Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Meine Firewall will nicht laufen.

Meine Firewall will nicht laufen.


Plagegeister aller Art und deren Bekämpfung: Meine Firewall will nicht laufen.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.12.2012, 11:59   #1
Batista_NT
 
Meine Firewall will nicht laufen. - Böse

Meine Firewall will nicht laufen.


Hallo ich habe ein Problem mit meiner Firewall.
Ich glaube sie ist aus..

Das steht .
_________________________________________________
Firewall einstellungen aktuallisieren
Die zum Schutz des Computers empfohlenen
Einstellungen werden nicht von der Windows-Firewall
verwendet.

Empfohlene Einstellung

-----------------------------------------------------------
Wenn ich auf Empfohlene einstellungen klicke kommt.
Eine Error Meldung.
Einige der Einstellungen können von der Windows-Firewall nicht geändert werden.
Fehlercode : 0x80070424

Was kann man da machen ich möchte ja wieder das sie läuft.
Bitte und danke im Vorraus

Alt 20.12.2012, 12:44   #2
markusg
/// Malware-holic
 
Meine Firewall will nicht laufen. - Standard

Meine Firewall will nicht laufen.


Hi,
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 20.12.2012, 13:48   #3
Batista_NT
 
Meine Firewall will nicht laufen. - Standard

Meine Firewall will nicht laufen.


Hab was falsch gemacht
__________________
Geändert von Batista_NT (20.12.2012 um 13:52 Uhr) Grund: Hab was falsch gemacht

Alt 20.12.2012, 13:48   #4
Batista_NT
 
Meine Firewall will nicht laufen. - Standard

Meine Firewall will nicht laufen.


Hallo ok
Habe Quick Scan gemacht

Extra TXT
Code:
ATTFilter
OTL Extras logfile created on: 20.12.2012 13:35:03 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\steffen\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 65,21% Memory free
7,00 Gb Paging File | 5,64 Gb Available in Paging File | 80,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 263,44 Gb Free Space | 56,56% Space Free | Partition Type: NTFS
Drive E: | 650,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: STEFFEN-PC | User Name: steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{44D02D8B-FFB3-4245-8D26-68D10B4C4023}" = ZSMC USB PC Camera (ZS0211)
"{45A583AC-22D5-44F1-B093-FF0429D764E9}" = Jagen 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4C534E-431F-4A17-97D4-D1682B19A054}" = Emergency4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AED142A8-96EA-42DE-B212-60BFC98D6CC7}" = USBFast
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DE8DF2C7-2436-4CAD-82D6-7446E15A3455}" = MorphVOX Pro
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5FBD274-ECBF-4BC2-91D6-F999FE451A16}_is1" = Sprengmeister Green Pepper 1.3.11
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BrowserCompanion" = BrowserCompanion
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"Emergency 2012" = Emergency 2012 Deluxe
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"FarmingSimulator2013DE_is1" = Landwirtschafts Simulator 2013
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"Fraps" = Fraps (remove only)
"funmoods" = Funmoods
"giants_editor_4.1.7_is1" = GIANTS Editor 4.1.7
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.1
"Nokia Suite" = Nokia Suite
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Philips Songbird" = Philips Songbird
"Proxifier_is1" = Proxifier version 3.21
"SA-MP Colorpicker" = SA-MP Colorpicker 1.1.0
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"TMACv6.0" = Technitium MAC Address Changer v6.0.3
"WideCap_is1" = WideCap 1.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.12.2012 20:29:44 | Computer Name = steffen-PC | Source = Avira AntiVir | ID = 4109
Description = Die Engine wurde verändert oder zerstört!  Fehlercode: 0x9
 
Error - 19.12.2012 20:29:48 | Computer Name = steffen-PC | Source = Avira AntiVir | ID = 4117
Description = Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
 
Error - 19.12.2012 20:30:30 | Computer Name = steffen-PC | Source = PowerOffer Upd Service | ID = 0
Description = Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
 
Error - 20.12.2012 06:22:03 | Computer Name = steffen-PC | Source = PowerOffer Service | ID = 0
Description = Der Dienst kann nicht gestartet werden. System.ArgumentException: 
Es ist kein Wert mit diesem Namen vorhanden.     bei System.ThrowHelper.ThrowArgumentException(ExceptionResource
 resource)     bei Microsoft.Win32.RegistryKey.DeleteValue(String name, Boolean throwOnMissingValue)

   bei Microsoft.Win32.RegistryKey.DeleteValue(String name)     bei PowerOfferService.Helper.RegistryHelper.SetRunRegistry()

   bei PowerOfferService.Service1.OnStart(String[] args)     bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
 state)
 
