Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows-Firewall: Problem bei Aktivierung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.05.2012, 12:06   #1
darkshoot
 
Windows-Firewall: Problem bei Aktivierung - Standard

Windows-Firewall: Problem bei Aktivierung



Ich wollte gestern ein Spiel über LAN spielen, jedoch hat es nicht geklappt.
Ich habe deshalb auf meine Firwall geschaut und festgestellt, dass sie nicht Aktiviert ist.

Beim Versuch die Firewall auf die "empfohlenen Einstellungen" zu setzen kommt die Fehlermeldung:
Einige der Einstellungen können von der Windows-Firewall nicht geändert werden.
Fehlercode 0x8007042c

Beim Versuch den Dienst "Windows-Firewall" zu starten bekomme ich die Meldung:
Der Dienst "Windows-Firewall" auf "Lokaler Computer" konnte nicht gestartet werden.

Fehler 1068: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.


Meine Frage ist nun, wie ich die Firewall wieder zum laufen bekomme.

Hier ein Hijack vorab und ein Malewarebytes Log wird noch nachgereicht.

MfG Jan

Zitat:
HiJackthis Logfile:
HiJackthis Logfile:
Code: Alles kopierenAlles auswählenLarusso Modus
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:47:19, on 12.05.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbws.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\***\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=15768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O2 - BHO: QuickNet - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59758C0E-696C-4BE1-AC66-E17A98C91F9A}: NameServer = 192.168.172.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{59758C0E-696C-4BE1-AC66-E17A98C91F9A}: NameServer = 192.168.172.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{59758C0E-696C-4BE1-AC66-E17A98C91F9A}: NameServer = 192.168.172.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15506 bytes
         
--- --- ---

--- --- ---
Zitat:
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.05.12.04

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus)
Internet Explorer 9.0.8112.16421
Jan :: PC-JAN [Administrator]

12.05.2012 11:08:05
mbam-log-2012-05-12 (11-08-05).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 456966
Laufzeit: 1 Stunde(n), 2 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Ich habe nochmal den Log von
defogger für Euch geposted:




Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:13 on 12/05/2012 (Jan)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
hier noch der dds Logfile

