Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Firewall wird immer wieder unbemerkt deaktiviert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.12.2012, 20:53   #31
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



der ganze adwcleaner ist weg. wenn ich neu downloaden will, erscheint diese meldung und ich kann nur noch auf ok klicken:

C:\Users\Denise\Downloads\adwcleaner.exe konnte nicht gespeichert werden, weil Sie die Inhalte dieses Ordners nicht ändern können.

Ändern Sie die Ordnereigenschaften und versuchen Sie es nochmals oder versuchen Sie, an einem anderen Ort zu speichern.

Alt 03.12.2012, 21:02   #32
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Rechtsklick hier rauf >>>> http://filepony.de/download-adwcleaner/ und Ziel speichern unter => Desktop
__________________

__________________

Alt 04.12.2012, 00:13   #33
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Code:
ATTFilter
# AdwCleaner v2.011 - Datei am 03/12/2012 um 20:03:25 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Denise - DENISE-JÜRGENPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Denise\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

# AdwCleaner v2.011 - Datei am 04/12/2012 um 00:05:11 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Denise - DENISE-JÜRGENPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Denise\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****
         
aber nun stürzt der adobe flash player ab... und es kam auch kein neustart. es kam für einen bruchteil einer sekunde ein fenster mit roter schrift: ich konnte nur das wort "bedrohung" lesen.
__________________

Alt 04.12.2012, 12:28   #34
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Log ist schon wieder unvollständig!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.12.2012, 14:00   #35
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



also sobald ich "löschen" anklicke, arbeitet der kurz und das fenster verschwindet. der ganz normale desktop erscheint und bleibt. anschließend habe ich diese log zur verfügung.

anschließend ist auch der awdcleaner vom desktop verschwunden.

kann es vielleicht sein, dass ich vorher auch die virensoftware lahm legen muss?
da diesmal nur stand: alle programme/browser schließen, habe ich das virenprogramm nicht deaktiviert.


Alt 04.12.2012, 14:06   #36
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Versuch es bitte im abgesicherten Modus mit Nertzwerktreibern
__________________
--> Windows Firewall wird immer wieder unbemerkt deaktiviert

Alt 04.12.2012, 14:08   #37
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



gibt es eine Beschreibung, wie das funktioniert?

Alt 04.12.2012, 14:15   #38
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



ja gibt es, auch wenn man sowas eigentlich sofort findet wenn man mal eine sehr bekannte Suchmaschine mit "abgesicherter Modus" füttert




Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

    Windows im abgesicherten Modusstarten
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.12.2012, 15:34   #39
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



diesmal ist das programm so abgelaufen wie beschrieben, doch nach dem neustart kam keine log datei.
muss beim neustart auch im "abgesicherten modus" gestartet werden?

übrigens, danke für die beschreibung

Alt 04.12.2012, 15:58   #40
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Was steht denn in der Anleitung?

Zitat:
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.12.2012, 17:11   #41
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert




genau dort ist KEINE log dieser art vorhanden. deswegen fragte ich ja, ob ich beim neustart nochmal auf abgesicherten modus gehen soll.

Alt 04.12.2012, 19:10   #42
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



So hat sich der adwCleaner aber noch verhalten
Mach einen neuen Suchlauf

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.12.2012, 19:31   #43
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Code:
ATTFilter
# AdwCleaner v2.011 - Datei am 04/12/2012 um 19:29:42 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Denise - DENISE-JÜRGENPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Denise\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default 
Datei : C:\Users\Denise\AppData\Roaming\Mozilla\Firefox\Profiles\xmour6lv.default\prefs.js

[OK] Die Datei ist sauber.

Profilname : default 
Datei : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\s3dw46u8.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.95

Datei : C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [10352 octets] - [03/12/2012 13:32:34]
AdwCleaner[R2].txt - [1125 octets] - [04/12/2012 19:29:42]

########## EOF - C:\AdwCleaner[R2].txt - [1185 octets] ##########
         

Alt 04.12.2012, 19:37   #44
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Ok, er hat aber alles gelöscht

Eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.12.2012, 21:52   #45
Densi
 
Windows Firewall wird immer wieder unbemerkt deaktiviert - Standard

Windows Firewall wird immer wieder unbemerkt deaktiviert



Nur zur Info - das Problem ist noch nicht behoben, eher schlimmer geworden. Ich musste nun sogar neu starten, um überhaupt wieder eine Verbindung zu erhalten. Es wurde aber eine Verbindung ganz normal angezeigt, ich kam aber auf keine Seite mehr. Nach einem Neustart war die Firewall wieder aus und lässt sich auch erst nach einer ganzen Weile erst wieder aktivieren und so lange kann ich auch keine Programme, bis auf den Browser öffnen.