Error - 20.12.2012 06:22:03 | Computer Name = steffen-PC | Source = Avira AntiVir | ID = 4109
Description = Die Engine wurde verändert oder zerstört!  Fehlercode: 0x9
 
Error - 20.12.2012 06:22:05 | Computer Name = steffen-PC | Source = Avira AntiVir | ID = 4117
Description = Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
 
Error - 20.12.2012 06:22:48 | Computer Name = steffen-PC | Source = PowerOffer Upd Service | ID = 0
Description = Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
 
Error - 20.12.2012 07:49:47 | Computer Name = steffen-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\proxifier\SysSettings64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.12.2012 07:49:57 | Computer Name = steffen-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Users\steffen\AppData\Local\Temp\CA610711\x64\regsvr32.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.12.2012 08:34:40 | Computer Name = steffen-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1750    Startzeit:
 01cddeae0e572ebc    Endzeit: 8    Anwendungspfad: C:\Users\steffen\Downloads\OTL.exe    Berichts-ID:
 99387ae5-4aa1-11e2-b7cc-0025223468cd  
 
[ System Events ]
Error - 20.12.2012 06:22:03 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 20.12.2012 06:22:06 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1060
 
Error - 20.12.2012 06:22:53 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%-2147024891
 
Error - 20.12.2012 06:22:53 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
 Fehler beendet:   %%-2147024891
 
Error - 20.12.2012 06:24:02 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
 Fehler beendet:   %%-2147024891
 
Error - 20.12.2012 06:24:02 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%-2147024891
 
Error - 20.12.2012 06:24:33 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%-2147024891
 
Error - 20.12.2012 06:24:33 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
 Fehler beendet:   %%-2147024891
 
Error - 20.12.2012 06:24:34 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
 Fehler beendet:   %%-2147024891
 
Error - 20.12.2012 06:24:34 | Computer Name = steffen-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%-2147024891
 