[QUOTE].DDS Logfile:
DDS Logfile:
Code:
ATTFilter
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_26
Run by Jan at 13:19:42 on 2012-05-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3956.2385 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: FireWall *Enabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://de.ask.com/?l=dis&o=15768
uDefault_Page_URL = hxxp://packardbell.msn.com
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
BHO: QuickNet: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - QuickNet BHO
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{59758C0E-696C-4BE1-AC66-E17A98C91F9A} : NameServer = 192.168.172.1
TCP: Interfaces\{79B331BB-D5E6-4C20-80CD-43A9C607BE09} : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{79B331BB-D5E6-4C20-80CD-43A9C607BE09}\75C616E62313936333838373 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{AA2760F9-358B-4EFD-B446-7A473CBA2912} : DhcpNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v85xyih5.default\
FF - prefs.js: browser.startup.homepage - iGoogle
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\system32\DRIVERS\cnnctfy2.sys --> C:\Windows\system32\DRIVERS\cnnctfy2.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/25 20:03:01];C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-9-2 148976]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2012-2-25 83240]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-5-2 65536]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2012-2-25 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2012-2-25 292136]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-2-5 325200]
R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-6-29 255744]
R2 ntk_PowerDVD;ntk_PowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2012-2-25 75248]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-2 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-9-8 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\DRIVERS\LVUSBS64.sys --> C:\Windows\system32\DRIVERS\LVUSBS64.sys [?]
R3 S6000KNT;S6000KNT_WebCam Driver;C:\Windows\system32\Drivers\S6000KNT.sys --> C:\Windows\system32\Drivers\S6000KNT.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-Dienst (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-2 116648]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-27 257696]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2011-3-10 2428968]
S3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys --> C:\Windows\system32\drivers\dgderdrv.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-2 116648]
S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\Windows\system32\DRIVERS\sscebus.sys --> C:\Windows\system32\DRIVERS\sscebus.sys [?]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\Windows\system32\DRIVERS\sscemdfl.sys --> C:\Windows\system32\DRIVERS\sscemdfl.sys [?]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\Windows\system32\DRIVERS\sscemdm.sys --> C:\Windows\system32\DRIVERS\sscemdm.sys [?]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);C:\Windows\system32\DRIVERS\ssceserd.sys --> C:\Windows\system32\DRIVERS\ssceserd.sys [?]
S3 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-30 2358656]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2011-6-10 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-12 10:42:35	69000	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B316BA9-C602-4CB7-B30D-16AD0A12B5A2}\offreg.dll
2012-05-12 10:28:35	927800	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C526C3C4-3BBA-4F35-B8E3-B07F8CC76B6A}\gapaengine.dll
