Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 15.08.2012, 08:32   #1
mcssk
 
WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren - Standard

WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren



Hallo.

Sorry bin neu hier und ich hoffe ich habe richtig gelesen bzw gepostet.

Seid heute morgen (gestern lief alles normal zumindest für meine begriffe)
bekomme ich die Windowsfirewall nicht mehr aktiviert.

Er zeigt mir immer eine Fehlermeldung : Fehlercode 0x80070424

Da ich ein totaler PC neuling bin hab ich absolut keine Ahnung was ich übernacht (PC war aus O.O) mir eingefangen hab.

Sicherheitsprogramme hab ich Malwarebytes Antimalware
und den Windows7 standard.

Ich weiss ist sicherlich als info nicht viel aber vielleicht kann mich ja jemand von euch auf den richtigen Weg weisen was ich tun kann bzw was ihr braucht um mir vielleicht zu helfen.

Danke fürs lesen und für die hoffentliche Hilfe.

MFG
MCSSK


OTL LOG UND EXTRAS



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.08.2012 09:43:20 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Schatz&Ich\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 66,13% Memory free
15,96 Gb Paging File | 12,86 Gb Available in Paging File | 80,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,01 Gb Total Space | 102,62 Gb Free Space | 51,30% Space Free | Partition Type: NTFS
Drive D: | 731,50 Gb Total Space | 282,59 Gb Free Space | 38,63% Space Free | Partition Type: NTFS
Drive J: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: REDBULL | User Name: Schatz&Ich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.15 09:13:56 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Schatz&Ich\Desktop\OTL.exe
PRC - [2012.08.13 12:54:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.07.03 13:46:42 | 000,973,488 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Schatz&Ich\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.04.18 20:17:24 | 000,326,144 | ---- | M] () -- C:\Users\Schatz&Ich\AppData\Roaming\Errawy\baaw.exe
PRC - [2012.02.13 10:06:56 | 003,481,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.18 20:17:24 | 000,326,144 | ---- | M] () -- C:\Users\Schatz&Ich\AppData\Roaming\Errawy\baaw.exe
MOD - [2012.01.10 14:57:38 | 000,145,288 | ---- | M] () -- C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2iexp.dll
MOD - [2012.01.10 14:57:38 | 000,015,760 | ---- | M] () -- C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2native.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.08.18 03:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.08.15 08:50:19 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.14 22:55:58 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- d:\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012.08.13 12:54:38 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.08.02 18:59:19 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.30 12:02:10 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.07.02 10:31:53 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.22 21:07:34 | 058,345,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV - [2011.09.22 21:07:34 | 000,154,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2011.09.22 21:06:04 | 000,431,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS)
SRV - [2010.10.22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.07.22 10:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.27 21:57:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.24 00:02:20 | 000,648,808 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.11.22 16:21:46 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.11.22 16:21:46 | 000,130,024 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.10.17 16:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.10.15 12:48:07 | 000,291,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011.09.15 10:15:00 | 000,216,064 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rusb3xhc.sys -- (rusb3xhc)
DRV:64bit: - [2011.09.15 10:14:58 | 000,100,352 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rusb3hub.sys -- (rusb3hub)
DRV:64bit: - [2011.09.13 16:14:44 | 000,212,992 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.09.13 16:14:42 | 000,095,744 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.18 02:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011.03.18 02:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011.03.13 10:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 10:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 10:58:42 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (AthDfu)
DRV:64bit: - [2011.03.13 10:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 11:01:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011.03.07 11:01:46 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2010.12.24 11:43:40 | 000,029,288 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.02.26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.08.18 04:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009.06.18 12:54:10 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\402C.tmp -- (MEMSWEEP2)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.14 09:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2007.05.11 19:01:10 | 000,070,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV - [2012.08.06 11:03:25 | 000,024,144 | ---- | M] (Beijing Joychina Network Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\Temp\ncvet.dll -- (ncvet.dll)
DRV - [2011.11.20 03:29:52 | 000,202,592 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files (x86)\YouWave_Android\vb\VBoxDrv.sys -- (VBoxDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A9C6DA0E-A5E9-4ED2-B295-CE53613BC3AF}
IE:64bit: - HKLM\..\SearchScopes\{A9C6DA0E-A5E9-4ED2-B295-CE53613BC3AF}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A9C6DA0E-A5E9-4ED2-B295-CE53613BC3AF}
IE - HKLM\..\SearchScopes\{A9C6DA0E-A5E9-4ED2-B295-CE53613BC3AF}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.vcm-gruppe.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://syb.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=112555&tt=010812_hpdel_3212_2&babsrc=HP_ss&mntrId=5cce0e6a000000000000c8600006db36
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FF E2 43 5F F7 D1 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=010812_hpdel_3212_2&babsrc=SP_ss&mntrId=5cce0e6a000000000000c8600006db36
IE - HKCU\..\SearchScopes\{FAEDE269-38A9-486D-AC27-B0F3E6E3D5B8}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\Schatz&Ich\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\@fancyguo.com/FancyGame,version=1.0.0.1: C:\Users\Schatz&Ich\AppData\Local\Fancy\npfancygame.dll (Beijing FancyGuo Tech Ltd)
FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\Schatz&Ich\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\Schatz&Ich\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Schatz&Ich\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.11 15:25:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.30 11:21:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.30 11:21:40 | 000,000,000 | ---D | M]
 