 
< End of report >
Und nun die OTL TXT
Code:
ATTFilter
OTL logfile created on: 20.12.2012 13:35:02 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\steffen\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 65,21% Memory free
7,00 Gb Paging File | 5,64 Gb Available in Paging File | 80,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 263,44 Gb Free Space | 56,56% Space Free | Partition Type: NTFS
Drive E: | 650,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: STEFFEN-PC | User Name: steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.12.20 13:32:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\steffen\Downloads\OTL.exe
PRC - [2012.12.06 14:52:22 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.11.19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.11.19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.08.31 15:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.07.30 11:03:20 | 008,882,160 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Programme\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.16 08:55:09 | 000,871,536 | ---- | M] (BitLeader) -- C:\Programme\lg_fwupdate\fwupdate.exe
PRC - [2012.02.01 08:11:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.01.04 12:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 12:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.01.04 12:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.11.10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\DTLite.exe
PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.03 09:38:32 | 000,380,416 | ---- | M] () -- C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.10.22 02:00:00 | 002,105,344 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanGUI.exe
PRC - [2010.10.22 02:00:00 | 000,376,832 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanNetService.exe
PRC - [2010.08.02 20:13:12 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2010.01.11 20:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.05.05 20:12:34 | 002,168,832 | ---- | M] () -- C:\Programme\WideCap\widecap.exe
PRC - [2007.04.06 11:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\Windows\ZSSnp211.exe
PRC - [2005.06.07 19:59:12 | 014,383,616 | ---- | M] () -- C:\Programme\Rockstar Games\GTA - San Andreas\gta_sa.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.12.06 14:52:22 | 002,397,152 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.11.22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\System32\PrxerNsp.dll
MOD - [2012.07.30 11:03:20 | 000,426,480 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
MOD - [2012.07.30 11:03:20 | 000,233,456 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2012.07.30 11:03:20 | 000,230,384 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2012.07.30 11:03:20 | 000,159,216 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
MOD - [2012.02.15 11:33:46 | 007,859,200 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\QtGui4.dll
MOD - [2012.02.15 11:33:46 | 002,210,816 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\QtCore4.dll
MOD - [2012.02.15 11:33:46 | 000,814,080 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\QtNetwork4.dll
MOD - [2012.02.15 11:33:46 | 000,195,584 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\imageformats\qjpeg4.dll
MOD - [2012.02.15 11:33:46 | 000,025,600 | ---- | M] () -- C:\Programme\TeamSpeak 3 Client\imageformats\qgif4.dll
MOD - [2012.02.01 08:12:34 | 000,423,808 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.02.01 08:12:32 | 000,058,240 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.02.01 08:12:30 | 000,272,768 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.02.01 08:12:30 | 000,095,104 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\qjson.dll
MOD - [2012.02.01 08:12:14 | 000,384,896 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QxtCore.dll
MOD - [2012.02.01 08:12:14 | 000,165,248 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2012.02.01 08:12:12 | 010,843,520 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.02.01 08:12:12 | 002,557,312 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.02.01 08:12:12 | 000,346,496 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.02.01 08:12:08 | 001,294,208 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.02.01 08:12:08 | 000,196,480 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.02.01 08:12:06 | 000,919,936 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.02.01 08:12:06 | 000,682,880 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.02.01 08:12:06 | 000,517,504 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.02.01 08:12:04 | 008,172,928 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.02.01 08:12:04 | 002,252,672 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.02.01 08:12:02 | 002,288,512 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.02.01 08:12:00 | 000,422,272 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.02.01 08:11:56 | 000,202,624 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.02.01 08:11:56 | 000,034,688 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.02.01 08:11:54 | 000,032,640 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.02.01 08:11:36 | 000,388,480 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2012.02.01 08:11:28 | 000,437,632 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\NService.dll
MOD - [2012.02.01 08:11:18 | 001,037,696 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2012.02.01 08:10:52 | 000,758,656 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.01.05 14:19:12 | 000,112,640 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2011.03.03 09:38:32 | 000,380,416 | ---- | M] () -- C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
MOD - [2009.05.05 20:12:34 | 002,168,832 | ---- | M] () -- C:\Programme\WideCap\widecap.exe
MOD - [2009.05.05 19:10:56 | 000,327,168 | ---- | M] () -- C:\Programme\WideCap\widecapdrv.dll
MOD - [2009.05.05 19:10:42 | 000,578,048 | ---- | M] () -- C:\Programme\WideCap\proxy32.dll
MOD - [2005.06.07 19:59:12 | 014,383,616 | ---- | M] () -- C:\Programme\Rockstar Games\GTA - San Andreas\gta_sa.exe
MOD - [2003.11.16 10:48:30 | 000,065,536 | ---- | M] () -- C:\Programme\Rockstar Games\GTA - San Andreas\vorbisFile.dll
MOD - [2003.11.16 10:48:00 | 001,060,864 | ---- | M] () -- C:\Programme\Rockstar Games\GTA - San Andreas\vorbis.dll
MOD - [2003.11.15 17:54:18 | 000,036,864 | ---- | M] () -- C:\Programme\Rockstar Games\GTA - San Andreas\ogg.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2012.12.13 11:56:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.06 14:52:22 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.08.31 15:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.04 12:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.12.15 16:49:11 | 000,164,864 | ---- | M] (PowerOfferService) [Auto | Stopped] -- C:\Users\steffen\AppData\Local\PosService\Pos.exe -- (PowerOffer Service)
SRV - [2011.12.15 16:49:10 | 000,156,160 | ---- | M] (ServiceUpd) [Auto | Stopped] -- C:\Users\steffen\AppData\Local\ServUpdater\ServiceUpd.exe -- (ServUpdater)
SRV - [2011.08.09 19:09:57 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.10.22 02:00:00 | 000,376,832 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.08.26 17:30:54 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_E92D8507)
SRV - [2010.01.11 20:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (ai334u3g)
DRV - [2011.11.26 10:40:24 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.11.25 17:27:02 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011.11.01 09:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 09:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 09:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 09:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 09:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 09:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.10.18 20:53:57 | 000,057,152 | ---- | M] (Toolkit Development, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\toolkitdisk.sys -- (ToolkitDisk)
DRV - [2011.08.09 19:09:58 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.08.09 19:09:58 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.22 02:00:00 | 000,586,752 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV - [2010.10.22 02:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2010.01.12 05:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.30 10:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.04.30 06:06:56 | 000,287,008 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.12.13 10:17:58 | 001,472,000 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZS211.sys -- (ZSMC30x)
DRV - [2007.12.10 18:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftav211.sys -- (vvftav211)
DRV - [2007.01.26 00:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CtDyDyEtAtDyBtBzyzz0AyCyDtDyDtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1158815849
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{23216C89-3FDC-8B5E-2782-27424937F797}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={0074A0A8-2F1B-4A67-8871-7072438C0C54}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CtDyDyEtAtDyBtBzyzz0AyCyDtDyDtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1158815849
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
 
