| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows-Firewall: Problem bei AktivierungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.05.2012, 12:06
| #1 | ||||
 |  Windows-Firewall: Problem bei Aktivierung Ich wollte gestern ein Spiel über LAN spielen, jedoch hat es nicht geklappt. Ich habe deshalb auf meine Firwall geschaut und festgestellt, dass sie nicht Aktiviert ist. Beim Versuch die Firewall auf die "empfohlenen Einstellungen" zu setzen kommt die Fehlermeldung: Einige der Einstellungen können von der Windows-Firewall nicht geändert werden. Fehlercode 0x8007042c Beim Versuch den Dienst "Windows-Firewall" zu starten bekomme ich die Meldung: Der Dienst "Windows-Firewall" auf "Lokaler Computer" konnte nicht gestartet werden. Fehler 1068: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden. Meine Frage ist nun, wie ich die Firewall wieder zum laufen bekomme. Hier ein Hijack vorab und ein Malewarebytes Log wird noch nachgereicht. MfG Jan Zitat:
Zitat:
defogger für Euch geposted: Zitat:
[QUOTE].DDS Logfile: DDS Logfile: Code:
ATTFilter DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Jan at 13:19:42 on 2012-05-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3956.2385 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: FireWall *Enabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://de.ask.com/?l=dis&o=15768
uDefault_Page_URL = hxxp://packardbell.msn.com
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
BHO: QuickNet: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - QuickNet BHO
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{59758C0E-696C-4BE1-AC66-E17A98C91F9A} : NameServer = 192.168.172.1
TCP: Interfaces\{79B331BB-D5E6-4C20-80CD-43A9C607BE09} : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{79B331BB-D5E6-4C20-80CD-43A9C607BE09}\75C616E62313936333838373 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{AA2760F9-358B-4EFD-B446-7A473CBA2912} : DhcpNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v85xyih5.default\
FF - prefs.js: browser.startup.homepage - iGoogle
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\system32\DRIVERS\cnnctfy2.sys --> C:\Windows\system32\DRIVERS\cnnctfy2.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/25 20:03:01];C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-9-2 148976]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2012-2-25 83240]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-5-2 65536]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2012-2-25 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2012-2-25 292136]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-2-5 325200]
R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-6-29 255744]
R2 ntk_PowerDVD;ntk_PowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2012-2-25 75248]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-2 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-9-8 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\DRIVERS\LVUSBS64.sys --> C:\Windows\system32\DRIVERS\LVUSBS64.sys [?]
R3 S6000KNT;S6000KNT_WebCam Driver;C:\Windows\system32\Drivers\S6000KNT.sys --> C:\Windows\system32\Drivers\S6000KNT.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-Dienst (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-2 116648]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-27 257696]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2011-3-10 2428968]
S3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys --> C:\Windows\system32\drivers\dgderdrv.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-2 116648]
S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\Windows\system32\DRIVERS\sscebus.sys --> C:\Windows\system32\DRIVERS\sscebus.sys [?]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\Windows\system32\DRIVERS\sscemdfl.sys --> C:\Windows\system32\DRIVERS\sscemdfl.sys [?]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\Windows\system32\DRIVERS\sscemdm.sys --> C:\Windows\system32\DRIVERS\sscemdm.sys [?]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);C:\Windows\system32\DRIVERS\ssceserd.sys --> C:\Windows\system32\DRIVERS\ssceserd.sys [?]
