Sehr gut!

damit bist Du sauber und entlassen!

adwCleaner entfernen

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Uninstall.
• Bestätige mit Ja.

Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

• Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
• Speichere es auf Deinem Desktop.
• Doppelklick auf OTL.exe um das Programm auszuführen.
  Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
• Klicke auf den Button "Bereinigung"
• OTL fragt eventuell nach einem Neustart.
  Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html


Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.



Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
http://www.trojaner-board.de/109844-...ren-seite.html
PC wird immer langsamer - was tun?

Hallo!
So, ich habe nun alles gemacht wie beschrieben.
Sehr seltsam finde ich allerdings, dass ich immer noch teilweise Werbungen im Firefox bekomme. Nicht mehr derart frequent wie bisher, aber sie erscheinen trotzdem noch!
Könnte es eventuell sein, dass die Programme nicht alles aufgespürt haben?

MfG Christian!

Zitat:

Sehr seltsam finde ich allerdings, dass ich immer noch teilweise Werbungen im Firefox bekomme.

Bitte mal Screensht machen!


dazu:

Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

• Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Wähle Scanne Alle Benuzer
• Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
• Unter Extra Registrierung, wähle bitte Benutze SafeList
• Klicke nun auf Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

Hallo t'john!

Entschuldige für die etwas verspätete Antwort, aber aufgrund von Internetproblemen ist es mir nun erst möglich zu antworten!

OTL.txt:

- als Anhang beigefügt -


Extras.txt:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 16.02.2013 14:14:58 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mega\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 59,90% Memory free
7,73 Gb Paging File | 5,57 Gb Available in Paging File | 72,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,99 Gb Total Space | 268,65 Gb Free Space | 59,44% Space Free | Partition Type: NTFS
 