jetzt momentan läuft grade noch otl

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.12.2012 21:43:17 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Denise\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,74% Memory free
4,21 Gb Paging File | 2,86 Gb Available in Paging File | 67,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,00 Gb Total Space | 39,63 Gb Free Space | 33,31% Space Free | Partition Type: NTFS
Drive D: | 30,04 Gb Total Space | 4,12 Gb Free Space | 13,71% Space Free | Partition Type: FAT32
 
Computer Name: DENISE-JÜRGENPC | User Name: Denise | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Denise\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Norton Family\Engine\2.6.0.52\ccsvchst.exe (Symantec Corporation)
PRC - C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe ()
PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH)
PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (vToolbarUpdater13.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe File not found
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (NSM) -- C:\Program Files\Norton Family\Engine\2.6.0.52\ccSvcHst.exe (Symantec Corporation)
SRV - (AVGIDSAgent) -- C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avgfws) -- C:\Programme\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (avgwd) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (ClipInc001) -- C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (WisLMSvc) -- C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mailKmd) --  File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Denise\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (ccSet_NSM) -- C:\Windows\System32\drivers\NSM\0206000.034\ccsetx86.sys (Symantec Corporation)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}) -- C:\Windows\System32\drivers\NSM\0206000.034\symrdr.sys (Symantec Corporation)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ACEDRV07) -- C:\Windows\System32\drivers\ACEDRV07.sys (Protect Software GmbH)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (Hotkey) -- C:\Windows\System32\drivers\HOTKEY.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.msn.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 68 7B 82 CA 63 D4 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = Live Search
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ_de
IE - HKCU\..\SearchScopes\{E3FCDD0E-5495-4FB5-B232-A90628C3FEA9}: "URL" = https://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
IE - HKCU\..\SearchScopes\Live Search: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&mkt=de-DE&FORM=MICGEP
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.9
FF - prefs.js..extensions.enabledAddons: %7Bd10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d%7D:2.0.3
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B6D5C8FC4-DE46-41bf-9092-93F0F78E9115%7D:2.6.0.52
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.09.11 18:23:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.09.24 15:22:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.43\coFFFw\ [2012.12.04 21:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.03 13:59:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.22 23:21:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
 