S3 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-30 2358656]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2011-6-10 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-12 10:42:35 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B316BA9-C602-4CB7-B30D-16AD0A12B5A2}\offreg.dll
2012-05-12 10:28:35 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C526C3C4-3BBA-4F35-B8E3-B07F8CC76B6A}\gapaengine.dll
2012-05-12 10:28:33 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B316BA9-C602-4CB7-B30D-16AD0A12B5A2}\mpengine.dll
2012-05-12 10:22:41 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-05-12 10:22:38 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-05-12 10:22:06 -------- d-----w- C:\b9165a41f8fb39840d01
2012-05-12 09:04:02 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-12 09:04:02 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-12 09:04:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-11 23:40:06 -------- d-----w- C:\Users\Jan\AppData\Local\{9BFB1B92-CA77-4A4D-A66E-5C3D63ACD64E}
2012-05-11 23:39:43 -------- d-----w- C:\Users\Jan\AppData\Local\{60469E63-9856-4D42-9984-E2B1C295DED7}
2012-05-11 17:05:16 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-05-11 17:05:16 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-05-11 14:37:03 74856 ----a-w- C:\Users\Jan\cc_20120511_163659.reg
2012-05-11 11:06:29 7110656 ----a-w- C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
2012-05-11 06:29:20 6713344 ----a-w- C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe
2012-05-11 05:46:34 -------- d-----w- C:\Users\Jan\AppData\Local\{DBEC0F5A-AA60-4DFA-913D-8E3B59221DDA}
2012-05-11 05:46:11 -------- d-----w- C:\Users\Jan\AppData\Local\{DF91C9D0-2BAA-432D-A402-B743EF5B24FD}
2012-05-11 05:45:58 -------- d-----w- C:\Users\Jan\AppData\Local\{E067F6FD-8734-4595-AC86-4A9DFE3A88BD}
2012-05-11 05:32:09 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2012-05-10 06:52:30 -------- d-----w- C:\Users\Jan\AppData\Local\{291109E1-FB31-4868-8F81-3478284778A5}
2012-05-10 06:52:08 -------- d-----w- C:\Users\Jan\AppData\Local\{A69EF15C-6FAD-4EB3-B184-2CB4B9297826}
2012-05-10 06:51:56 -------- d-----w- C:\Users\Jan\AppData\Local\{1536EBFD-B2F7-4114-9C55-A6733200CE09}
2012-05-09 21:58:04 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-09 21:58:04 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-09 21:58:03 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-09 21:58:02 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-09 21:58:01 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 21:58:01 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 21:57:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-09 21:56:50 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 21:56:48 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 21:56:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 21:56:48 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-09 21:56:48 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 21:56:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 18:28:57 -------- d-----w- C:\Users\Jan\AppData\Local\{627859EA-04B6-4D11-9853-98759B2D7A11}
2012-05-09 18:28:40 -------- d-----w- C:\Users\Jan\AppData\Local\{9E55698E-3E8C-449A-ACB9-2C48A6644BE1}
2012-05-09 18:28:27 -------- d-----w- C:\Users\Jan\AppData\Local\{65A48F4A-1B94-479C-8AF1-671213587922}