[2012.08.06 10:24:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=112555&tt=010812_hpdel_3212_2&babsrc=HP_ss&mntrId=5cce0e6a000000000000c8600006db36
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=010812_hpdel_3212_2&babsrc=SP_ss&mntrId=5cce0e6a000000000000c8600006db36
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://search.babylon.com/?affID=112555&tt=010812_hpdel_3212_2&babsrc=HP_ss&mntrId=5cce0e6a000000000000c8600006db36
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Schatz&Ich\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Schatz&Ich\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: fancy3d (Enabled) = C:\Users\Schatz&Ich\AppData\Local\Fancy\npfancygame.dll
CHR - plugin: IGG Web3D Updater NP Plugin for Mozilla (Enabled) = C:\Users\Schatz&Ich\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll
CHR - plugin: JoyConnectShell NP Plugin for Mozilla (Enabled) = C:\Users\Schatz&Ich\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll
CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Users\Schatz&Ich\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Schatz&Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Schatz&Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Schatz&Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Schatz&Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.06.19 18:08:20 | 000,000,886 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 eu.actual.battle.net
O1 - Hosts: 127.0.0.1 us.actual.battle.net
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Schatz&Ich\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RemoteHelper] C:\Program Files (x86)\Remote HD\Remote Helper\RemoteHelper.exe (App Dynamic)
O4 - HKCU..\Run: [Sabaewcop] C:\Users\Schatz&Ich\AppData\Roaming\Errawy\baaw.exe ()
O4 - HKCU..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {9A9825C1-8A41-4FDA-BC07-7F5FBECC02E6} hxxp://item.koramgame.com/st/login/activex/KoramGameStarter.cab (Koram GameStarter Control)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4FFFDA2-615B-4BF4-A3B1-623496384B36}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.07.27 23:50:03 | 000,000,115 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.15 09:13:37 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Schatz&Ich\Desktop\OTL.exe
[2012.08.15 09:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2012.08.15 09:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2012.08.15 08:52:31 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Local\ElevatedDiagnostics
[2012.08.15 08:46:23 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.08.15 08:36:25 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.379BF3CD74169932
[2012.08.15 08:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012.08.15 08:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.08.15 08:32:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.13 15:26:46 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012.08.13 15:07:30 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\hellomoto
[2012.08.13 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Miylos
[2012.08.13 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Errawy
[2012.08.13 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Akybw
[2012.08.13 13:52:24 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Mozilla
[2012.08.13 12:51:20 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\Desktop\jdownloader2
[2012.08.13 12:41:54 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\HpUpdate
[2012.08.13 12:41:48 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2012.08.13 11:55:49 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\Documents\Game
[2012.08.13 11:50:08 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RemnantKnights
[2012.08.13 11:42:19 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Local\GamersFirst LIVE!
[2012.08.13 11:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2012.08.13 11:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2012.08.13 09:34:12 | 000,000,000 | -HSD | C] -- C:\Users\Schatz&Ich\AppData\Roaming\58146db
[2012.08.12 17:58:26 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\Documents\DCSCMIN
[2012.08.12 17:03:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
[2012.08.12 13:16:57 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.08.12 13:16:57 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.08.12 13:16:57 | 000,133,632 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.08.12 13:16:57 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012.08.12 13:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012.08.12 10:23:03 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\Documents\Telltale Games
[2012.08.12 10:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telltale Games
[2012.08.12 09:23:37 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\Documents\Witcher 2
[2012.08.12 09:23:37 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Local\The Witcher 2
[2012.08.12 08:47:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.08.12 08:43:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012.08.12 08:43:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.08.12 08:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.08.12 08:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
[2012.08.12 08:39:34 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\Documents\WB Games
[2012.08.12 08:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012.08.11 23:19:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.08.11 16:02:25 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steamless Left4Dead Pack
[2012.08.11 13:29:49 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Local\SKIDROW
[2012.08.11 13:29:49 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Local\Risen2
[2012.08.07 12:27:06 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\dvdcss
[2012.08.06 11:20:24 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HunterBlade
[2012.08.06 11:16:08 | 000,000,000 | ---D | C] -- C:\HunterBlade
[2012.08.06 11:03:39 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\JoyChina
[2012.08.06 10:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blade
[2012.08.06 10:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HunterBlade
[2012.08.06 10:23:48 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\YourFileDownloader
[2012.08.06 10:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourFileDownloader
[2012.08.05 18:04:34 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.02 20:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.08.02 20:23:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf
[2012.08.02 09:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.07.30 11:23:44 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Local\HP
[2012.07.30 11:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012.07.30 11:23:02 | 000,000,000 | ---D | C] -- C:\Users\Schatz&Ich\AppData\Roaming\HP
[2012.07.30 11:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012.07.30 11:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.07.30 11:20:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2012.07.30 11:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2012.07.30 11:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2012.07.30 11:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012.07.30 11:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012.07.30 11:17:16 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2012.07.19 09:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.15 09:45:08 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.15 09:13:56 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Schatz&Ich\Desktop\OTL.exe