[2011.07.04 16:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denise\AppData\Roaming\mozilla\Extensions
[2012.05.17 11:44:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denise\AppData\Roaming\mozilla\Firefox\Profiles\xmour6lv.default\extensions
[2012.05.17 11:44:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Denise\AppData\Roaming\mozilla\Firefox\Profiles\xmour6lv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.04.30 14:19:55 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Denise\AppData\Roaming\mozilla\firefox\profiles\xmour6lv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.04 18:20:16 | 000,001,610 | ---- | M] () -- C:\Users\Denise\AppData\Roaming\mozilla\firefox\profiles\xmour6lv.default\searchplugins\ixquick-https---deutsch.xml
[2012.02.15 18:03:18 | 000,002,422 | ---- | M] () -- C:\Users\Denise\AppData\Roaming\mozilla\firefox\profiles\xmour6lv.default\searchplugins\s-amazon-byskipity-de.xml
[2012.01.19 13:38:59 | 000,002,135 | ---- | M] () -- C:\Users\Denise\AppData\Roaming\mozilla\firefox\profiles\xmour6lv.default\searchplugins\s-amazon-de.xml
[2012.11.23 15:58:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.30 13:32:41 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.11.23 15:58:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.11.23 15:58:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.04 21:35:33 | 000,000,000 | ---D | M] (Norton Family) -- C:\PROGRAMDATA\NORTON\{78CA3BF0-9C3B-40E1-B46D-38C877EF059A}\NSM_2.6.0.43\COFFFW
[2012.09.24 15:22:19 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009.09.01 16:10:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.12.03 13:59:59 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.24 15:21:42 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012.06.27 06:22:49 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.23 19:52:54 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.27 06:22:49 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.27 06:22:49 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.27 06:22:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.27 06:22:49 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - homepage: hxxp://www.google.com/
CHR - Extension: AVG Secure Search = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: YouTube = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: AVG Do Not Track = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Google Mail = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.11.29 21:21:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Norton Family BHO) - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Programme\Norton Family\Engine\2.6.0.52\coieplg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{310825A3-322D-4107-AFC5-1E187FC18390}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Denise\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Denise\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.04 06:54:49 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{9AD61E9B-D447-4D60-B1FC-FA1EF4894409}
[2012.12.03 13:49:08 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{697A4C24-F498-431E-A639-ADBCCAF439A7}
[2012.12.01 18:20:36 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\temp
[2012.12.01 18:19:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.01 17:59:10 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.12.01 02:45:02 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{B11774A4-49F1-4F0A-A3CE-A57F11CCA537}
[2012.11.29 20:49:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.11.29 20:49:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.11.29 20:49:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.11.29 20:49:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.11.29 20:48:33 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.11.29 19:55:07 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012.11.29 13:59:49 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{76F4FC14-1CF9-4D13-8150-60C9626CB587}
[2012.11.28 18:34:00 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{131D264E-4C76-48FE-BA0D-3E19F323E5A1}
[2012.11.28 15:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.11.28 15:54:39 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Roaming\Canneverbe Limited
[2012.11.28 15:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2012.11.27 14:56:45 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Roaming\Malwarebytes
[2012.11.27 14:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.27 14:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.27 14:55:50 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.27 14:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.26 22:04:27 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{6A526607-F3B6-402D-AA23-26134FF18592}
[2012.11.25 23:23:10 | 000,202,144 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NSM\0206000.034\symrdr.sys
[2012.11.25 23:23:09 | 000,134,304 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NSM\0206000.034\ccsetx86.sys
[2012.11.25 23:23:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSM\0206000.034
[2012.11.25 23:10:55 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{99EE0528-90C8-4427-8AA5-2E71AF03D139}
[2012.11.25 10:43:02 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{3CAE899F-CF32-475D-A283-A46948E11563}