2012-05-09 05:51:58 -------- d-----w- C:\Users\Jan\AppData\Local\{703EA242-0D0D-4675-8C53-2D41FD6DA4E6}
2012-05-09 05:51:46 -------- d-----w- C:\Users\Jan\AppData\Local\{0604182F-1481-4D2D-8AA9-CF1A0D2ADD20}
2012-05-08 04:54:15 -------- d-----w- C:\Users\Jan\AppData\Local\{674B50C6-9C15-4447-B7D2-567FE2C90141}
2012-05-08 04:54:03 -------- d-----w- C:\Users\Jan\AppData\Local\{3C0A5AA7-3C7E-4F92-A0A1-1651A033FFE3}
2012-05-08 04:53:52 -------- d-----w- C:\Users\Jan\AppData\Local\{5A5BD63D-9C75-4766-B209-6703CD978415}
2012-05-08 04:53:39 -------- d-----w- C:\Users\Jan\AppData\Local\{9BD00145-871C-4A28-B6AA-365269FD9F72}
2012-05-07 06:53:12 -------- d-----w- C:\Users\Jan\AppData\Local\{9240EFF0-C72F-4305-9C27-984D20A5ACF9}
2012-05-07 06:53:01 -------- d-----w- C:\Users\Jan\AppData\Local\{6AAAFEB0-7D91-4A84-B3DA-81B8317C2051}
2012-05-06 08:50:36 -------- d-----w- C:\Users\Jan\AppData\Local\{98C12F97-2F0D-471E-A971-EEE8885E8E9C}
2012-05-06 08:50:24 -------- d-----w- C:\Users\Jan\AppData\Local\{54C0AD0E-5328-458A-B64D-847BC4C3963A}
2012-05-05 08:12:53 -------- d-----w- C:\Users\Jan\AppData\Local\{F8D6B3D5-A0DA-4D37-BFB8-216BE0662712}
2012-05-05 08:12:40 -------- d-----w- C:\Users\Jan\AppData\Local\{DEDA9783-5169-440D-A2F6-1054E24336E8}
2012-05-04 07:07:36 -------- d-----w- C:\Users\Jan\AppData\Local\{D0C41BA7-D0DC-4A94-AB30-009BF5191FDD}
2012-05-04 07:07:25 -------- d-----w- C:\Users\Jan\AppData\Local\{B329BB63-686D-4D6A-B07E-8D6827F77088}
2012-05-04 07:07:04 -------- d-----w- C:\Users\Jan\AppData\Local\{D42B1458-9665-4E90-8917-1674CF7A312E}
2012-05-03 07:20:58 -------- d-----w- C:\Users\Jan\AppData\Local\{EE31E30A-96C3-4933-B1E2-686C40E2151B}
2012-05-03 07:20:35 -------- d-----w- C:\Users\Jan\AppData\Local\{A0C1F0E5-AB7B-47EE-B07A-E853C8E37833}
2012-05-03 07:20:22 -------- d-----w- C:\Users\Jan\AppData\Local\{8E025898-936A-4565-B13C-E736CCE3F5C5}
2012-05-02 19:53:26 -------- d-----w- C:\Users\Jan\AppData\Local\{4509CBE0-E9DA-4895-93E1-1C0DE5974B4B}
2012-05-02 19:53:03 -------- d-----w- C:\Users\Jan\AppData\Local\{D38C7BCE-CB9D-4F6C-ACAD-44FA558AAFAD}
2012-05-02 19:52:36 -------- d-----w- C:\Users\Jan\AppData\Local\{74A4C244-D663-4C20-82BC-2FD351F49484}
2012-05-02 06:49:05 -------- d-----w- C:\Users\Jan\AppData\Local\{D28FB98D-1C5F-4CE9-B98C-2ED1C5AD297D}
2012-05-02 06:48:53 -------- d-----w- C:\Users\Jan\AppData\Local\{F04D31FA-5B64-4434-A286-763C2C1AF372}
2012-05-01 15:33:56 -------- d-----w- C:\Users\Jan\AppData\Local\{D938C1C4-7908-4AD4-AAA1-66752E0FCA2D}
2012-05-01 15:33:45 -------- d-----w- C:\Users\Jan\AppData\Local\{151FEC80-43E8-482D-886E-2FB8A567D51E}
2012-05-01 15:33:25 -------- d-----w- C:\Users\Jan\AppData\Local\{82A452C0-4307-479B-A1C5-59CAFA1C9FA3}
2012-05-01 15:33:01 -------- d-----w- C:\Users\Jan\AppData\Local\{7784B843-4247-40D6-890D-AFA4FAB9ECA3}
2012-04-30 08:10:34 -------- d-----w- C:\Users\Jan\AppData\Local\{634F3BE6-C71B-45E3-B69C-DDD532DAFAE2}
2012-04-30 08:10:23 -------- d-----w- C:\Users\Jan\AppData\Local\{5CE8A7E3-FE62-40C4-B8F5-0EFC96667987}
2012-04-29 19:40:51 -------- d-----w- C:\Users\Jan\AppData\Local\{68E6FFAF-1D05-4B12-B26A-EA75D20F9C50}
2012-04-29 19:40:39 -------- d-----w- C:\Users\Jan\AppData\Local\{216F0FBF-A86D-438E-A70F-A72BAB058892}
2012-04-29 06:46:57 -------- d-----w- C:\Users\Jan\AppData\Local\{C4FD92CB-63E3-4FB6-A219-F44DEC2700DB}