Computer Name: MEGA-PC | User Name: Mega | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2276923171-490720947-1107866839-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1E98A1CA-2F5D-43A8-9D54-C59C81E3C7BB}" = lport=57384 | protocol=6 | dir=in | name=pando media booster | 
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4519CF3D-68AD-4EC0-BF5C-187FBB8A092D}" = lport=57384 | protocol=17 | dir=in | name=pando media booster | 
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{70808535-180E-47D5-97AD-806A870C26AB}" = lport=57384 | protocol=6 | dir=in | name=pando media booster | 
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F7B628F0-2F07-48D8-96AC-2722B74DDCAF}" = lport=57384 | protocol=17 | dir=in | name=pando media booster | 
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{03925ED6-3B1F-4800-9443-7776843E8061}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{10EF78F1-DE6C-4DDD-854E-F4A245CF49C9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{1322D532-F3EC-4FD1-AA51-E159586FE437}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3C714B93-70AD-4B12-B005-C9BAE5F0BDE8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{40E259DF-B070-4E2F-9406-BE3526D39995}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{41A1FAA6-51A2-4B0B-A56B-8FF6774D8F68}" = dir=in | app=c:\users\mega\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{503F5434-92ED-483E-9821-48A4FD0BBE75}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{5953D8B4-7340-4C10-9EC2-8086F6E9EDAA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6996550B-6C27-42A2-87B7-FA3960DD3552}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{71AE3565-97CD-41F2-B374-875D9E17BD85}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{847A4C80-10C5-4695-8F41-D2486F572888}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8A5BBB88-F2F4-49B6-BF39-7A3B13658A7D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A5DEE294-5E9B-4C78-8261-EC1E1A6D1A1C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B9D3ED57-2AE8-48A3-9E74-E55BF88BAB15}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | 
"{C6169206-8F10-4014-97FD-A3B534B10551}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CBE50FC4-1D68-493C-99B2-59AA4B4DC3E7}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DE8AE6BF-45B5-441E-9337-5332E1F232AB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{15AEA999-9378-4C81-8B45-CC211955DA81}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{15E529B4-B21C-429F-891E-4EFF38F5E3B4}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{1C81B2E1-BC66-4B16-BBB6-7C2B414188A2}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"TCP Query User{71151F7F-3210-4A9D-A921-85D0A6400B14}C:\program files (x86)\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | 
"TCP Query User{915B6EBB-1B63-455B-A65D-F30D06B26025}C:\users\mega\desktop\lan party\unreal tournament 2004\system\ut2004.exe" = protocol=6 | dir=in | app=c:\users\mega\desktop\lan party\unreal tournament 2004\system\ut2004.exe | 
"TCP Query User{988C80F4-8770-49B2-8DA9-0B3C9A37D989}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{9F38923B-D0D1-4D3B-95E4-95A9E7BFE5AD}C:\program files (x86)\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget\flashget.exe | 
"TCP Query User{C96C62F3-775C-4A6A-AED1-71C3CA1FFC02}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"TCP Query User{CC203F41-5E4A-49CB-AE72-56F07938934D}C:\users\mega\desktop\lan party\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\mega\desktop\lan party\warcraft iii\war3.exe | 
"TCP Query User{D2091CA4-F3CD-4CC3-AD8A-F56591D6BDC9}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"TCP Query User{F5C6BBD6-3DFE-445E-AB59-E9881EF8429D}C:\users\mega\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\mega\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"UDP Query User{6D87AD14-DC0E-4772-847C-7B6BFB1A6776}C:\users\mega\desktop\lan party\unreal tournament 2004\system\ut2004.exe" = protocol=17 | dir=in | app=c:\users\mega\desktop\lan party\unreal tournament 2004\system\ut2004.exe | 
"UDP Query User{6DE5E84F-D721-4C7B-B43F-A1AA54CCD2FD}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{6E4BA60C-D2C9-4CFE-B80E-1E53F730B906}C:\users\mega\desktop\lan party\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\mega\desktop\lan party\warcraft iii\war3.exe | 
"UDP Query User{700FB01F-5F78-48CB-96EA-205AA385F7C9}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"UDP Query User{8C6C9C52-D06A-46D5-9E6A-A94FFC64D839}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{9646DF58-877C-4AEE-8D64-193B0E63CA86}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{A03E0707-DA35-4027-BACB-DAF0B65B5C8A}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"UDP Query User{BB4BCA87-22BB-4518-8118-DE5000A95224}C:\program files (x86)\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget\flashget.exe | 
"UDP Query User{EDE980F7-A1F2-4B49-A32D-5A7D11F4B33C}C:\program files (x86)\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | 
"UDP Query User{F7908F14-CDFD-4775-B14E-7E91D820FD8A}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"UDP Query User{FF222FFE-EF8C-4537-8BC9-4900E8489B11}C:\users\mega\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\mega\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1111706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 (64-bit)
"{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2222706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 SDK (64-bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{64A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{BC39713D-B14D-4BB0-9663-BC9F7B8AB1F2}" = O&O Defrag Professional
"{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"A9A49C1D75CF72E725210A23AFFF679CBEE4A1E7" = Windows-Treiberpaket - KAWAI USB MIDI (12/20/2011 2.0.7600.16385)
"B7B65043A5743718DFD1A76B301FB693D51C21BB" = Windows-Treiberpaket - MADRIX USBDMX driver (10/22/2010 6.0.0510.1)
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"DesktopIconAmazon" = Desktop Icon für Amazon
"Logitech Gaming Software" = Logitech Gaming Software 8.35
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06D988B0-C028-11DA-6784-249F35B618BE}" = Schedule Wizard
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DB51EBE-ECD4-4308-A55C-3DFDC4E83814}" = DJ Java Decompiler v.3.12.12.96
"{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1" = gpedt.msc 1.0