[2012.11.24 10:56:07 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.24 10:56:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.23 17:50:28 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.11.23 17:49:43 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.11.23 17:49:43 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.11.23 17:49:43 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.11.23 17:14:09 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{1BA53757-F880-4557-88B6-489BF1116B34}
[2012.11.22 23:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.11.22 23:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.11.22 22:19:26 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{5201D3EE-30A2-4463-82D6-8D0A951F1B9E}
[2012.11.21 16:05:09 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{374F8F64-6E2B-4DEF-8480-3983EAA63A36}
[2012.11.20 17:52:07 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2012.11.20 17:52:07 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.11.20 17:49:20 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.11.20 17:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities
[2012.11.20 17:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2012.11.20 16:43:28 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{41E519CC-5C45-4CBE-A95D-686DA58A944C}
[2012.11.19 18:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Fugazo
[2012.11.19 18:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Committed – Das Geheimnis von Shady Pines
[2012.11.19 18:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\astragon
[2012.11.18 16:00:35 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{F09D83D0-748C-4A4A-A2E6-1744C5FCD45A}
[2012.11.17 15:20:51 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{DD27ABA4-FBF3-452A-8AD4-950DAB954601}
[2012.11.17 11:26:14 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.17 11:26:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.17 11:26:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.17 11:26:11 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.17 11:26:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.17 11:26:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.16 14:35:17 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.16 14:26:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.16 14:13:31 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{8868A5E0-F1D7-42F1-98B6-24F8073FF108}
[2012.11.15 16:08:14 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{C2624663-A705-4982-AFBB-25BE6585FFBB}
[2012.11.14 15:00:04 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{67AF8C00-A5E3-4D9D-A9FE-B9D64C7C3CAC}
[2012.11.13 13:28:10 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{0D11F6CB-A810-4813-B972-BA8E3A341BE4}
[2012.11.12 18:23:29 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012.11.12 18:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012.11.12 18:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012.11.12 18:23:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSM
[2012.11.12 18:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Family
[2012.11.12 18:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Family
[2012.11.12 18:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012.11.12 17:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.11.12 17:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.11.12 14:06:53 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{0A39610F-F3CA-4880-97C3-3B5D07A96B5E}
[2012.11.11 23:00:16 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{3DD1B218-94BD-4116-B1D9-48D8F30853EF}
[2012.11.10 14:16:10 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{8DFBE69C-3E0C-48CF-909C-25BCF0765882}
[2012.11.09 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{B98A27C4-3D17-4346-84A3-D478BF5CA972}
[2012.11.08 17:06:03 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{C3ED5C37-F433-492A-97B7-91A8177F646E}
[2012.11.07 18:49:51 | 000,000,000 | ---D | C] -- C:\Users\Denise\Documents\FormatFactory
[2012.11.07 15:41:27 | 000,000,000 | ---D | C] -- C:\Users\Denise\Filme
[2012.11.07 15:37:51 | 000,000,000 | ---D | C] -- C:\Users\Denise\Documents\FFOutput
[2012.11.07 15:16:38 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{F7E49BEA-E4C9-4D3B-8DD3-225546950404}
[2012.11.06 22:47:16 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\{E5458238-46C6-4FE5-9D04-E424257F91BA}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.04 21:42:38 | 000,000,680 | RHS- | M] () -- C:\Users\Denise\ntuser.pol
[2012.12.04 21:39:52 | 000,641,942 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.04 21:39:52 | 000,607,500 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.04 21:39:52 | 000,132,646 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.04 21:39:52 | 000,109,534 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.04 21:35:14 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.04 21:35:14 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.04 21:35:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.04 09:11:36 | 000,659,814 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.11.29 21:21:10 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.11.29 17:38:17 | 101,618,651 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.11.29 15:12:57 | 000,000,512 | ---- | M] () -- C:\Users\Denise\MBR.dat
[2012.11.28 15:54:13 | 000,001,738 | ---- | M] () -- C:\Users\Denise\Desktop\CDBurnerXP.lnk
[2012.11.27 14:55:53 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.25 12:34:22 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NSM\0206000.034\isolate.ini