2012-04-29 06:46:39 -------- d-----w- C:\Users\Jan\AppData\Local\{AB22CDCF-5D11-444C-9073-FBA6D1E9C164}
2012-04-29 06:46:14 -------- d-----w- C:\Users\Jan\AppData\Local\{7351A962-C7F2-4F83-9FF8-DAE5F2A80106}
2012-04-28 16:42:31 -------- d-----w- C:\Users\Jan\AppData\Local\{EF24ACCC-287E-46C7-9C90-602DA7536F7F}
2012-04-28 16:42:08 -------- d-----w- C:\Users\Jan\AppData\Local\{A68F3640-10F3-446B-B043-3714CAAA9E79}
2012-04-27 05:31:47 -------- d-----w- C:\Users\Jan\AppData\Local\{CA82F9E2-2D3D-4829-B038-FBF32AFE8CBF}
2012-04-27 05:31:35 -------- d-----w- C:\Users\Jan\AppData\Local\{4E42BAEC-91CC-4CF2-881B-F0C292716354}
2012-04-26 22:25:42 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-26 22:00:15 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-26 13:37:36 -------- d-----w- C:\Users\Jan\AppData\Local\{59474411-6CC7-4B3D-9053-3DFA4CE3309F}
2012-04-26 13:37:20 -------- d-----w- C:\Users\Jan\AppData\Local\{91437511-0408-47C1-AA8C-639FA5ED8BF3}
2012-04-25 21:21:14 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-25 21:21:08 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 21:21:08 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-25 05:46:42 -------- d-----w- C:\Users\Jan\AppData\Local\{E29F48AB-53DD-4759-B0F5-20BE7C5F9348}
2012-04-25 05:46:30 -------- d-----w- C:\Users\Jan\AppData\Local\{9F05B931-484C-4E34-B716-194ECBD617F7}
2012-04-24 05:32:14 -------- d-----w- C:\Users\Jan\AppData\Local\{3B6E10F3-BDF0-4B12-A53B-32FB351FC630}
2012-04-24 05:32:03 -------- d-----w- C:\Users\Jan\AppData\Local\{2C303763-1F98-45FD-B4F2-B287797911E2}
2012-04-23 11:17:26 -------- d-----w- C:\Users\Jan\AppData\Local\{A723C8EA-044A-4F52-B486-2D19DF848711}
2012-04-23 11:17:13 -------- d-----w- C:\Users\Jan\AppData\Local\{895BE932-5772-473F-9CAD-3955B735BE24}
2012-04-23 11:17:01 -------- d-----w- C:\Users\Jan\AppData\Local\{BF734E9D-1F23-4A1C-BA22-84A4D190EB4C}
2012-04-22 07:47:55 -------- d-----w- C:\Users\Jan\AppData\Local\{071363A0-A03D-4AAA-8840-199DDCD77EBE}
2012-04-22 07:47:43 -------- d-----w- C:\Users\Jan\AppData\Local\{B3F5B58A-9DBC-4BBA-B03A-2FBF6AF911B4}
2012-04-21 15:47:14 -------- d-----w- C:\Users\Jan\AppData\Local\{B32E2C8C-6801-42C2-94E0-EA130F1C7984}
2012-04-21 15:47:02 -------- d-----w- C:\Users\Jan\AppData\Local\{A0A7EDD7-49FE-4693-89BD-913A5395331A}
2012-04-20 05:13:40 -------- d-----w- C:\Users\Jan\AppData\Local\{C3970E1A-5A5D-47C9-BF44-359CE0392CE5}
2012-04-20 05:13:17 -------- d-----w- C:\Users\Jan\AppData\Local\{B2AB6B26-FBEE-421A-8B02-F7A3D0A928EA}
2012-04-19 05:32:54 -------- d-----w- C:\Users\Jan\AppData\Local\{92A5FEA5-9B4F-4EF8-BDD0-A1D4CA47AD58}
2012-04-19 05:32:43 -------- d-----w- C:\Users\Jan\AppData\Local\{9998E1E8-55AE-48CD-AC66-2591AE4D677E}
2012-04-19 05:32:22 -------- d-----w- C:\Users\Jan\AppData\Local\{C283C87D-7F2C-47F9-83BA-27FEB46BC21E}
2012-04-19 05:32:09 -------- d-----w- C:\Users\Jan\AppData\Local\{CE7AA5E6-EAAD-4EF8-95DC-4DDFDA9CC5DA}
2012-04-18 13:16:07 -------- d-----w- C:\Users\Jan\AppData\Local\{317B2113-14AA-4229-9704-116C8AC7F2CF}
2012-04-18 13:15:55 -------- d-----w- C:\Users\Jan\AppData\Local\{D35EDF6A-4EB0-4579-BB1C-151FF2E203A7}
2012-04-18 13:15:27 -------- d-----w- C:\Users\Jan\AppData\Local\{3477587D-5B13-45CC-BE8D-26E03911043D}
2012-04-17 09:27:35 -------- d-----w- C:\Users\Jan\AppData\Local\{F4D3A640-C0D8-4E74-AC72-B24F7D3E96D4}
2012-04-17 09:27:24 -------- d-----w- C:\Users\Jan\AppData\Local\{95A7B50D-B790-4099-9C71-5DA65518C5A0}