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 18831510
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CtDyDyEtAtDyBtBzyzz0AyCyDtDyDtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1158815849
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=100582
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{23216C89-3FDC-8B5E-2782-27424937F797}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{30750DD1-EADD-4cf1-A485-C736C96936AB}: "URL" = hxxp://search.etoolkit.com/search?q={searchTerms}&id=026fb9b2152f73ca57b126bc28d0d877cb6&s=p
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={0074A0A8-2F1B-4A67-8871-7072438C0C54}
IE - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Funmoods"
FF - prefs.js..browser.search.defaultthis.engineName: "Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40funmoods.com:1.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CtDyDyEtAtDyBtBzyzz0AyCyDtDyDtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1158815849&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10026&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/Beemp3: C:\Program Files\ToolKitService\npapi\np-beemp3.dll File not found
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/Cow: C:\Program Files\ToolKitService\npapi\np-cow.dll File not found
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/eOffers: C:\Program Files\ToolKitService\npapi\np-eoffers.dll File not found
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/FaceBook: C:\Program Files\ToolKitService\npapi\np-facebook.dll File not found
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/Radio: C:\Program Files\ToolKitService\npapi\np-radio.dll File not found
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/Settings: C:\Program Files\ToolKitService\npapi\np-settings.dll File not found
FF - HKLM\Software\MozillaPlugins\@etoolkit.com/toolbar: C:\Program Files\ToolKitService\npapi\np-toolbar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 14:52:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.04.20 15:50:02 | 000,000,000 | ---D | M]
 