2012-05-12 10:28:33	8917360	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B316BA9-C602-4CB7-B30D-16AD0A12B5A2}\mpengine.dll
2012-05-12 10:22:41	--------	d-----w-	C:\Program Files (x86)\Microsoft Security Client
2012-05-12 10:22:38	--------	d-----w-	C:\Program Files\Microsoft Security Client
2012-05-12 10:22:06	--------	d-----w-	C:\b9165a41f8fb39840d01
2012-05-12 09:04:02	24904	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-05-12 09:04:02	--------	d-----w-	C:\ProgramData\Malwarebytes
2012-05-12 09:04:02	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-11 23:40:06	--------	d-----w-	C:\Users\Jan\AppData\Local\{9BFB1B92-CA77-4A4D-A66E-5C3D63ACD64E}
2012-05-11 23:39:43	--------	d-----w-	C:\Users\Jan\AppData\Local\{60469E63-9856-4D42-9984-E2B1C295DED7}
2012-05-11 17:05:16	--------	d-----w-	C:\ProgramData\Kaspersky Lab
2012-05-11 17:05:16	--------	d-----w-	C:\Program Files (x86)\Kaspersky Lab
2012-05-11 14:37:03	74856	----a-w-	C:\Users\Jan\cc_20120511_163659.reg
2012-05-11 11:06:29	7110656	----a-w-	C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
2012-05-11 06:29:20	6713344	----a-w-	C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe
2012-05-11 05:46:34	--------	d-----w-	C:\Users\Jan\AppData\Local\{DBEC0F5A-AA60-4DFA-913D-8E3B59221DDA}
2012-05-11 05:46:11	--------	d-----w-	C:\Users\Jan\AppData\Local\{DF91C9D0-2BAA-432D-A402-B743EF5B24FD}
2012-05-11 05:45:58	--------	d-----w-	C:\Users\Jan\AppData\Local\{E067F6FD-8734-4595-AC86-4A9DFE3A88BD}
2012-05-11 05:32:09	--------	d-----w-	C:\Program Files (x86)\Microsoft Games
2012-05-10 06:52:30	--------	d-----w-	C:\Users\Jan\AppData\Local\{291109E1-FB31-4868-8F81-3478284778A5}
2012-05-10 06:52:08	--------	d-----w-	C:\Users\Jan\AppData\Local\{A69EF15C-6FAD-4EB3-B184-2CB4B9297826}
2012-05-10 06:51:56	--------	d-----w-	C:\Users\Jan\AppData\Local\{1536EBFD-B2F7-4114-9C55-A6733200CE09}
2012-05-09 21:58:04	1544704	----a-w-	C:\Windows\System32\DWrite.dll
2012-05-09 21:58:04	1077248	----a-w-	C:\Windows\SysWow64\DWrite.dll
2012-05-09 21:58:03	5559664	----a-w-	C:\Windows\System32\ntoskrnl.exe
2012-05-09 21:58:02	3146240	----a-w-	C:\Windows\System32\win32k.sys
2012-05-09 21:58:01	3968368	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 21:58:01	3913072	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 21:57:09	75120	----a-w-	C:\Windows\System32\drivers\partmgr.sys
2012-05-09 21:56:50	1918320	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2012-05-09 21:56:48	936960	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 21:56:48	1732096	----a-w-	C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 21:56:48	1402880	----a-w-	C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-09 21:56:48	1393664	----a-w-	C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 21:56:48	1367552	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 18:28:57	--------	d-----w-	C:\Users\Jan\AppData\Local\{627859EA-04B6-4D11-9853-98759B2D7A11}
2012-05-09 18:28:40	--------	d-----w-	C:\Users\Jan\AppData\Local\{9E55698E-3E8C-449A-ACB9-2C48A6644BE1}
2012-05-09 18:28:27	--------	d-----w-	C:\Users\Jan\AppData\Local\{65A48F4A-1B94-479C-8AF1-671213587922}
2012-05-09 05:51:58	--------	d-----w-	C:\Users\Jan\AppData\Local\{703EA242-0D0D-4675-8C53-2D41FD6DA4E6}
2012-05-09 05:51:46	--------	d-----w-	C:\Users\Jan\AppData\Local\{0604182F-1481-4D2D-8AA9-CF1A0D2ADD20}
2012-05-08 04:54:15	--------	d-----w-	C:\Users\Jan\AppData\Local\{674B50C6-9C15-4447-B7D2-567FE2C90141}
