wird.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110908185959.017683-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Common Files\Ulead Systems\MPEG
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Code:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gaming at 2011-11-01 18:59:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 4008 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:36, on 01.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Gaming\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Gaming.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-946677370-2952259893-2354508949-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-946677370-2952259893-2354508949-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{D84B1B42-B12E-4C89-A426-98D8658D9F5E}: NameServer = 62.109.123.196 213.191.74.18
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9065 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\4kffcutc.default
prefs.js - "browser.startup.homepage" - "www.t-online.de"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detektor-Plug-In
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom-de.xml
bing.xml
eBay-de.xml
google.xml
leo_ende_de.xml
wikipedia-de.xml
yahoo-de.xml
C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\4kffcutc.default\extensions\
foxyproxy@eric.h.jung
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.dvacm"=c:\PROGRA~2\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-01 18:59:31 ----D---- C:\rsit
2011-11-01 18:59:31 ----D---- C:\Program Files (x86)\trend micro
2011-10-29 13:01:37 ----D---- C:\Users\Gaming\AppData\Roaming\Malwarebytes
2011-10-29 13:01:31 ----D---- C:\ProgramData\Malwarebytes
2011-10-29 13:01:27 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-27 15:38:04 ----D---- C:\Program Files (x86)\Common Files\Microsoft Games
2011-10-27 15:15:42 ----D---- C:\Windows\PCHEALTH
2011-10-27 15:15:24 ----D---- C:\Program Files (x86)\Microsoft Games
2011-10-26 13:23:23 ----D---- C:\Users\Gaming\AppData\Roaming\DMCache
2011-10-26 13:23:20 ----D---- C:\Program Files (x86)\Internet Download Manager
2011-10-23 18:45:53 ----D---- C:\Users\Gaming\AppData\Roaming\Rainmeter
2011-10-22 16:47:05 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-10-21 21:20:30 ----D---- C:\Program Files (x86)\GIANTS Software
2011-10-21 17:51:35 ----D---- C:\Users\Gaming\AppData\Roaming\Avira
2011-10-21 17:50:55 ----D---- C:\ProgramData\Avira
2011-10-21 17:50:55 ----D---- C:\Program Files (x86)\Avira
2011-10-18 15:27:44 ----D---- C:\Users\Gaming\AppData\Roaming\Audacity
2011-10-18 15:26:09 ----D---- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2011-10-13 23:34:12 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-10-13 23:34:11 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-10-13 23:34:11 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-10-13 23:34:11 ----A---- C:\Windows\SysWOW64\url.dll
2011-10-13 23:34:11 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-10-13 23:34:10 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-10-13 23:34:10 ----A---- C:\Windows\SysWOW64\jscript9.dll
2011-10-13 23:34:10 ----A---- C:\Windows\SysWOW64\jscript.dll
2011-10-13 23:34:10 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-10-13 23:34:09 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-10-13 23:34:08 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-10-13 14:24:25 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2011-10-13 14:24:16 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2011-10-13 14:24:16 ----A---- C:\Windows\SysWOW64\oleacc.dll