[2012.09.04 22:04:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steffen\AppData\Roaming\mozilla\Extensions
[2012.09.04 22:04:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steffen\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.11.10 19:12:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steffen\AppData\Roaming\mozilla\Firefox\Profiles\lpvmruuv.default\extensions
[2012.11.10 19:12:41 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\steffen\AppData\Roaming\mozilla\Firefox\Profiles\lpvmruuv.default\extensions\ffxtlbr@funmoods.com
[2012.08.21 13:01:58 | 000,000,879 | ---- | M] () -- C:\Users\steffen\AppData\Roaming\mozilla\firefox\profiles\lpvmruuv.default\searchplugins\conduit.xml
[2011.11.25 15:22:54 | 000,001,867 | ---- | M] () -- C:\Users\steffen\AppData\Roaming\mozilla\firefox\profiles\lpvmruuv.default\searchplugins\findeer.xml
[2012.11.10 19:12:45 | 000,002,349 | ---- | M] () -- C:\Users\steffen\AppData\Roaming\mozilla\firefox\profiles\lpvmruuv.default\searchplugins\Funmoods.xml
[2011.11.25 17:31:18 | 000,005,604 | ---- | M] () -- C:\Users\steffen\AppData\Roaming\mozilla\firefox\profiles\lpvmruuv.default\searchplugins\Linkury Smartbar Search.xml
[2012.09.24 11:18:06 | 000,003,983 | ---- | M] () -- C:\Users\steffen\AppData\Roaming\mozilla\firefox\profiles\lpvmruuv.default\searchplugins\sweetim.xml
[2012.12.06 14:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.06 14:52:22 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.08 19:39:24 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.02 21:38:24 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.08 19:39:24 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.08 19:39:24 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.31 14:56:57 | 000,044,218 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\toolkitsearch.xml
[2012.06.08 19:39:24 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.08 19:39:24 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll File not found
O2 - BHO: (PowerOffer) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll File not found
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Programme\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\prxtbuTor.dll File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Programme\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\prxtbuTor.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files\uTorrentBar_DE\prxtbuTor.dll File not found
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe File not found
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\lgfw.exe (Bitleader)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
O4 - HKLM..\Run: [PosService]  File not found
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe (ZSMCSNAP)
O4 - HKU\.DEFAULT..\Run: [tktray] C:\Program Files\ToolKitService\tktray.exe File not found
O4 - HKU\S-1-5-18..\Run: [tktray] C:\Program Files\ToolKitService\tktray.exe File not found
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"  /MINIMIZED File not found
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup File not found
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [PoService]  File not found
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED File not found
O4 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000..\Run: [WideCap CP] C:\Programme\WideCap\widecap.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\System32\PrxerNsp.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Program Files\WideCap\widecapdrv.dll ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-239722676-3004662463-2361696710-1000\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23CAAD06-B254-4C5A-BF8A-D6FF1C785449}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23CAAD06-B254-4C5A-BF8A-D6FF1C785449}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48976F9E-F387-4E61-8FDF-E26A053653DD}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72EDAB7B-793A-446A-B684-3B4B5C3C967D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9C9D59E-BFEA-448B-B1E4-1C6F3D5FB6FA}: NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004.08.18 09:55:50 | 000,000,000 | ---D | M] - E:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004.08.18 09:37:22 | 000,663,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004.08.18 09:33:44 | 000,598,016 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004.08.18 09:54:43 | 000,000,083 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{02a767c1-bae5-11e0-9295-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{02a767c1-bae5-11e0-9295-806e6f6e6963}\Shell\AutoRun\command - "" = D:\cdstart.exe
O33 - MountPoints2\{16ebc350-bb7e-11e0-b333-001c4af12dcc}\Shell - "" = AutoRun
O33 - MountPoints2\{16ebc350-bb7e-11e0-b333-001c4af12dcc}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{28244e2e-180b-11e1-8168-bc054307298a}\Shell - "" = AutoRun
O33 - MountPoints2\{28244e2e-180b-11e1-8168-bc054307298a}\Shell\AutoRun\command - "" = E:\setup.exe -- [2004.08.18 09:33:45 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{cd9a00fa-bae6-11e0-a1a4-0025223468cd}\Shell - "" = AutoRun
O33 - MountPoints2\{cd9a00fa-bae6-11e0-a1a4-0025223468cd}\Shell\AutoRun\command - "" = I:\pushinst.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.12 23:56:11 | 000,000,000 | ---D | C] -- C:\Users\steffen\Desktop\Midghnigt Reallife
[2012.12.12 12:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.12.12 12:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.12.12 00:38:10 | 000,000,000 | ---D | C] -- C:\Users\steffen\Desktop\The Godfather
[2012.12.06 14:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.05 21:40:00 | 000,000,000 | ---D | C] -- C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.12.05 21:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.12.05 21:39:58 | 000,000,000 | ---D | C] -- C:\Users\steffen\AppData\Roaming\Notepad++