2012-05-08 04:54:03	--------	d-----w-	C:\Users\Jan\AppData\Local\{3C0A5AA7-3C7E-4F92-A0A1-1651A033FFE3}
2012-05-08 04:53:52	--------	d-----w-	C:\Users\Jan\AppData\Local\{5A5BD63D-9C75-4766-B209-6703CD978415}
2012-05-08 04:53:39	--------	d-----w-	C:\Users\Jan\AppData\Local\{9BD00145-871C-4A28-B6AA-365269FD9F72}
2012-05-07 06:53:12	--------	d-----w-	C:\Users\Jan\AppData\Local\{9240EFF0-C72F-4305-9C27-984D20A5ACF9}
2012-05-07 06:53:01	--------	d-----w-	C:\Users\Jan\AppData\Local\{6AAAFEB0-7D91-4A84-B3DA-81B8317C2051}
2012-05-06 08:50:36	--------	d-----w-	C:\Users\Jan\AppData\Local\{98C12F97-2F0D-471E-A971-EEE8885E8E9C}
2012-05-06 08:50:24	--------	d-----w-	C:\Users\Jan\AppData\Local\{54C0AD0E-5328-458A-B64D-847BC4C3963A}
2012-05-05 08:12:53	--------	d-----w-	C:\Users\Jan\AppData\Local\{F8D6B3D5-A0DA-4D37-BFB8-216BE0662712}
2012-05-05 08:12:40	--------	d-----w-	C:\Users\Jan\AppData\Local\{DEDA9783-5169-440D-A2F6-1054E24336E8}
2012-05-04 07:07:36	--------	d-----w-	C:\Users\Jan\AppData\Local\{D0C41BA7-D0DC-4A94-AB30-009BF5191FDD}
2012-05-04 07:07:25	--------	d-----w-	C:\Users\Jan\AppData\Local\{B329BB63-686D-4D6A-B07E-8D6827F77088}
2012-05-04 07:07:04	--------	d-----w-	C:\Users\Jan\AppData\Local\{D42B1458-9665-4E90-8917-1674CF7A312E}
2012-05-03 07:20:58	--------	d-----w-	C:\Users\Jan\AppData\Local\{EE31E30A-96C3-4933-B1E2-686C40E2151B}
2012-05-03 07:20:35	--------	d-----w-	C:\Users\Jan\AppData\Local\{A0C1F0E5-AB7B-47EE-B07A-E853C8E37833}
2012-05-03 07:20:22	--------	d-----w-	C:\Users\Jan\AppData\Local\{8E025898-936A-4565-B13C-E736CCE3F5C5}
2012-05-02 19:53:26	--------	d-----w-	C:\Users\Jan\AppData\Local\{4509CBE0-E9DA-4895-93E1-1C0DE5974B4B}
2012-05-02 19:53:03	--------	d-----w-	C:\Users\Jan\AppData\Local\{D38C7BCE-CB9D-4F6C-ACAD-44FA558AAFAD}
2012-05-02 19:52:36	--------	d-----w-	C:\Users\Jan\AppData\Local\{74A4C244-D663-4C20-82BC-2FD351F49484}
2012-05-02 06:49:05	--------	d-----w-	C:\Users\Jan\AppData\Local\{D28FB98D-1C5F-4CE9-B98C-2ED1C5AD297D}
2012-05-02 06:48:53	--------	d-----w-	C:\Users\Jan\AppData\Local\{F04D31FA-5B64-4434-A286-763C2C1AF372}
2012-05-01 15:33:56	--------	d-----w-	C:\Users\Jan\AppData\Local\{D938C1C4-7908-4AD4-AAA1-66752E0FCA2D}
2012-05-01 15:33:45	--------	d-----w-	C:\Users\Jan\AppData\Local\{151FEC80-43E8-482D-886E-2FB8A567D51E}
2012-05-01 15:33:25	--------	d-----w-	C:\Users\Jan\AppData\Local\{82A452C0-4307-479B-A1C5-59CAFA1C9FA3}
2012-05-01 15:33:01	--------	d-----w-	C:\Users\Jan\AppData\Local\{7784B843-4247-40D6-890D-AFA4FAB9ECA3}
2012-04-30 08:10:34	--------	d-----w-	C:\Users\Jan\AppData\Local\{634F3BE6-C71B-45E3-B69C-DDD532DAFAE2}
2012-04-30 08:10:23	--------	d-----w-	C:\Users\Jan\AppData\Local\{5CE8A7E3-FE62-40C4-B8F5-0EFC96667987}
2012-04-29 19:40:51	--------	d-----w-	C:\Users\Jan\AppData\Local\{68E6FFAF-1D05-4B12-B26A-EA75D20F9C50}
2012-04-29 19:40:39	--------	d-----w-	C:\Users\Jan\AppData\Local\{216F0FBF-A86D-438E-A70F-A72BAB058892}
2012-04-29 06:46:57	--------	d-----w-	C:\Users\Jan\AppData\Local\{C4FD92CB-63E3-4FB6-A219-F44DEC2700DB}
2012-04-29 06:46:39	--------	d-----w-	C:\Users\Jan\AppData\Local\{AB22CDCF-5D11-444C-9073-FBA6D1E9C164}
2012-04-29 06:46:14	--------	d-----w-	C:\Users\Jan\AppData\Local\{7351A962-C7F2-4F83-9FF8-DAE5F2A80106}
2012-04-28 16:42:31	--------	d-----w-	C:\Users\Jan\AppData\Local\{EF24ACCC-287E-46C7-9C90-602DA7536F7F}
2012-04-28 16:42:08	--------	d-----w-	C:\Users\Jan\AppData\Local\{A68F3640-10F3-446B-B043-3714CAAA9E79}
2012-04-27 05:31:47	--------	d-----w-	C:\Users\Jan\AppData\Local\{CA82F9E2-2D3D-4829-B038-FBF32AFE8CBF}