2011-10-12 12:55:15 ----D---- C:\Users\Gaming\AppData\Roaming\Wise Registry Cleaner
2011-10-12 12:55:08 ----D---- C:\Program Files (x86)\Wise Registry Cleaner
2011-10-08 20:25:52 ----D---- C:\Windows\Minidump
2011-10-04 21:27:25 ----D---- C:\Program Files (x86)\Microsoft WSE
2011-10-03 21:28:28 ----D---- C:\Program Files (x86)\EA GAMES
2011-10-03 12:55:00 ----D---- C:\Windows\SysWOW64\RTCOM
2011-10-03 12:54:29 ----A---- C:\Windows\SysWOW64\SFCOM.dll
2011-10-03 12:50:18 ----D---- C:\Windows\SysWOW64\sda
2011-10-03 12:50:14 ----A---- C:\Windows\SysWOW64\RtsUVStoricon.dll
2011-10-03 12:49:51 ----A---- C:\Windows\SysWOW64\log.txt
2011-10-03 12:49:48 ----D---- C:\Program Files (x86)\Common Files\postureAgent
2011-10-03 12:48:39 ----D---- C:\Program Files (x86)\Common Files\Intel
2011-10-03 12:45:43 ----D---- C:\Program Files (x86)\Atheros WiFi Driver Installation
2011-10-03 12:45:05 ----D---- C:\ProgramData\Atheros
2011-10-03 12:28:30 ----D---- C:\Program Files (x86)\Driver-Soft
2011-10-03 11:13:22 ----A---- C:\Windows\AsTaskSched.dll
2011-10-03 11:12:36 ----A---- C:\Windows\Language_trs.ini
======List of files/folders modified in the last 1 month======
2011-11-01 18:59:36 ----D---- C:\Windows\Prefetch
2011-11-01 18:59:33 ----D---- C:\Windows\Temp
2011-11-01 18:59:31 ----RD---- C:\Program Files (x86)
2011-11-01 18:30:06 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2011-11-01 17:06:25 ----D---- C:\Users\Gaming\AppData\Roaming\Skype
2011-11-01 14:13:40 ----D---- C:\Windows\System32
2011-11-01 14:13:40 ----D---- C:\Windows\inf
2011-11-01 12:50:16 ----SHD---- C:\System Volume Information
2011-11-01 12:43:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-29 16:53:08 ----D---- C:\Windows\SysWOW64\drivers
2011-10-29 13:01:31 ----HD---- C:\ProgramData
2011-10-28 12:05:31 ----D---- C:\Windows
2011-10-27 21:34:31 ----SHD---- C:\Windows\Installer
2011-10-27 16:51:35 ----D---- C:\Users\Gaming\AppData\Roaming\DAEMON Tools Lite
2011-10-27 16:31:22 ----RD---- C:\Program Files
2011-10-27 15:38:04 ----D---- C:\Program Files (x86)\Common Files
2011-10-27 15:37:56 ----RSD---- C:\Windows\assembly
2011-10-27 15:37:35 ----SD---- C:\ProgramData\Microsoft
2011-10-27 15:37:15 ----D---- C:\Windows\winsxs
2011-10-27 15:28:51 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-10-27 15:28:49 ----D---- C:\Windows\SysWOW64
2011-10-27 15:28:48 ----RSD---- C:\Windows\Fonts
2011-10-27 15:28:15 ----SD---- C:\Users\Gaming\AppData\Roaming\Microsoft
2011-10-27 10:48:43 ----A---- C:\Windows\SysWOW64\rpcnet.dll
2011-10-24 12:05:40 ----D---- C:\Program Files (x86)\Java
2011-10-23 12:43:41 ----D---- C:\Windows\Logs
2011-10-23 12:43:41 ----D---- C:\Windows\debug
2011-10-22 23:12:34 ----A---- C:\Windows\SysWOW64\rpcnetp.dll
2011-10-22 23:11:48 ----A---- C:\Windows\SysWOW64\rpcnetp.exe
2011-10-22 16:28:17 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2011-10-21 17:12:55 ----D---- C:\Program Files (x86)\JDownloader
2011-10-20 12:03:29 ----D---- C:\ProgramData\Codemasters
2011-10-15 15:12:15 ----D---- C:\Windows\Microsoft.NET
2011-10-14 11:57:58 ----D---- C:\Windows\SysWOW64\migration
2011-10-14 11:57:58 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-14 11:57:53 ----D---- C:\Windows\ehome
2011-10-12 13:01:41 ----D---- C:\Windows\SysWOW64\config
2011-10-12 12:53:49 ----D---- C:\Windows\Panther
2011-10-03 12:55:16 ----HD---- C:\Program Files (x86)\Temp
2011-10-03 12:53:14 ----D---- C:\Windows\SysWOW64\NV
2011-10-03 12:50:14 ----D---- C:\Program Files (x86)\Realtek
2011-10-03 12:49:44 ----D---- C:\Program Files (x86)\Intel