[2012.11.23 17:49:30 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.11.23 17:49:13 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.11.23 17:49:13 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.11.23 17:49:09 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.11.23 17:49:01 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.11.23 16:40:15 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.20 17:52:02 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.11.20 17:52:02 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2012.11.19 18:33:09 | 000,001,206 | ---- | M] () -- C:\Users\Denise\Desktop\Committed – Das Geheimnis von Shady Pines.lnk
[2012.11.17 12:04:43 | 000,501,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.12 18:23:29 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012.11.12 18:23:29 | 000,007,446 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012.11.12 18:23:29 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012.11.08 14:02:57 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.11.07 15:37:39 | 000,078,336 | ---- | M] () -- C:\Users\Denise\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.07 09:23:33 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.07 06:51:56 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.11.07 06:51:56 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.29 20:49:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.11.29 20:49:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.11.29 20:49:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.11.29 20:49:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.11.29 20:49:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.11.29 15:12:57 | 000,000,512 | ---- | C] () -- C:\Users\Denise\MBR.dat
[2012.11.28 15:54:13 | 000,001,738 | ---- | C] () -- C:\Users\Denise\Desktop\CDBurnerXP.lnk
[2012.11.28 15:54:13 | 000,001,688 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.11.27 14:55:53 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.25 23:23:10 | 000,007,601 | R--- | C] () -- C:\Windows\System32\drivers\NSM\0206000.034\symrdr.cat
[2012.11.25 23:23:10 | 000,001,455 | R--- | C] () -- C:\Windows\System32\drivers\NSM\0206000.034\symrdr.inf
[2012.11.25 23:23:09 | 000,007,611 | R--- | C] () -- C:\Windows\System32\drivers\NSM\0206000.034\ccsetx86.cat
[2012.11.25 23:23:09 | 000,000,828 | R--- | C] () -- C:\Windows\System32\drivers\NSM\0206000.034\ccsetx86.inf
[2012.11.25 23:23:03 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSM\0206000.034\isolate.ini
[2012.11.20 17:49:08 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.11.20 17:49:08 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2012.11.20 17:49:06 | 000,001,869 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
[2012.11.19 18:33:09 | 000,001,206 | ---- | C] () -- C:\Users\Denise\Desktop\Committed – Das Geheimnis von Shady Pines.lnk
[2012.11.12 18:23:29 | 000,007,446 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012.11.12 18:23:29 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011.11.06 09:18:40 | 000,000,000 | ---- | C] () -- C:\Users\Denise\AppData\Local\{71897A78-F9E8-4B86-8741-8A13688EB115}
[2011.02.16 15:56:19 | 000,042,747 | ---- | C] () -- C:\Users\Denise\Scannen0001.jpg
[2010.12.11 14:04:17 | 000,004,096 | -H-- | C] () -- C:\Users\Denise\AppData\Local\keyfile3.drm
[2010.11.17 21:39:16 | 001,734,144 | ---- | C] () -- C:\Users\Denise\SK_Fasching.pps
[2010.10.19 18:13:22 | 000,000,552 | ---- | C] () -- C:\Users\Denise\AppData\Local\d3d8caps.dat
[2010.09.12 14:19:57 | 124,354,560 | ---- | C] () -- C:\Users\Denise\Die Känguruh-Chroniken Teil 2.mp3
[2010.09.12 14:19:47 | 104,674,560 | ---- | C] () -- C:\Users\Denise\Die Känguruh-Chroniken Teil 1.mp3
[2010.09.12 14:19:45 | 023,226,240 | ---- | C] () -- C:\Users\Denise\Die Känguruh-Chroniken Zugabe.mp3
[2010.08.05 16:32:49 | 000,145,697 | -H-- | C] () -- C:\Users\Denise\Cache.mxc3
[2009.12.12 23:38:48 | 000,024,375 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\mdbu.bin
[2009.09.30 16:27:31 | 001,290,240 | ---- | C] () -- C:\Users\Denise\Zuma.exe
[2009.09.03 23:26:31 | 000,000,051 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\AVSMediaPlayer.m3u
[2009.01.13 16:09:50 | 000,000,680 | ---- | C] () -- C:\Users\Denise\AppData\Local\d3d9caps.dat
[2009.01.06 15:15:34 | 000,693,765 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\unins000.exe
[2009.01.06 15:15:34 | 000,013,615 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\unins000.dat
[2008.03.03 20:11:18 | 000,000,094 | ---- | C] () -- C:\Users\Denise\AppData\Local\fusioncache.dat
[2008.01.11 22:47:39 | 000,000,680 | RHS- | C] () -- C:\Users\Denise\ntuser.pol
[2007.11.14 11:41:24 | 000,256,000 | ---- | C] () -- C:\Users\Denise\DieFrau.pps
[2007.11.03 18:51:55 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.10.04 10:23:12 | 000,078,336 | ---- | C] () -- C:\Users\Denise\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.12 08:33:49 | 000,007,458 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 889 bytes -> C:\Users\Denise\Documents\AW_ Ersatzteilbestellung Kundennr_ 13820973.eml:OECustomProperty
@Alternate Data Stream - 526 bytes -> C:\Users\Denise\Documents\Robert mail wkw.eml:OECustomProperty
@Alternate Data Stream - 526 bytes -> C:\Users\Denise\Documents\Email von Robert.eml:OECustomProperty
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:2A8A3140
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:4F8BECB9
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:6BF0805F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:25249477
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:B268A25C
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:E32966C0