2012-04-27 05:31:35	--------	d-----w-	C:\Users\Jan\AppData\Local\{4E42BAEC-91CC-4CF2-881B-F0C292716354}
2012-04-26 22:25:42	8744608	----a-w-	C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-26 22:00:15	419488	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-26 13:37:36	--------	d-----w-	C:\Users\Jan\AppData\Local\{59474411-6CC7-4B3D-9053-3DFA4CE3309F}
2012-04-26 13:37:20	--------	d-----w-	C:\Users\Jan\AppData\Local\{91437511-0408-47C1-AA8C-639FA5ED8BF3}
2012-04-25 21:21:14	--------	d-----w-	C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-25 21:21:08	157352	----a-w-	C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 21:21:08	129976	----a-w-	C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-25 05:46:42	--------	d-----w-	C:\Users\Jan\AppData\Local\{E29F48AB-53DD-4759-B0F5-20BE7C5F9348}
2012-04-25 05:46:30	--------	d-----w-	C:\Users\Jan\AppData\Local\{9F05B931-484C-4E34-B716-194ECBD617F7}
2012-04-24 05:32:14	--------	d-----w-	C:\Users\Jan\AppData\Local\{3B6E10F3-BDF0-4B12-A53B-32FB351FC630}
2012-04-24 05:32:03	--------	d-----w-	C:\Users\Jan\AppData\Local\{2C303763-1F98-45FD-B4F2-B287797911E2}
2012-04-23 11:17:26	--------	d-----w-	C:\Users\Jan\AppData\Local\{A723C8EA-044A-4F52-B486-2D19DF848711}
2012-04-23 11:17:13	--------	d-----w-	C:\Users\Jan\AppData\Local\{895BE932-5772-473F-9CAD-3955B735BE24}
2012-04-23 11:17:01	--------	d-----w-	C:\Users\Jan\AppData\Local\{BF734E9D-1F23-4A1C-BA22-84A4D190EB4C}
2012-04-22 07:47:55	--------	d-----w-	C:\Users\Jan\AppData\Local\{071363A0-A03D-4AAA-8840-199DDCD77EBE}
2012-04-22 07:47:43	--------	d-----w-	C:\Users\Jan\AppData\Local\{B3F5B58A-9DBC-4BBA-B03A-2FBF6AF911B4}
2012-04-21 15:47:14	--------	d-----w-	C:\Users\Jan\AppData\Local\{B32E2C8C-6801-42C2-94E0-EA130F1C7984}
2012-04-21 15:47:02	--------	d-----w-	C:\Users\Jan\AppData\Local\{A0A7EDD7-49FE-4693-89BD-913A5395331A}
2012-04-20 05:13:40	--------	d-----w-	C:\Users\Jan\AppData\Local\{C3970E1A-5A5D-47C9-BF44-359CE0392CE5}
2012-04-20 05:13:17	--------	d-----w-	C:\Users\Jan\AppData\Local\{B2AB6B26-FBEE-421A-8B02-F7A3D0A928EA}
2012-04-19 05:32:54	--------	d-----w-	C:\Users\Jan\AppData\Local\{92A5FEA5-9B4F-4EF8-BDD0-A1D4CA47AD58}
2012-04-19 05:32:43	--------	d-----w-	C:\Users\Jan\AppData\Local\{9998E1E8-55AE-48CD-AC66-2591AE4D677E}
2012-04-19 05:32:22	--------	d-----w-	C:\Users\Jan\AppData\Local\{C283C87D-7F2C-47F9-83BA-27FEB46BC21E}
2012-04-19 05:32:09	--------	d-----w-	C:\Users\Jan\AppData\Local\{CE7AA5E6-EAAD-4EF8-95DC-4DDFDA9CC5DA}
2012-04-18 13:16:07	--------	d-----w-	C:\Users\Jan\AppData\Local\{317B2113-14AA-4229-9704-116C8AC7F2CF}
2012-04-18 13:15:55	--------	d-----w-	C:\Users\Jan\AppData\Local\{D35EDF6A-4EB0-4579-BB1C-151FF2E203A7}
2012-04-18 13:15:27	--------	d-----w-	C:\Users\Jan\AppData\Local\{3477587D-5B13-45CC-BE8D-26E03911043D}
2012-04-17 09:27:35	--------	d-----w-	C:\Users\Jan\AppData\Local\{F4D3A640-C0D8-4E74-AC72-B24F7D3E96D4}
2012-04-17 09:27:24	--------	d-----w-	C:\Users\Jan\AppData\Local\{95A7B50D-B790-4099-9C71-5DA65518C5A0}
2012-04-17 09:26:47	--------	d-----w-	C:\Users\Jan\AppData\Local\{4325D088-F790-404B-A09C-53BB8F62734C}
2012-04-17 09:26:30	--------	d-----w-	C:\Users\Jan\AppData\Local\{5270E4A4-9DD2-48C8-BC90-E507F2624390}
2012-04-16 11:52:58	--------	d-----w-	C:\Users\Jan\AppData\Local\{C8F52557-1CB5-417A-A5E2-6F107712E280}
2012-04-16 11:52:46	--------	d-----w-	C:\Users\Jan\AppData\Local\{45C1C327-3DAB-4C1C-91B2-69C7031D65BC}
2012-04-15 17:51:18	--------	d-----w-	C:\Users\Jan\AppData\Local\{0414252C-12D5-4F61-B204-54B3E9603119}