2011-10-03 04:06:16 ----A---- C:\Windows\SysWOW64\javaws.exe
2011-10-03 04:06:15 ----A---- C:\Windows\SysWOW64\javaw.exe
2011-10-03 04:06:14 ----A---- C:\Windows\SysWOW64\java.exe
2011-10-03 04:06:03 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2011-10-02 16:43:03 ----D---- C:\Users\Gaming\AppData\Roaming\vlc
2011-10-02 12:06:15 ----D---- C:\Program Files (x86)\Futuremark
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-25 17536]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display-Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
S1 ntiomin;ntiomin; C:\Windows\SysWOW64\drivers\ntiomin.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Gaming\AppData\Local\Temp\ALSysIO64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirSchedulerService;Avira Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
R2 AntiVirService;Avira Echtzeit Scanner; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-11 110032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-08 325912]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-09-19 75064]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2011-09-08 58288]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-08 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 934760]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
|
|
|
|
|
02.11.2011, 09:23
|
#2 (Direktlink) |
|
Forenmaskottchen
Registriert seit: 06.08.2005
Beiträge: 889
|
Hey,
Ich habe mir das mal durchgelesen und mir ist aufgefallen: Aerosoft's - F-16 Fighting Falcon-->C:\Program Files (x86)\InstallShield Installation Information\{A663BED9-978C-4A04-82A3-3029245055BE}\setup.exe -runfromtemp -l0x0007 -removeonly DiRT 3-->MsiExec.exe /I{434D0FA0-AB8C-497F-B30A-7A1000018201} besitze ich nicht mehr, habe diese bereits deinstalliert. scheinbar sind das noch Reste??? |
|
|
|
|
02.11.2011, 09:47
|
#3 (Direktlink) |
|
Wohnt hier
 
Registriert seit: 27.05.2008
Ort: Salem
Alter: 70
Beiträge: 2.026
|
Schau mal nach, ob du sie dort findest und eliminieren kannst:
C>Benutzer> dein Name>AppData>Roaming>Mozilla>Firefox>Profiles> dein Profil (in der Regel "default", wenn du kein anderes erstellt hast)>extensions... dort danach suchen und löschen. Du musst aber vorher in der Systemsteuerung bei Ordneroptionen>Ansicht>Versteckte Daten auf "Ausgeblendete... anzeigen" klicken. Sonst findest du nichts! 
__________________
Gruß Guenther ...Oldie But Even Goldie..... Komm an den Bodensee und fühle Dich unter netten Leuten wohl! Freie Software: «Freesoftpage hat die Lösung.» |
|
|
|
03.11.2011, 16:02
|
#4 (Direktlink) |
|
Forenmaskottchen
Registriert seit: 06.08.2005
Beiträge: 889
|
Dort ist nichts zu finden. Alles in Ordnung.
|
|
|
|
|
05.11.2011, 20:13
|
#5 (Direktlink) |
|
Forenmaskottchen
Registriert seit: 06.08.2005
Beiträge: 889
|
Da bis jetzt keine weitere antwort bekommen ist, denke ich mal ist alles in Ordnung.
|
|
|
|
|
|
|
| Lesezeichen |
| Themen-Optionen | |
| Ansicht | |
|
|
|
Ähnliche Themen
|
||||
| Thema | Autor | Forum | Antworten | Letzter Beitrag |
| DivX Stream in Firefox stürzt ab | shooky | Software - Allgemein | 0 | 19.03.2011 19:02 |
| Firefox stürzt bei Videos ab | rednero | Browser, eMail und Messenger | 1 | 17.08.2010 18:01 |
| Firefox 3 stürzt ab | emzeee | Software - Allgemein | 9 | 22.02.2009 16:03 |
| Firefox 2.0 stürzt ab | Masterknef | Browser, eMail und Messenger | 2 | 12.11.2006 19:22 |
| Firefox stürzt ab, danach Öffnen nicht mehr möglich | VivaVital | Browser, eMail und Messenger | 1 | 18.09.2006 09:19 |
Forum
Empfohlen: 
Linear-Darstellung