[2012.08.15 08:50:21 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.15 08:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 08:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.15 08:49:24 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 08:49:24 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 08:46:17 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.15 08:42:47 | 000,000,448 | ---- | M] () -- C:\Users\Schatz&Ich\AppData\Roaming\com.remotehd.RemoteHelper.plist
[2012.08.15 08:41:37 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.15 08:41:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.15 08:41:21 | 2133,417,983 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.15 08:36:25 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.379BF3CD74169932
[2012.08.15 08:34:13 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.08.15 08:34:01 | 001,828,822 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.15 08:34:01 | 000,765,372 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.15 08:34:01 | 000,720,690 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.15 08:34:01 | 000,174,400 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.15 08:34:01 | 000,147,354 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.13 16:35:53 | 000,000,173 | ---- | M] () -- C:\Users\Schatz&Ich\AppData\Roaming\E81F61.dat
[2012.08.13 13:10:21 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.08.13 13:10:21 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.13 13:03:43 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.08.13 12:54:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.08.13 12:54:02 | 001,135,448 | ---- | M] () -- C:\Users\Schatz&Ich\Desktop\database.script
[2012.08.13 11:50:08 | 000,000,574 | ---- | M] () -- C:\Users\Schatz&Ich\Desktop\RemnantKnights.lnk
[2012.08.13 11:43:42 | 000,001,164 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012.08.13 11:43:42 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2012.08.12 17:03:39 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne 3.lnk
[2012.08.12 13:16:57 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.08.12 13:16:57 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.08.12 13:16:57 | 000,133,632 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.08.12 13:16:57 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012.08.12 13:11:02 | 564,395,400 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.08.12 10:20:04 | 000,000,513 | ---- | M] () -- C:\Users\Public\Desktop\Bang Bang Racing.lnk
[2012.08.12 10:17:35 | 000,000,435 | ---- | M] () -- C:\Users\Public\Desktop\The Walking Dead.lnk
[2012.08.12 08:42:53 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Batman Arkham City.lnk
[2012.08.12 08:11:30 | 001,784,368 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.12 08:06:37 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
[2012.08.11 22:39:39 | 000,000,636 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 3.lnk
[2012.08.11 16:02:26 | 000,000,633 | ---- | M] () -- C:\Users\Schatz&Ich\Desktop\SteamLess Left4Dead.lnk
[2012.08.11 10:14:50 | 004,503,728 | ---- | M] () -- C:\ProgramData\00etadpu.pad
[2012.08.06 11:20:24 | 000,001,569 | ---- | M] () -- C:\Users\Schatz&Ich\Desktop\HunterBlade.lnk
[2012.08.06 10:24:13 | 000,001,808 | ---- | M] () -- C:\user.js
[2012.08.02 19:15:08 | 004,503,728 | ---- | M] () -- C:\ProgramData\ras_0oed.pad
[2012.08.02 09:52:01 | 000,295,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.30 11:22:36 | 000,245,235 | ---- | M] () -- C:\Windows\hpoins19.dat
[2012.07.30 11:21:26 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012.07.30 11:20:33 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.07.30 11:20:26 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Shop für HP Zubehör.lnk
[2012.07.30 11:19:59 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.15 08:34:05 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.08.15 08:31:23 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\U\000000cb.@
[2012.08.15 08:27:19 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\U\00000008.@
[2012.08.13 16:25:50 | 000,000,173 | ---- | C] () -- C:\Users\Schatz&Ich\AppData\Roaming\E81F61.dat
[2012.08.13 15:19:40 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\L\00000004.@
[2012.08.13 15:19:39 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\U\80000000.@
[2012.08.13 15:19:39 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\U\00000004.@
[2012.08.13 12:58:14 | 001,135,448 | ---- | C] () -- C:\Users\Schatz&Ich\Desktop\database.script
[2012.08.13 11:50:08 | 000,000,574 | ---- | C] () -- C:\Users\Schatz&Ich\Desktop\RemnantKnights.lnk
[2012.08.13 11:41:57 | 000,001,164 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012.08.13 11:41:57 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2012.08.12 17:03:39 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne 3.lnk
[2012.08.12 12:33:17 | 564,395,400 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.08.12 10:20:04 | 000,000,513 | ---- | C] () -- C:\Users\Public\Desktop\Bang Bang Racing.lnk
[2012.08.12 10:17:35 | 000,000,435 | ---- | C] () -- C:\Users\Public\Desktop\The Walking Dead.lnk
[2012.08.12 10:17:35 | 000,000,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead.lnk
[2012.08.12 08:42:53 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Batman Arkham City.lnk
[2012.08.12 08:06:37 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
[2012.08.11 22:39:39 | 000,000,636 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 3.lnk
[2012.08.11 22:39:39 | 000,000,636 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare 3.lnk
[2012.08.11 16:02:26 | 000,000,633 | ---- | C] () -- C:\Users\Schatz&Ich\Desktop\SteamLess Left4Dead.lnk
[2012.08.11 10:14:22 | 004,503,728 | ---- | C] () -- C:\ProgramData\00etadpu.pad
[2012.08.06 11:20:24 | 000,001,569 | ---- | C] () -- C:\Users\Schatz&Ich\Desktop\HunterBlade.lnk
[2012.08.05 18:04:35 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.02 19:11:51 | 004,503,728 | ---- | C] () -- C:\ProgramData\ras_0oed.pad
[2012.07.30 11:21:26 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012.07.30 11:20:48 | 000,001,064 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2012.07.30 11:20:33 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.07.30 11:20:26 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Shop für HP Zubehör.lnk
[2012.07.30 11:19:58 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.07.30 11:17:40 | 000,245,235 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.07.30 11:17:40 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.07.05 17:28:28 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.06.11 21:35:34 | 000,000,448 | ---- | C] () -- C:\Users\Schatz&Ich\AppData\Roaming\com.remotehd.RemoteHelper.plist
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.02.17 20:39:31 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.17 20:39:29 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.13 15:53:37 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\@
[2012.01.13 15:53:37 | 000,002,048 | -HS- | C] () -- C:\Users\Schatz&Ich\AppData\Local\{50260c21-1c7e-bb49-ce54-173bcd8ea8d8}\@
[2012.01.13 15:27:07 | 001,828,822 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.13 14:35:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== Files - Unicode (All) ==========
[2012.04.16 10:28:22 | 000,001,110 | ---- | M] ()(C:\Users\Schatz&Ich\Desktop\??.lnk) -- C:\Users\Schatz&Ich\Desktop\天纪.lnk
[2012.04.16 10:28:22 | 000,001,110 | ---- | C] ()(C:\Users\Schatz&Ich\Desktop\??.lnk) -- C:\Users\Schatz&Ich\Desktop\天纪.lnk