2012-04-15 17:51:06	--------	d-----w-	C:\Users\Jan\AppData\Local\{2AF7B134-57F7-4AD9-8E7C-E339C088D8A0}
2012-04-15 05:33:57	--------	d-----w-	C:\Users\Jan\AppData\Local\{A111FE9C-4AFD-4B31-930C-4765C54D72C2}
2012-04-15 05:33:46	--------	d-----w-	C:\Users\Jan\AppData\Local\{0A169E14-5F8D-49A1-A2D0-8B1E5DA0A110}
2012-04-15 05:33:35	--------	d-----w-	C:\Users\Jan\AppData\Local\{6E55DF41-116B-49C0-8205-BF0B9ABFF767}
2012-04-15 05:33:11	--------	d-----w-	C:\Users\Jan\AppData\Local\{27A97243-D758-4F95-948D-F6C6073600ED}
2012-04-14 13:18:54	--------	d-----w-	C:\Users\Jan\AppData\Local\{97F0BDF6-941D-427B-AFAF-478943F55A1A}
2012-04-14 13:18:42	--------	d-----w-	C:\Users\Jan\AppData\Local\{C2AB2D9D-1835-43BB-8090-9E5543B99E05}
2012-04-14 13:17:50	--------	d-----w-	C:\Windows\de
2012-04-14 13:15:43	48488	----a-w-	C:\Windows\System32\drivers\fssfltr.sys
2012-04-14 13:12:43	89944	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\46dcda5c1cd1a4001\DSETUP.dll
2012-04-14 13:12:43	537432	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\46dcda5c1cd1a4001\DXSETUP.exe
2012-04-14 13:12:43	1801048	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\46dcda5c1cd1a4001\dsetup32.dll
2012-04-14 13:12:43	15712	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\472f1a401cd1a4002\MeshBetaRemover.exe
2012-04-14 13:06:38	--------	d-----w-	C:\Users\Jan\AppData\Local\{1CA9C41C-F517-4B97-B890-74885405BF68}
2012-04-14 13:06:11	--------	d-----w-	C:\Users\Jan\AppData\Local\{ECC1AF1A-4FD0-4984-87CE-DB1B6F709B89}
2012-04-13 15:21:10	--------	d-----w-	C:\Users\Jan\AppData\Local\{D1C218BD-43F0-43C9-9DB4-D2EAD44B3DF3}
2012-04-13 15:20:13	--------	d-----w-	C:\Users\Jan\AppData\Local\{5642012A-14C7-4A1D-AC88-21BC0666F5E3}
.
==================== Find3M  ====================
.
2012-05-05 09:25:15	70304	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-06 18:15:10	38632	----a-w-	C:\Windows\System32\drivers\taphss.sys
2012-03-20 18:44:12	98688	----a-w-	C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12	203888	----a-w-	C:\Windows\System32\drivers\MpFilter.sys
2012-03-08 16:50:28	49016	----a-w-	C:\Windows\SysWow64\sirenacm.dll
2012-03-08 16:37:20	302448	----a-w-	C:\Windows\WLXPGSS.SCR
2012-03-01 06:46:16	23408	----a-w-	C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27	220672	----a-w-	C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50	81408	----a-w-	C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47	5120	----a-w-	C:\Windows\System32\wmi.dll
2012-03-01 05:37:41	172544	----a-w-	C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23	159232	----a-w-	C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16	5120	----a-w-	C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48	2311168	----a-w-	C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56	1390080	----a-w-	C:\Windows\System32\wininet.dll
2012-02-28 06:48:57	1493504	----a-w-	C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55	1799168	----a-w-	C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21	1427456	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07	1127424	----a-w-	C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26	1031680	----a-w-	C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22	826880	----a-w-	C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24	210944	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32	23552	----a-w-	C:\Windows\System32\drivers\tdtcp.sys
2012-02-14 10:09:44	1070352	----a-w-	C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 13:20:56,54 ===============
         