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14D6085A-9A42-C0B5-823E-8C9619AC1026}" = Catalyst Control Center Graphics Full New
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1" = TubeDigger 2.1.5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF19BBD-554D-733C-3BDF-B55C99349198}" = Catalyst Control Center Core Implementation
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2515EAA9-AE9F-4F0A-8301-B40034838B8A}" = Livestream Procaster
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{346D6B7A-4AD8-5C2C-E249-34CA3CD7D34B}" = CCC Help Polish
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{357C0C30-051F-FE77-4709-025786123FB1}" = ccc-core-static
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{41BC23C5-157F-77A0-6662-17A5096E7946}" = Catalyst Control Center Graphics Previews Vista
"{4507185D-FAB8-B77D-4546-2CF31DA906AD}" = Catalyst Control Center Graphics Full Existing
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4967ADB1-27A6-635F-A217-754BD9A05E2E}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54DFD48E-0E0D-5D0C-BD93-CE3DF090EC1C}" = CCC Help Japanese
"{5528C69D-4018-C4BD-7D00-67F90623EB33}" = CCC Help Italian
"{5582C24D-5597-42D2-537E-BA329164D78D}" = CCC Help Thai
"{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}" = True Image 2013
"{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible" = True Image 2013
"{6006059E-013D-4B77-BC5C-4DD5E4A6570D}" = G Data InternetSecurity 2012 PC-Welt Edition
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7084A4CC-F87D-4972-9954-942BDEC59313}" = Zynewave Podium Free 2.42
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{785F975B-50FB-C523-5E58-C6EFE9E62424}" = CCC Help Portuguese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D62622F-78B7-91B0-5B75-4082DDFAC775}" = CCC Help Swedish
"{7DE2B39B-97F0-EC01-06D6-E25C6D4164DF}" = CCC Help German
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{878789F8-276E-4D98-20E6-78DCBD77AD7D}" = CCC Help Turkish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8F2AE892-C036-C2F8-0D45-0ED891440D68}" = CCC Help French
"{8F311E92-C29F-4DF9-8259-B739A1831669}_is1" = SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95D40BD8-2EA7-C51E-A218-B2F863481573}" = CCC Help Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98A7C691-304F-31DC-A21C-3675E1D68501}" = CCC Help Chinese Traditional
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E012857-0B5E-40A0-A36A-36751966A79B}_is1" = ICQ Status Checker 1.8
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A33B56D0-F273-F6C2-C335-50AE0C83C85C}" = CCC Help Finnish
"{A8CB3994-B273-D81E-315C-CA3A8376415E}" = Catalyst Control Center Localization All
"{A8D450FB-F8F7-4250-7CE3-A3C24CDE5722}" = CCC Help Hungarian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB82BA59-B05B-70DC-992B-D2D7A2AF4EE5}" = CCC Help Korean
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BFB59706-4FEC-37A8-96CD-C7F6932AD6DD}" = CCC Help Norwegian
"{C09EECFB-8925-5E54-1580-3FAEB6A78856}" = Catalyst Control Center Graphics Light
"{C0ED2557-8BCC-71B6-253C-BDFE26A9B37D}" = CCC Help Spanish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CC62C6C8-0D7F-3F0D-9BD6-49CB16029A6A}" = CCC Help Greek
"{CC6D2A70-B152-E250-ABEA-5D7D681469F8}" = CCC Help English
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump 1.0.1.8
"{DA4A0653-0B04-441D-BB84-7A2D472DE818}" = SaferSurf
"{DAFFBC42-ABA2-882C-68CB-593B9CF9ACF5}" = CCC Help Russian
"{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"{DFF2D0B9-1706-6AA8-85CD-A70DF44AE3F8}" = CCC Help Danish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6AAFC37-EB31-768D-A9A5-AA8A84612615}" = CCC Help Dutch
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"5513-1208-7298-9440" = JDownloader 0.9
"Acer Registration" = Acer Registration
"Acer Welcome Center" = Welcome Center
"ACRYSH6_is1" = ArchiCrypt Shredder Version 6.0.7.5650
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akoff Music Composer Demo" = Akoff Music Composer Demo 3.0
"Android SDK Tools" = Android SDK Tools
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BZFlag2.4.0_32Bit" = BZFlag 2.4.0 32Bit (remove only)
"CanonMyPrinter" = Canon My Printer
"DAEMON Tools Lite" = DAEMON Tools Lite
"DRPU ID Card Design Software" = DRPU ID Card Design Software
"dslmon" = devolo Informer
"DuckCapture_is1" = DuckCapture Standard 2.7
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"ESI- ESU1808 Audio Driver Setup" = ESI- ESU1808 Audio Driver
"ExpatShield" = Expat Shield 2.24
"Finale 2009" = Finale 2009
"Finale 2009 Demo" = Finale 2009 Demo
"Firefox Profile Switcher" = Firefox Profile Switcher
"FlashGet" = FlashGet 1.9.6.1073
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"Free Video Dub_is1" = Free Video Dub version 2.0.14.1015
"GridVista" = Acer GridVista
"Handset WinDriver" = Handset WinDriver 1.02.03.00
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"ImgBurn" = ImgBurn
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"IrfanView" = IrfanView (remove only)
"MADRIX" = MADRIX 2.14b
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MPE" = MyPhoneExplorer
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"nbi-nb-base-7.1.2.0.0" = NetBeans IDE 7.1.2
"NirSoft ProduKey" = NirSoft ProduKey
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.2.2
"Opera 11.62.1347" = Opera 11.62
"PicPick" = PicPick
"portfwd" = devolo Extended Port Forwarding
"Puzzle Collection" = Microsoft Entertainment Pack: The Puzzle Collection
"RealPlayer 15.0" = RealPlayer
"SaferSurf" = SaferSurf
"Sonigen Modular_is1" = Sonigen Modular version 
"TeamViewer 7" = TeamViewer 7
"Trillian" = Trillian
"VLC media player" = VLC media player 2.0.2
"Warzone 2100-2.3.9" = Warzone 2100-2.3.9
"Warzone 2100-3.1_rc2" = Warzone 2100-3.1_rc2
"Website Ripper Copier" = Website Ripper Copier
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"wlansetup" = devolo WLAN Konfigurationsassistent
"WM Recorder" = WM Recorder
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2276923171-490720947-1107866839-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.02.2013 20:04:06 | Computer Name = Mega-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Mega\Documents\COMPUTER_BILD_Download_Manager_fuer_super.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 14.02.2013 18:04:31 | Computer Name = Mega-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 14.02.2013 18:04:31 | Computer Name = Mega-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1138
 