< End of report >
         
--- --- ---

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.12.2012 21:43:17 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Denise\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,74% Memory free
4,21 Gb Paging File | 2,86 Gb Available in Paging File | 67,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,00 Gb Total Space | 39,63 Gb Free Space | 33,31% Space Free | Partition Type: NTFS
Drive D: | 30,04 Gb Total Space | 4,12 Gb Free Space | 13,71% Space Free | Partition Type: FAT32
 
Computer Name: DENISE-JÜRGENPC | User Name: Denise | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19080638-8C48-47BD-87C1-9EF02369AD25}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{704EFA8B-BE03-4760-904B-6D4A4714D187}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{C058F94E-17F9-4522-B98C-8AB43C6E36C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{C8CD4EF4-DC0A-4BBE-95FD-9F3A1A244D80}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CE7EE7DF-391D-4DC8-B23B-12C642359BF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{E14A8239-3D3F-49AF-8AA9-2040F13E3B93}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E8A1D415-5B49-4DE7-9C9C-C912CD263B1C}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BEAB8D-9F8D-4FFD-841B-E479554CC438}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{075016DB-4E8F-4F4F-B0DB-F69F0FC6E047}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{1CD78567-1F75-495D-B99B-140E7BC26801}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{2CB38845-212D-40F7-A8A3-997011EEB275}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{31AAA460-ED14-485B-B7AB-1CAA18F52040}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | 
"{3D19BC9F-2CAF-4FA7-8C31-0C259062218E}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{3D74EECD-B8D7-4AAE-B6CC-B3A4C3C3B102}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{4736BDE5-5862-4725-996B-E47F86BA5C04}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{4B3999FA-24F8-4EE8-A054-9867D9D1A8F9}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe | 
"{4E836FA6-7802-499B-ACEC-57F9E67B07E3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{52C89931-E481-4AF1-A8FA-F9D3D0383088}" = protocol=6 | dir=out | app=system | 
"{5EEAF428-8CBE-4515-AC6F-182F58FBB2B1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{6226A2A8-D83C-45B6-9EED-AE2CD4F16D21}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{67CFF8B0-3C97-48E9-8D36-CDFE9E0E938C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{7201CBB8-9E1B-4EF9-B5AF-4CAA67628D7D}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe | 
"{8F9C88B3-A655-48C0-8564-70D16DA28252}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | 
"{91FDC911-DF89-40FD-B98B-C4206C85E909}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{972FF6A0-34A5-43DF-929B-80F4329E0642}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\radiorecorder.exe | 
"{A28800CC-3053-4DF3-BB82-728B763B2AAE}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{AF0472B4-163F-4B10-8FFF-D9DEEF0377FB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AFFB9506-5687-4E51-A3FC-90D37251245D}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe | 
"{BED0DD59-F9FC-4179-97AC-CBE1FD6905DB}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{C5DDC2B1-7689-4CCA-9DD7-958E7651ACE6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{CC11E569-E948-4540-83EE-093ADACAF20F}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | 
"{E2848AEB-4345-405C-A167-A7F8B3A0585D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{E33B09A0-E877-481B-B835-0F30F07F1D53}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{E3B843D3-A2B2-4801-A0EE-F2CC1BE5EC84}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{E563006E-D037-467F-B771-F1DCF3FE07D1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{EE40C132-9B48-4C2A-B8F1-E128FF8F2ED7}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\radiorecorder.exe | 
"{F467C94C-1E10-4587-BD96-9ED418DF3BCF}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe | 
"{F5A94E66-E3DE-4DFE-B3DC-5E4E556B0DDB}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"TCP Query User{0721EEA2-0D77-4969-82B1-B5E02BBD6494}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C472579B-CEB4-434A-8259-2248988F2CF0}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{DA227161-D47A-46BB-AAC4-E5C3B5C6D47E}C:\program files\concept design\onlinetv 5\onlinetv.exe" = protocol=6 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | 
"TCP Query User{E87C4FFF-BAF6-448F-BC7F-765F24EFDCE4}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe | 
"TCP Query User{FC585045-91B0-4175-8FF4-2391E32B2EB2}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{65002842-FC7E-4CBE-9755-E432834A7319}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{70B41F12-C46A-457E-86F5-05C798B066CE}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{7799B9E6-A47A-4001-B64B-05F4F03B34A7}C:\program files\concept design\onlinetv 5\onlinetv.exe" = protocol=17 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | 
"UDP Query User{A6D0F184-A149-4C1D-B83A-885E3F452796}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{D0D8F64F-5A38-4E25-91EB-AA40D629F4ED}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{14897D5B-E7A5-43C6-AFC4-95C24A0194FF}_is1" = concept/design Hit-Recorder 3
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Suyin Live Camera
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43002AE2-4093-49E0-A03D-990EE184C568}" = Lyrics Plugin for Windows Media Player
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-8028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2010
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61727820-9C0B-42A3-BF08-831A62E466A4}" = Schreiben und Tippen lernen mit der Anlauttabelle 
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110261550}" = Shape Solitaire
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A261769-9640-4DB4-B877-3E00C61967F3}_is1" = concept/design onlineTV 5
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = SUYIN webcam
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABEC4C47-2E98-49BF-AF8E-06316B6B2BB9}" = AVG 2012
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3579F43-021F-43D2-A392-C0CAAE2A89DA}" = WinLernen Körpernetze
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.2
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.3.9
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1031}" = Nero 7 Essentials
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ALDI Foto Service D" = ALDI Foto Service
"ALDI Nord Foto Manager Free D" = ALDI Nord Foto Manager Free
"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice
"ALDI Nord Online Druck Service" = ALDI Nord Online Druck Service 4.6
"Autodesk Design Review 2010" = Autodesk Design Review 2010
"AVG" = AVG 2012
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BFG-Vergessene Laender - Erste Siedler" = Vergessene L&auml;nder: Erste Siedler ™
"CCleaner" = CCleaner
"Chronicles of Mystery/DE-German_is1" = Das Vermächtnis: Testament of Sin
"ClearProg" = ClearProg 1.5.0 Final
"Committed – Das Geheimnis von Shady Pines_is1" = Committed – Das Geheimnis von Shady Pines
"DWG TrueView 2010" = DWG TrueView 2010
"FileZilla Client" = FileZilla Client 3.3.5
"FormatFactory" = FormatFactory 2.90
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"IrfanView" = IrfanView (remove only)
"LetsTrade" = LetsTrade Komponenten
"LHTTSGED" = L&H TTS3000 Deutsch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MEDION Fotos auf CD Nord D" = MEDION Fotos auf CD Nord 6.0.2.0 (D)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"NSM" = Norton Family
"RealPlayer 15.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 7" = TeamViewer 7
"Tobit ClipInc Server" = WDR RadioRecorder
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.1.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"Yahoo! Messenger" = Yahoo! Messenger
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 01.12.2012 13:31:28 | Computer Name = Denise-JürgenPC | Source = Application Hang | ID = 1002
Description = Programm FirewallControlPanel.exe, Version 6.0.6001.18000 arbeitet
 nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf
 im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
 über das Problem zu suchen.  Prozess-ID: 1018  Anfangszeit: 01cdcfe9646e9d01  Zeitpunkt
 der Beendigung: 31
 