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.08.2012 09:43:20 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Schatz&Ich\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 66,13% Memory free
15,96 Gb Paging File | 12,86 Gb Available in Paging File | 80,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,01 Gb Total Space | 102,62 Gb Free Space | 51,30% Space Free | Partition Type: NTFS
Drive D: | 731,50 Gb Total Space | 282,59 Gb Free Space | 38,63% Space Free | Partition Type: NTFS
Drive J: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: REDBULL | User Name: Schatz&Ich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}" = Microsoft SQL Server 2008 Native Client
"{2C22EA92-CB30-4932-0052-000001000000}" = InfraRecorder 0.52 (x64 edition)
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6292D514-17A4-403F-98F9-E150F10C043D}" = Microsoft SQL Server 2008 Setup Support Files 
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3 (64-bit)
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}" = Microsoft SQL Server 2008 RsFx Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1" = System.Data.SQLite v1.0.79.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2042E020-A633-44CC-BD1D-9851A7C19365}" = Overwolf
"{25D56EF8-ED54-41F2-B3AB-C62F76A54E1E}" = TeamViewer Fernwartung
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite Closed Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1" = Video Download Capture V4.1.6
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-MAXP3-7B42A5D4E0EB}_is1" = Max Payne 3 version 1.02
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6F23CC7-17E5-40E1-A0AE-B36FD24F6123}" = Knightage
"{BA82E6B6-290F-4D61-A296-80C3D3BA2B37}" = Renaissance Heroes
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C14ACB14-1995-493E-8543-E560071197AB}" = Remote Helper
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E8AC6BBD-9A99-404C-9638-F633312CD441}_is1" = Batman: Arkham City Digital Deluxe Edition
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android SDK Tools" = Android SDK Tools
"APB Reloaded" = APB Reloaded
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"ESET Online Scanner" = ESET Online Scanner v3
"GamersFirst LIVE!" = GamersFirst LIVE!
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"hon" = Heroes of Newerth
"HunterBlade" = HunterBlade 0.050422
"InstallShield_{BA82E6B6-290F-4D61-A296-80C3D3BA2B37}" = Renaissance Heroes
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"NCLauncher_GameForge" = NC Launcher (GameForge)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"RemnantKnights" = RemnantKnights 1.00718
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"Steam App 440" = Team Fortress 2
"Steamless Left4Dead Pack" = Steamless Left4Dead Pack
"The Walking Dead (c) 3_is1" = The Walking Dead (c) 3 version 1
"The Walking Dead_is1" = The Walking Dead Episode 2 - Starved for Help
"The Witcher 2 - Assassins of Kings Enhanced Edition_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.0
"Warhammer Online - Wrath of Heroes" = Warhammer Online - Wrath of Heroes
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
"YouWave" = YouWave for Android
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"CopyTrans Suite" = CopyTrans Suite Remove Only
"IGG Web3D Player_is1" = IGG Web3D Player version 1.0.0.38
"KalydoPlayer" = Kalydo Player 4.05.01
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.07.2012 04:54:19 | Computer Name = Redbull | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 09.07.2012 05:42:48 | Computer Name = Redbull | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 09.07.2012 11:29:32 | Computer Name = Redbull | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BFP4f.exe, Version: 0.0.0.0, Zeitstempel:
 0x4fedcb6d  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038dc9  ID des fehlerhaften Prozesses:
 0x11a4  Startzeit der fehlerhaften Anwendung: 0x01cd5de5a90904e3  Pfad der fehlerhaften
 Anwendung: D:\Battlefield\BFP4f.exe  Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
 e1024a93-c9da-11e1-89c1-c8600006db36
 