Error - 14.02.2013 18:04:31 | Computer Name = Mega-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1138
 
Error - 15.02.2013 00:23:13 | Computer Name = Mega-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 15.02.2013 00:23:13 | Computer Name = Mega-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22723542
 
Error - 15.02.2013 00:23:13 | Computer Name = Mega-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22723542
 
Error - 16.02.2013 07:09:09 | Computer Name = Mega-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 16.02.2013 07:11:50 | Computer Name = Mega-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 16.02.2013 08:58:48 | Computer Name = Mega-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1044    Startzeit:
 01ce0c44e01b351b    Endzeit: 0    Anwendungspfad: C:\Users\Mega\Desktop\OTL.exe    Berichts-ID:
 602b9091-7838-11e2-be4b-00262d8d1155  
 
[ System Events ]
Error - 16.02.2013 06:37:18 | Computer Name = Mega-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 16.02.2013 06:37:18 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 16.02.2013 06:37:18 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 16.02.2013 06:37:32 | Computer Name = Mega-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 16.02.2013 06:37:32 | Computer Name = Mega-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 16.02.2013 06:37:32 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 16.02.2013 06:37:32 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 16.02.2013 06:37:32 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 16.02.2013 06:37:32 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 16.02.2013 06:38:34 | Computer Name = Mega-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee VirusScan Announcer" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
[ TuneUp Events ]
Error - 17.01.2013 19:47:11 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 18.01.2013 05:22:07 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 19.01.2013 08:10:33 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 20.01.2013 09:21:10 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 21.01.2013 06:16:25 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 22.01.2013 05:44:46 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 22.01.2013 16:47:13 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 23.01.2013 06:37:15 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 24.01.2013 06:29:25 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 25.01.2013 05:24:59 | Computer Name = Mega-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >
         