[2012.12.05 21:39:58 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012.11.30 01:28:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.11.30 01:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.11.30 01:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.11.30 01:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.11.28 19:27:05 | 000,000,000 | ---D | C] -- C:\Users\steffen\Desktop\HellaMM
[2012.11.28 19:27:05 | 000,000,000 | ---D | C] -- C:\Users\steffen\Desktop\German Reallife
[2012.11.28 19:26:47 | 000,000,000 | ---D | C] -- C:\Users\steffen\Desktop\Gta San Andreas Scripts
[2012.11.27 23:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Technitium MAC Address Changer v6
[2012.11.27 23:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Technitium
[2012.11.27 22:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WideCap
[2012.11.27 22:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\WideCap
[2012.11.27 21:53:52 | 000,000,000 | ---D | C] -- C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2012.11.27 21:24:23 | 000,000,000 | ---D | C] -- C:\Users\steffen\AppData\Roaming\Proxifier
[2012.11.27 21:24:16 | 000,091,240 | ---- | C] (Initex) -- C:\Windows\System32\ProxifierShellExt.dll
[2012.11.27 21:24:16 | 000,070,248 | ---- | C] (Initex) -- C:\Windows\System32\PrxerDrv.dll
[2012.11.27 21:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
[2012.11.27 21:24:15 | 000,000,000 | ---D | C] -- C:\Program Files\Proxifier
[2012.11.22 16:04:47 | 000,000,000 | ---D | C] -- C:\Users\steffen\AppData\Local\LogMeIn Hamachi
[2012.11.22 16:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.11.22 16:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012.11.20 19:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
[2012.11.20 19:37:55 | 000,000,000 | ---D | C] -- C:\Users\steffen\Documents\GTA San Andreas User Files
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.20 13:11:00 | 006,031,926 | ---- | M] () -- C:\Users\steffen\Documents\German Next Era Life - v2.5.rar
[2012.12.20 13:04:21 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.20 12:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.20 12:10:11 | 000,000,338 | ---- | M] () -- C:\Windows\lgfwup.ini
[2012.12.20 11:29:49 | 000,014,960 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.20 11:29:49 | 000,014,960 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.20 11:28:05 | 000,654,054 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.20 11:28:05 | 000,615,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.20 11:28:05 | 000,129,926 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.20 11:28:05 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.20 11:22:05 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.20 11:21:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.20 11:21:49 | 2818,023,424 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.20 00:54:19 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.12.19 17:26:47 | 000,295,100 | ---- | M] () -- C:\Users\steffen\Documents\sa-mp-002.png
[2012.12.17 23:51:22 | 000,417,587 | ---- | M] () -- C:\Users\steffen\Documents\sa-mp-985.png
[2012.12.17 20:46:03 | 017,950,272 | ---- | M] () -- C:\Users\steffen\Documents\Skype 2012-12-17 20-35-47-96.avi
[2012.12.17 20:45:07 | 008,623,456 | ---- | M] () -- C:\Users\steffen\Documents\Skype 2012-12-17 20-38-44-95.avi
[2012.12.16 23:24:24 | 005,233,549 | ---- | M] () -- C:\Users\steffen\Desktop\HellaMM.rar
[2012.12.14 10:39:52 | 000,108,813 | ---- | M] () -- C:\Users\steffen\Documents\Premium-insel1.map
[2012.12.14 10:37:30 | 002,359,362 | ---- | M] () -- C:\Users\steffen\Documents\gta_sa 2012-11-24 16-59-11-94.bmp
[2012.12.14 10:37:20 | 002,359,362 | ---- | M] () -- C:\Users\steffen\Documents\gta_sa 2012-11-24 17-00-01-35.bmp
[2012.12.14 10:37:19 | 002,359,362 | ---- | M] () -- C:\Users\steffen\Documents\gta_sa 2012-11-24 16-58-57-16.bmp
[2012.12.14 00:53:33 | 000,037,072 | ---- | M] () -- C:\Users\steffen\Desktop\Pd-Drinne.map
[2012.12.14 00:53:17 | 000,000,754 | ---- | M] () -- C:\Users\steffen\Desktop\meta.xml
[2012.12.14 00:40:12 | 000,164,267 | ---- | M] () -- C:\Users\steffen\Documents\ts3_clientui-win32-1342421813-2012-12-14 00_40_11.620117.dmp
[2012.12.13 17:41:05 | 005,263,850 | ---- | M] () -- C:\Users\steffen\Desktop\German Reallife.rar
[2012.12.12 20:33:59 | 000,207,661 | ---- | M] () -- C:\Users\steffen\Documents\Batista GWD.exe
[2012.12.12 18:16:58 | 000,207,617 | ---- | M] () -- C:\Users\steffen\Desktop\Batista GWD.exe
[2012.12.12 12:05:47 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.12.12 00:37:46 | 008,485,488 | ---- | M] () -- C:\Users\steffen\Desktop\The Godfather.rar
[2012.12.11 18:54:50 | 000,001,959 | ---- | M] () -- C:\Users\steffen\Desktop\Batista GWD.ahk
[2012.12.10 20:33:23 | 007,714,640 | ---- | M] () -- C:\Users\steffen\Desktop\ts3_recording_12_12_10_20_29_48.wav
[2012.11.22 18:57:06 | 000,091,240 | ---- | M] (Initex) -- C:\Windows\System32\ProxifierShellExt.dll
[2012.11.22 18:57:06 | 000,070,248 | ---- | M] (Initex) -- C:\Windows\System32\PrxerDrv.dll
[2012.11.22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\System32\PrxerNsp.dll
[2012.11.20 19:50:25 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
[2012.11.20 19:38:30 | 000,001,081 | ---- | M] () -- C:\Users\steffen\Desktop\gta_sa - Verknüpfung.lnk
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.12.20 13:08:59 | 006,031,926 | ---- | C] () -- C:\Users\steffen\Documents\German Next Era Life - v2.5.rar
[2012.12.20 00:47:04 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.12.19 17:26:24 | 000,295,100 | ---- | C] () -- C:\Users\steffen\Documents\sa-mp-002.png
[2012.12.17 23:51:00 | 000,417,587 | ---- | C] () -- C:\Users\steffen\Documents\sa-mp-985.png
[2012.12.17 20:39:42 | 008,623,456 | ---- | C] () -- C:\Users\steffen\Documents\Skype 2012-12-17 20-38-44-95.avi
[2012.12.17 20:37:17 | 017,950,272 | ---- | C] () -- C:\Users\steffen\Documents\Skype 2012-12-17 20-35-47-96.avi
[2012.12.16 23:24:15 | 005,233,549 | ---- | C] () -- C:\Users\steffen\Desktop\HellaMM.rar