Error - 03.12.2012 08:30:44 | Computer Name = Denise-JürgenPC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 9a0  Anfangszeit: 01cdd1510597c3ea  Zeitpunkt
 der Beendigung: 31
 
Error - 03.12.2012 17:33:37 | Computer Name = Denise-JürgenPC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 03.12.2012 17:33:37 | Computer Name = Denise-JürgenPC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 03.12.2012 18:19:52 | Computer Name = Denise-JürgenPC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FlashPlayerPlugin_11_5_502_110.exe, Version 
11.5.502.110, Zeitstempel 0x508de12c, fehlerhaftes Modul unknown, Version 0.0.0.0,
 Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x738e4618,  Prozess-ID
 0x1480, Anwendungsstartzeit 01cdd1a44f5fae55.
 
Error - 03.12.2012 18:20:10 | Computer Name = Denise-JürgenPC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FlashPlayerPlugin_11_5_502_110.exe, Version 
11.5.502.110, Zeitstempel 0x508de12c, fehlerhaftes Modul unknown, Version 0.0.0.0,
 Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x738e4618,  Prozess-ID
 0xff4, Anwendungsstartzeit 01cdd1a45b565565.
 
Error - 03.12.2012 18:20:25 | Computer Name = Denise-JürgenPC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FlashPlayerPlugin_11_5_502_110.exe, Version 
11.5.502.110, Zeitstempel 0x508de12c, fehlerhaftes Modul unknown, Version 0.0.0.0,
 Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x738e4618,  Prozess-ID
 0x1594, Anwendungsstartzeit 01cdd1a464379685.
 
Error - 03.12.2012 18:45:23 | Computer Name = Denise-JürgenPC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FlashPlayerPlugin_11_5_502_110.exe, Version 
11.5.502.110, Zeitstempel 0x508de12c, fehlerhaftes Modul unknown, Version 0.0.0.0,
 Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x738e4618,  Prozess-ID
 0x7d0, Anwendungsstartzeit 01cdd1a7e1229fc5.
 
Error - 03.12.2012 18:49:40 | Computer Name = Denise-JürgenPC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FlashPlayerPlugin_11_5_502_110.exe, Version 
11.5.502.110, Zeitstempel 0x508de12c, fehlerhaftes Modul unknown, Version 0.0.0.0,
 Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x738e4618,  Prozess-ID
 0xcb0, Anwendungsstartzeit 01cdd1a87a097245.
 
Error - 04.12.2012 10:20:00 | Computer Name = Denise-JürgenPC | Source = EventSystem | ID = 4609
Description = 
 
[ Media Center Events ]
Error - 17.04.2008 17:49:12 | Computer Name = Denise-JürgenPC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
[ System Events ]
Error - 17.11.2012 06:28:39 | Computer Name = Denise-JürgenPC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 17.11.2012 06:28:39 | Computer Name = Denise-JürgenPC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 17.11.2012 06:35:55 | Computer Name = Denise-JürgenPC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 20.11.2012 15:13:23 | Computer Name = Denise-JürgenPC | Source = DCOM | ID = 10005
Description = 
 
Error - 29.11.2012 09:36:29 | Computer Name = Denise-JürgenPC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 29.11.2012 um 14:22:52 unerwartet heruntergefahren.
 