[/CODE]
--- --- ---
--- --- ---



und der Attach Log

Zitat:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 09.03.2011 18:27:17
System Uptime: 12.05.2012 12:11:29 (1 hours ago)
.
Motherboard: Packard Bell | | EasyNote LM98
Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz | CPU 1 | 1596/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 21,35 GiB free.
D: is CDROM ()
E: is Removable
F: is CDROM ()
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9
Device ID: ROOT\NET\0000
Manufacturer: TAP-Win32 Provider V9
Name: TAP-Win32 Adapter V9
PNP Device ID: ROOT\NET\0000
Service: tap0901
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
1.3M WebCam
Acrobat.com
Adobe AIR
Adobe Photoshop Elements 8.0
Adobe Reader X (10.1.3) - Deutsch
Agatha Christie - Death on the Nile
Age of Mythology
Age of Mythology - The Titans Expansion
AGEIA PhysX v7.09.13
Alcor Micro USB Card Reader
ASIO4ALL
Assassin's Creed Brotherhood
Audacity 1.2.6
Audiosurf
Backup Manager Basic
Bejeweled 2 Deluxe
Blur(TM)
Build-a-lot 2
Burnout(TM) Paradise The Ultimate Box
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Dedicated Server
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help English
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink PowerDVD 11
D3DX10
DAEMON Tools Pro
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dropbox
eReg
Facebook Video Calling 1.2.0.159
Farm Frenzy
FATE
Final Drive Nitro
Free DVD Video Burner version 3.1.4.221
Free MP4 Video Converter version 5.0.6.221
Free Studio version 5.3.5
Free Video to DVD Converter version 5.0.6.221
Gamers.IRC 6.01
Google Chrome
Google Earth Plug-in
Google Update Helper
GTA San Andreas
Haali Media Splitter
HandBrake 0.9.6
High-Definition Video Playback
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Identity Card
ImagXpress
Insaniquarium Deluxe
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
Java Auto Updater
Java(TM) 6 Update 26
JDownloader 0.9
Jewel Quest Solitaire 2
John Deere Drive Green
Junk Mail filter update
Kaspersky Internet Security 2012
Launch Manager
League of Legends
Magic DVD Ripper V5.5.2
Malwarebytes Anti-Malware Version 1.61.0.1400
Mesh Runtime
Messenger Companion
Messenger Plus! 5
Microsoft Corporation
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Groove MUI (German) 2010
Microsoft Office InfoPath MUI (German) 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Word MUI (German) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
mIRC
Mozilla Firefox 12.0 (x86 de)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
MyFreeCodec
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero MediaHub 10
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
neroxml
No23 Recorder
No23Live
OutlookAddInNet3Setup
Packard Bell Games
Packard Bell InfoCentre
Packard Bell MyBackup
Packard Bell Power Management
Packard Bell Recovery Management
Packard Bell Registration
Packard Bell ScreenSaver
Packard Bell Updater
Pando Media Booster
Penguins!
Plants vs. Zombies
Polar Bowler
Polar Golfer
PunkBuster Services
Realtek High Definition Audio Driver
Samsung Kies
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
SHOUTcast DSP Plug-in v2
Skype™ 5.8
Steam
TeamSpeak 2 RC2
TeamSpeak 3 Client
TeamViewer 6
TeamViewer 7
Text-To-Speech-Runtime
TmNationsForever
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Video mp3 Extractor
Video Web Camera
Virtual DJ - Atomix Productions
Virtual DJ Pro Full - Atomix Productions
Virtual Villagers 4 - The Tree of Life
Warcraft III
Warcraft III: All Products
Welcome Center
Win7codecs
Winamp
Winamp Erkennungs-Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
yEd Graph Editor 3.9
Zuma's Revenge
Zuma Deluxe
.
==== End Of File ===========================