[2012.12.14 10:39:49 | 000,108,813 | ---- | C] () -- C:\Users\steffen\Documents\Premium-insel1.map
[2012.12.14 10:34:44 | 002,359,362 | ---- | C] () -- C:\Users\steffen\Documents\gta_sa 2012-11-24 16-59-11-94.bmp
[2012.12.14 10:34:40 | 002,359,362 | ---- | C] () -- C:\Users\steffen\Documents\gta_sa 2012-11-24 17-00-01-35.bmp
[2012.12.14 10:34:36 | 002,359,362 | ---- | C] () -- C:\Users\steffen\Documents\gta_sa 2012-11-24 16-58-57-16.bmp
[2012.12.14 00:53:16 | 000,000,754 | ---- | C] () -- C:\Users\steffen\Desktop\meta.xml
[2012.12.14 00:40:11 | 000,164,267 | ---- | C] () -- C:\Users\steffen\Documents\ts3_clientui-win32-1342421813-2012-12-14 00_40_11.620117.dmp
[2012.12.13 20:57:58 | 000,037,072 | ---- | C] () -- C:\Users\steffen\Desktop\Pd-Drinne.map
[2012.12.13 17:41:00 | 005,263,850 | ---- | C] () -- C:\Users\steffen\Desktop\German Reallife.rar
[2012.12.12 18:23:43 | 000,207,661 | ---- | C] () -- C:\Users\steffen\Documents\Batista GWD.exe
[2012.12.12 17:47:06 | 000,207,617 | ---- | C] () -- C:\Users\steffen\Desktop\Batista GWD.exe
[2012.12.11 16:07:02 | 008,485,488 | ---- | C] () -- C:\Users\steffen\Desktop\The Godfather.rar
[2012.12.10 21:39:43 | 000,001,959 | ---- | C] () -- C:\Users\steffen\Desktop\Batista GWD.ahk
[2012.12.10 20:32:14 | 007,714,640 | ---- | C] () -- C:\Users\steffen\Desktop\ts3_recording_12_12_10_20_29_48.wav
[2012.11.28 19:27:20 | 000,412,160 | ---- | C] () -- C:\Users\steffen\Desktop\samp.exe
[2012.11.28 19:24:48 | 000,013,189 | R--- | C] () -- C:\Windows\instwcli.inf
[2012.11.27 21:24:16 | 000,056,424 | ---- | C] () -- C:\Windows\System32\PrxerNsp.dll
[2012.11.20 19:50:25 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
[2012.11.20 19:38:30 | 000,001,081 | ---- | C] () -- C:\Users\steffen\Desktop\gta_sa - Verknüpfung.lnk
[2012.11.10 19:12:40 | 000,290,500 | ---- | C] () -- C:\Users\steffen\AppData\Local\funmoods-speeddial_sf.crx
[2012.11.10 19:12:40 | 000,031,465 | ---- | C] () -- C:\Users\steffen\AppData\Local\funmoods.crx
[2012.08.16 22:20:54 | 000,000,383 | ---- | C] () -- C:\Windows\System32\settings.ini
[2012.07.20 12:12:37 | 001,678,749 | ---- | C] () -- C:\Users\steffen\20120522_022604.jpg
[2012.07.20 12:12:37 | 001,617,588 | ---- | C] () -- C:\Users\steffen\20120522_022611.jpg
[2012.07.20 12:12:37 | 001,559,246 | ---- | C] () -- C:\Users\steffen\20120522_022558.jpg
[2012.07.20 12:12:37 | 001,485,227 | ---- | C] () -- C:\Users\steffen\20120522_022551.jpg
[2012.07.16 21:47:07 | 000,000,364 | ---- | C] () -- C:\Windows\System32\pos.dat
[2012.04.05 18:38:25 | 067,126,568 | ---- | C] () -- C:\Users\steffen\ts3_recording_12_04_05_19_38_22.wav
[2011.12.25 09:50:02 | 000,000,338 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.10.28 21:36:03 | 000,015,565 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin
[2011.10.13 10:07:19 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011.08.27 10:39:05 | 000,704,512 | ---- | C] () -- C:\Windows\System32\cohelper.dll
[2011.08.27 10:39:05 | 000,005,940 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.08.10 08:43:09 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2011.07.31 19:16:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.07.30 21:33:26 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2011.05.24 12:03:24 | 000,276,232 | ---- | C] () -- C:\Users\steffen\AppData\Local\ConduitInstaller.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-239722676-3004662463-2361696710-1000\$6afee75b1972feb0be7379353e003138\n. -- File not found
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\$Recycle.Bin\S-1-5-18\$6afee75b1972feb0be7379353e003138\n. -- File not found
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.11.07 20:47:41 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Azureus
[2011.10.23 21:10:33 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Babylon
[2011.11.24 21:26:01 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\BitSpirit
[2011.11.07 20:45:44 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\BitTorrent
[2012.10.16 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\BrowserCompanion
[2012.02.23 19:40:41 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.09.16 19:36:33 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\DAEMON Tools Lite
[2011.10.20 17:24:34 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Easy MP3 Recorder
[2012.03.13 21:55:21 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\gtk-2.0
[2011.11.03 17:56:59 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\HU2011
[2012.04.20 15:50:21 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Nokia
[2012.12.05 23:09:41 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Notepad++
[2011.11.26 10:35:32 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\OpenCandy
[2012.04.20 15:53:31 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\PC Suite
[2012.12.20 01:03:13 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Philips
[2012.09.04 22:03:55 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Philips-Songbird
[2012.04.11 14:12:19 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\ProtectDISC
[2012.11.27 21:24:23 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Proxifier
[2012.09.26 15:53:31 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Screaming Bee
[2012.08.10 21:52:45 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\TeamViewer
[2011.11.09 19:43:48 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Try2
[2012.12.20 01:03:13 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\TS3Client
[2011.08.29 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\TuneUp Software
[2011.08.23 18:40:41 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\Tunngle
[2012.09.20 09:30:42 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\uTorrent
[2011.08.10 12:13:41 | 000,000,000 | ---D | M] -- C:\Users\steffen\AppData\Roaming\YoudaGames
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:F1A5FE8B