Error - 29.11.2012 16:25:57 | Computer Name = Denise-JürgenPC | Source = Dhcpv6 | ID = 1008
Description = Die Netzwerkschnittstelle, die mit diesem System verbunden ist, konnte
 nicht initialisiert werden. Fehlercode: %%5.
 
Error - 04.12.2012 10:19:49 | Computer Name = Denise-JürgenPC | Source = DCOM | ID = 10005
Description = 
 
Error - 04.12.2012 10:20:00 | Computer Name = Denise-JürgenPC | Source = DCOM | ID = 10005
Description = 
 
Error - 04.12.2012 10:20:01 | Computer Name = Denise-JürgenPC | Source = DCOM | ID = 10005
Description = 
 
Error - 04.12.2012 10:20:05 | Computer Name = Denise-JürgenPC | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >
         
--- --- ---

Antwort

Themen zu Windows Firewall wird immer wieder unbemerkt deaktiviert
avg, bereits, dateien, deaktiviert, defender, firewall, freigabe, gefunde, helfer, helferteam, immer wieder, infiziertes, inter, interne, internet, malwarebytes, nichts, objekt, problem, schließe, schonmal, security, unbemerkt, windows, windows firewall, überhaupt



Ähnliche Themen: Windows Firewall wird immer wieder unbemerkt deaktiviert


  1. Windows 7: Leerlauf Scan im BitDefender wird immer wieder ausgeschaltet und Browser Startseite "google" wird geändert
    Log-Analyse und Auswertung - 20.05.2014 (13)
  2. Chrome Browser Deaktiviert Sich immer Wieder
    Plagegeister aller Art und deren Bekämpfung - 23.04.2014 (11)
  3. McAfee Echtzeit Schutz deaktiviert sich immer wieder selbst
    Antiviren-, Firewall- und andere Schutzprogramme - 19.12.2013 (1)
  4. Sophos On-Access-Scan wird deaktiviert; Win7 Sicherheitscenter wird deaktiviert; PC startet neu
    Log-Analyse und Auswertung - 07.08.2013 (25)
  5. Virus kommt immer wieder, mehrmals gelöscht, deaktiviert Firewall etc. (Sirefef?!)
    Plagegeister aller Art und deren Bekämpfung - 03.08.2013 (10)
  6. Sicherheitscenter wird immer wieder deaktiviert, chrome meldet Profil Fehler
    Log-Analyse und Auswertung - 10.06.2013 (3)
  7. Windows XP Updates nicht mehr möglich /Windows Firewall ist immer beim Start deaktiviert
    Antiviren-, Firewall- und andere Schutzprogramme - 26.05.2013 (82)
  8. Trojaner eingefangen der immer meine McAffey Firewall deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (18)
  9. Bundestrojaner wird immer wieder in den Autostart geladen - Windows XP
    Log-Analyse und Auswertung - 06.03.2012 (17)
  10. Notepad wird immer wieder geöffnet - Windows-8 - 64bit
    Plagegeister aller Art und deren Bekämpfung - 26.11.2011 (3)
  11. TR/Spy.59392.133 wird immer und immer wieder gefunden...
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (11)
  12. Windows Firewall wird immer wieder deaktiviert
    Log-Analyse und Auswertung - 08.11.2010 (8)
  13. Firewall beim Start IMMER deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 12.11.2009 (35)
  14. Taskmanager wird immer wieder deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 10.04.2009 (58)
  15. Anti Vir Guard deaktiviert, Windows Firewall deaktiviert und andere Miseren...
    Log-Analyse und Auswertung - 24.01.2009 (13)
  16. Keinen Zugriff auf Taskmanager / Firewall wird laufend deaktiviert
    Log-Analyse und Auswertung - 16.07.2008 (9)
  17. Trojan.Downloader JS - Anti-Viren-Programm/Firewall wird automatisch deaktiviert.
    Log-Analyse und Auswertung - 24.05.2007 (1)

Zum Thema Windows Firewall wird immer wieder unbemerkt deaktiviert - der ganze adwcleaner ist weg. wenn ich neu downloaden will, erscheint diese meldung und ich kann nur noch auf ok klicken: C:\Users\Denise\Downloads\adwcleaner.exe konnte nicht gespeichert werden, weil Sie die Inhalte - Windows Firewall wird immer wieder unbemerkt deaktiviert...
Archiv
Du betrachtest: Windows Firewall wird immer wieder unbemerkt deaktiviert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.