Alt 12.05.2012, 16:20   #2
markusg
/// Malware-holic
 
Windows-Firewall: Problem bei Aktivierung - Standard

Windows-Firewall: Problem bei Aktivierung



hi,
1. malwarebytes log(s) mit funden posten bitte.
2.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Antwort

Themen zu Windows-Firewall: Problem bei Aktivierung
4d36e972-e325-11ce-bfc1-08002be10318, abhängigkeitsdienst, abhängigkeitsgruppe, acrobat update, bho, browser, computer, converter, cyberghost, dateisystem, desktop, device driver, document, einstellungen, fehlermeldung, flash player, frage, google, google earth, heuristiks/extra, heuristiks/shuriken, hijack, internet, internet explorer, kaspersky, launch, logfile, microsoft security, monitor, mozilla, mp3, notification, outlook 2010, packard bell, plug-in, problem, rundll, security, software, spielen, spyware, starten, tastatur, windows 7 home, windows-firewall



Ähnliche Themen: Windows-Firewall: Problem bei Aktivierung


  1. Win 7 auf neue SSD kopiert: Problem mit Aktivierung
    Alles rund um Windows - 22.10.2015 (29)
  2. Problem mit Windows-Aktivierung nach Windows Neuinstallation
    Alles rund um Windows - 11.03.2014 (2)
  3. Problem mit der Windows 7 Firewall
    Plagegeister aller Art und deren Bekämpfung - 25.04.2013 (31)
  4. Windows-Firewall: Problem bei Aktivierung
    Mülltonne - 12.05.2012 (1)
  5. Windows XP aktivierung umgehen
    Mülltonne - 03.01.2012 (0)
  6. Nach Entfernung SecurityShield keine Windows Firewall-Aktivierung mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (13)
  7. Windows 7 Aktivierung (Virus?)
    Plagegeister aller Art und deren Bekämpfung - 23.08.2011 (7)
  8. Windows Aktivierung fehlerhaft
    Alles rund um Windows - 10.07.2011 (28)
  9. firewall aktivierung
    Antiviren-, Firewall- und andere Schutzprogramme - 07.08.2010 (27)
  10. Windows Firewall Problem!
    Alles rund um Windows - 23.07.2010 (8)
  11. Windows Firewall PRoblem
    Alles rund um Windows - 13.05.2008 (0)
  12. Probleme mit der Aktivierung der Windows Firewall
    Antiviren-, Firewall- und andere Schutzprogramme - 05.01.2008 (17)
  13. Windows XP Aktivierung
    Alles rund um Windows - 28.06.2007 (1)
  14. Windows blockt mit Aktivierung
    Alles rund um Windows - 21.02.2007 (2)
  15. Problem mit Windows Firewall
    Log-Analyse und Auswertung - 12.09.2006 (10)
  16. Windows-firewall problem!
    Alles rund um Windows - 23.11.2005 (11)
  17. Riesen Problem mit Windows SP2 Firewall
    Antiviren-, Firewall- und andere Schutzprogramme - 19.07.2005 (2)

Zum Thema Windows-Firewall: Problem bei Aktivierung - Ich wollte gestern ein Spiel über LAN spielen, jedoch hat es nicht geklappt. Ich habe deshalb auf meine Firwall geschaut und festgestellt, dass sie nicht Aktiviert ist. Beim Versuch die - Windows-Firewall: Problem bei Aktivierung...
Archiv
Du betrachtest: Windows-Firewall: Problem bei Aktivierung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.