2012-04-17 09:26:47 -------- d-----w- C:\Users\Jan\AppData\Local\{4325D088-F790-404B-A09C-53BB8F62734C}
2012-04-17 09:26:30 -------- d-----w- C:\Users\Jan\AppData\Local\{5270E4A4-9DD2-48C8-BC90-E507F2624390}
2012-04-16 11:52:58 -------- d-----w- C:\Users\Jan\AppData\Local\{C8F52557-1CB5-417A-A5E2-6F107712E280}
2012-04-16 11:52:46 -------- d-----w- C:\Users\Jan\AppData\Local\{45C1C327-3DAB-4C1C-91B2-69C7031D65BC}
2012-04-15 17:51:18 -------- d-----w- C:\Users\Jan\AppData\Local\{0414252C-12D5-4F61-B204-54B3E9603119}
2012-04-15 17:51:06 -------- d-----w- C:\Users\Jan\AppData\Local\{2AF7B134-57F7-4AD9-8E7C-E339C088D8A0}
2012-04-15 05:33:57 -------- d-----w- C:\Users\Jan\AppData\Local\{A111FE9C-4AFD-4B31-930C-4765C54D72C2}
2012-04-15 05:33:46 -------- d-----w- C:\Users\Jan\AppData\Local\{0A169E14-5F8D-49A1-A2D0-8B1E5DA0A110}
2012-04-15 05:33:35 -------- d-----w- C:\Users\Jan\AppData\Local\{6E55DF41-116B-49C0-8205-BF0B9ABFF767}
2012-04-15 05:33:11 -------- d-----w- C:\Users\Jan\AppData\Local\{27A97243-D758-4F95-948D-F6C6073600ED}
2012-04-14 13:18:54 -------- d-----w- C:\Users\Jan\AppData\Local\{97F0BDF6-941D-427B-AFAF-478943F55A1A}
2012-04-14 13:18:42 -------- d-----w- C:\Users\Jan\AppData\Local\{C2AB2D9D-1835-43BB-8090-9E5543B99E05}
2012-04-14 13:17:50 -------- d-----w- C:\Windows\de
2012-04-14 13:15:43 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-04-14 13:12:43 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46dcda5c1cd1a4001\DSETUP.dll
2012-04-14 13:12:43 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46dcda5c1cd1a4001\DXSETUP.exe
2012-04-14 13:12:43 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46dcda5c1cd1a4001\dsetup32.dll
2012-04-14 13:12:43 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\472f1a401cd1a4002\MeshBetaRemover.exe
2012-04-14 13:06:38 -------- d-----w- C:\Users\Jan\AppData\Local\{1CA9C41C-F517-4B97-B890-74885405BF68}
2012-04-14 13:06:11 -------- d-----w- C:\Users\Jan\AppData\Local\{ECC1AF1A-4FD0-4984-87CE-DB1B6F709B89}
2012-04-13 15:21:10 -------- d-----w- C:\Users\Jan\AppData\Local\{D1C218BD-43F0-43C9-9DB4-D2EAD44B3DF3}
2012-04-13 15:20:13 -------- d-----w- C:\Users\Jan\AppData\Local\{5642012A-14C7-4A1D-AC88-21BC0666F5E3}
.
==================== Find3M ====================
.
2012-05-05 09:25:15 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-06 18:15:10 38632 ----a-w- C:\Windows\System32\drivers\taphss.sys
2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-03-08 16:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 16:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-14 10:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 13:20:56,54 ===============
--- --- --- --- --- --- und der Attach Log Zitat:
|
| Themen zu Windows-Firewall: Problem bei Aktivierung |
| 4d36e972-e325-11ce-bfc1-08002be10318, abhängigkeitsdienst, abhängigkeitsgruppe, acrobat update, bho, browser, computer, converter, cyberghost, dateisystem, desktop, device driver, document, einstellungen, fehlermeldung, flash player, frage, google, google earth, heuristiks/extra, heuristiks/shuriken, hijack, internet, internet explorer, kaspersky, launch, logfile, microsoft security, monitor, mozilla, mp3, notification, outlook 2010, packard bell, plug-in, problem, rundll, security, software, spielen, spyware, starten, tastatur, windows 7 home, windows-firewall |
Baum-Darstellung