< End of report >

Alt 20.12.2012, 14:10   #5
markusg
/// Malware-holic
 
Meine Firewall will nicht laufen. - Standard

Meine Firewall will nicht laufen.


Hi
öffne bitte Avira, Verwaltung, Quarantäne, poste alle Fundmeldungen mit Pfadangabe bitte

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Meine Firewall will nicht laufen.
0x8007042, aktuallisieren, compu, computers, einstellungen, error, firewall, gen, geändert, glaube, klicke, laufe, laufen, problem, schutz, will nicht


« Trojan Speyeyes und Rogue.Live Sexurity Platinum gefunden | Laptop scrollt unkontrolliert hin und her »


Ähnliche Themen: Meine Firewall will nicht laufen.


  1. Diverse Funktionen laufen nicht richtig
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (28)
  2. Nach Virusbefall (TR/ATRAPS.Gen) kann ich meine Firewall nicht starten!
    Plagegeister aller Art und deren Bekämpfung - 20.11.2013 (22)
  3. 2x Nach Virusbefall kann ich meine Firewall nicht starten / TR/ATRAPS.Gen
    Mülltonne - 15.11.2013 (5)
  4. Programme werden nicht mehr ausgeführt, Installationen laufen nicht...
    Log-Analyse und Auswertung - 18.04.2013 (15)
  5. Trojaner eingefangen der immer meine McAffey Firewall deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (18)
  6. Videos laufen bei Firefox nicht
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (1)
  7. Desktop Security 2010 Agent es wurde mir auch angezeigt das meine Firewall deaktiviert sei
    Log-Analyse und Auswertung - 27.08.2010 (15)
  8. Malwarebytes und Antivir laufen nicht durch
    Log-Analyse und Auswertung - 23.07.2010 (11)
  9. PC startet nicht, Lüfer laufen schwach
    Netzwerk und Hardware - 25.05.2010 (4)
  10. Systemprogramme+Vierenprogramm laufen nicht mehr !!!
    Antiviren-, Firewall- und andere Schutzprogramme - 17.08.2009 (1)
  11. Wieso schaltet sich meine Firewall ständig alleine aus?
    Antiviren-, Firewall- und andere Schutzprogramme - 20.12.2008 (8)
  12. Meine Firewall blockiert mein Internet
    Mülltonne - 25.08.2008 (0)
  13. wie benutze ich meine firewall?und welche Dienste brauche ich, bzw sollte deaktiviere
    Antiviren-, Firewall- und andere Schutzprogramme - 19.08.2007 (9)
  14. Windows XP Firewall Symbol in Taskleiste ist nicht da, obwohl Firewall aktiviert ist!
    Antiviren-, Firewall- und andere Schutzprogramme - 15.01.2007 (7)
  15. Sygate und Kerio Firewall gleichzeitig laufen lassen?
    Antiviren-, Firewall- und andere Schutzprogramme - 07.09.2006 (3)
  16. Internetprogramme laufen nicht
    Plagegeister aller Art und deren Bekämpfung - 25.04.2005 (11)
  17. WinMX und Emule Plus laufen nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 16.04.2003 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Meine Firewall will nicht laufen. - Hallo ich habe ein Problem mit meiner Firewall. Ich glaube sie ist aus.. Das steht . _________________________________________________ Firewall einstellungen aktuallisieren Die zum Schutz des Computers empfohlenen Einstellungen werden nicht von - Meine Firewall will nicht laufen....
Archiv
Du betrachtest: Meine Firewall will nicht laufen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130