Error - 10.07.2012 08:05:26 | Computer Name = Redbull | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.07.2012 03:09:51 | Computer Name = Redbull | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.07.2012 03:20:50 | Computer Name = Redbull | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.07.2012 05:19:34 | Computer Name = Redbull | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 12.07.2012 02:27:46 | Computer Name = Redbull | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.07.2012 12:16:23 | Computer Name = Redbull | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 13.07.2012 04:51:44 | Computer Name = Redbull | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 06.08.2012 07:02:27 | Computer Name = Redbull | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\Temp\ncvet.dll
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 06.08.2012 07:02:27 | Computer Name = Redbull | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ncvet.dll" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1275
 
Error - 06.08.2012 07:02:32 | Computer Name = Redbull | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\Temp\ncvet.dll
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 06.08.2012 07:02:32 | Computer Name = Redbull | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ncvet.dll" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1275
 
Error - 07.08.2012 01:29:33 | Computer Name = Redbull | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 07.08.2012 01:29:33 | Computer Name = Redbull | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 07.08.2012 05:09:21 | Computer Name = Redbull | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 07.08.2012 05:09:21 | Computer Name = Redbull | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 09.08.2012 04:22:36 | Computer Name = Redbull | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 09.08.2012 04:22:36 | Computer Name = Redbull | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >
         
--- --- ---

Geändert von mcssk (15.08.2012 um 08:53 Uhr) Grund: Logfile

Alt 15.08.2012, 12:59   #2
markusg
/// Malware-holic
 
WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren - Standard

WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren



hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [Sabaewcop] C:\Users\SchatzIch\AppData\Roaming\Errawy\baaw.exe ()
[2012.08.13 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\SchatzIch\AppData\Roaming\Miylos
[2012.08.13 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\SchatzIch\AppData\Roaming\Akybw
 :Files
C:\Users\SchatzIch\AppData\Roaming\Errawy
:Commands
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

für eine weitere analyse benötige ich mal folgendes.
c:\Users\name\AppData\LocalLow\Sun\Java\Deployment\cache
dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
wenn dies erledigt ist, bittemelden.
__________________

__________________

Alt 16.08.2012, 07:30   #3
mcssk
 
WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren - Standard

WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren



Hey danke schonmal das du dich meinem Problem so schnell angenommen hast.


Also das OTL dokument war kein problem hochzuladen aber bem cache ordner weiss ich nicht ob es geuppt ist.

Hab es 2mal probiert und er zeigt mir nix an ausser das ich wieder auf die startseite vom uploadchannel komm.

Ich hoffe es ist geuppt. Bitte teile mir doch mit ob alles da ist. Danke


LG Mcssk
__________________

Alt 16.08.2012, 13:18   #4
markusg
/// Malware-holic
 
WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren - Standard

WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren



hi
File-Upload.net - Ihr kostenloser File Hoster!
dort hochladen bitte, den cache ordner meineich, und dann link als private nachicht an mich
hattet ihr den nutzernamen im log eigendlich geendert, dann funktioniert das script nemlich nicht und ihr müsst es noch mal ausführen + den upload.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren
0x8007042, 7-zip, absolut, ahnung, aktiviere, aktivieren, begriffe, brauch, eingefangen, fehlercode, fehlermeldung, firewall, gefangen, gestern, heute, hoffe, install.exe, jdownloader, langs, malwarebytes, microsoft office starter 2010, morgen, neu, neuling, nicht mehr, ntdll.dll, nvidia update, officejet, plug-in, richtig, richtlinie, search the web, sicherheitscenter, total commander, totaler, version., visual studio, win, windows7, windowsfirewall, youtube downloader




Ähnliche Themen: WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren


  1. (Vista) Sicherheitscenter lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 24.12.2014 (3)
  2. Avira antivir guard lässt sich nicht aktivieren, Sicherheitscenter: Firewall, Virenschutz und automatische Updates inaktiv
    Log-Analyse und Auswertung - 21.10.2014 (34)
  3. Sicherheitscenter lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 12.07.2014 (7)
  4. Windows Sicherheitscenter lässt sich nicht mehr aktivieren, Malwarebytes funktioniert nicht
    Log-Analyse und Auswertung - 21.06.2014 (9)
  5. Google Redirect & Windows Sicherheitscenter lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 31.07.2013 (20)
  6. Windows Sicherheitscenter lässt sich durch Trojaner nicht mehr aktivieren.
    Log-Analyse und Auswertung - 27.06.2013 (13)
  7. AdWare und Windows Sicherheitscenter lässt sich nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (21)
  8. Umleitung von Google-Suchergebnissen, Windows-Sicherheitscenter lässt sich nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (23)
  9. Windows-Sicherheitscenter lässt sich nicht aktivieren/Fehlweiterleitungen bei Google
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (22)
  10. (Vista) Sicherheitscenter lässt sich nach Virus nicht mehr aktivieren
    Log-Analyse und Auswertung - 11.04.2012 (9)
  11. google redirect , windows-sicherheitscenter lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 05.01.2012 (2)
  12. Windows-Sicherheitscenter lässt sich nicht aktivieren
    Antiviren-, Firewall- und andere Schutzprogramme - 27.03.2011 (5)
  13. Windows-Sicherheitscenter lässt sich nicht aktivieren
    Mülltonne - 26.03.2011 (1)
  14. Windows Sicherheitscenter lässt sich nicht mehr aktivieren, die zweite
    Plagegeister aller Art und deren Bekämpfung - 08.03.2011 (2)
  15. Windows-Sicherheitscenter lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (15)
  16. Sicherheitscenter lässt sich nicht aktivieren/deaktiviert sich sofort wieder
    Plagegeister aller Art und deren Bekämpfung - 27.01.2011 (26)

Zum Thema WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren - Hallo. Sorry bin neu hier und ich hoffe ich habe richtig gelesen bzw gepostet. Seid heute morgen (gestern lief alles normal zumindest für meine begriffe) bekomme ich die Windowsfirewall nicht - WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren...
Archiv
Du betrachtest: WIN Sicherheitscenter aka Firewall lässt sich nicht aktivieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.