Es öffnen sich Links, die wie diese hier aussehen:

Code: Alles auswählenAufklappen

ATTFilter

hxxp://seth.avazutracking.net/tracking/redirect/redirect.php?id=5585463&kw=HmXxDOcUPgB1gxsBAAAAALE8QwAAAAAAAgAEAAYAAAAAAP8AAAAEAiNIXAAAAAAAj9k3AAAAAABoT1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8OxcAAAAAAAIAAwAAgD8Ay4Lg0DwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=,eJwrMHIPddErzs81yg5Oy0lzdyqKt8j2CyszCQ7wMS-3sMzKMdAFAN3mC7Q=&czid=YXZhenU1NTg1NDYzMQ==&pub=825219&source=hxxp://ams1.ib.adnxs.com/if?enc=ukkmaiuhhj8rpb3bfyadpwaaaaaaapa_eaw9wrcmgz-6sqwck4egpwd-65dqbriawavuwg1itb8t2rpraaaaafoceqd0awaakqqaaaiaaaafqewamvmcaaaaaqbvu0qavvneangcwgdswqaalmoaagucaquaaiqatx0lbqaaaaa.&cnd=%21zb9hpqi85zsqhycxahgaijrnczaaonkdc0aaskkiunq4rfgayigeaabwangagaeeiaeakaebmaeboaebqaedsaeauqg6sqwck4egp8ebukkmaiuhhj_jauxnzly7iec_2qeaaaaaaadwp-abaa..&udj=uf%28%27a%27%2c+69536%2c+1360714029%29%3buf%28%27c%27%2c+979900%2c+1360714029%29%3buf%28%27r%27%2c+4997125%2c+1360714029%29%3b&ccd=%21cwxvmai85zsqhycxahia5wsgaa..&vpid=167&apid=133441&referrer=http%3a%2f%2fc.ztstatic.com%2f728x90_easyyoutube2.htm%3ft%3d1360713719305&custom_macro=adv_id%5e69536%5ecp_id%5e979900&media_subtypes=1&dlo=1&vurl=217146654&buyerid=5787496&campaignid=4406449&usrid=OTY2N2F2Y&categoryid=0&creativeid=18580341&filepath=hxxp://content.yieldmanager.edgesuite.net/&price=0&pricingtype=CPA&rgid=Xp1NTA3&sellerid=3660175&sectionid=4068583&siteid=&usercity=Ulm
         

hxxp://network.adsmarket.com/click/imZrmWXKfJeNaWzEXsp6w4liapleon6Vt2JpmmKkqZiMZ3DEY6F7m45i?dp=996285902

hxxp://ad2.adfarm1.adition.com/banner?sid=141246&kid=403776&bid=1563158&wpt=C&ts=5843486963955466742

Diese verleiten dann automatisch zu Seiten wie

hxxp://www.garbagegarage.de/?ref=avaggde
oder
hxxp://de.start.gamigo.com/fiesta-online/ab04r/?pl=af&affiliateID=1157&pubID=25247&creativeID=23583&ce_cid=20jgL13LdZkYDcfI1IzZM.1u7oNe000.


Anbei habe ich 2 Screenshots von den von selbst geöffneten Seiten!

Beste Grüße,
Christian!

Das passiert nur im Firefox?

Alte Version loeschen, neu laden:

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Hallo t'john!

Erst einmal ein Sorry von meiner Seite, dass ich erst jetzt antworte, jedoch hatten wir Synchronisierungsprobleme mit unserem Internetanschluss und deswegen war es mir nicht eher möglich, zu schreiben!

Ich habe AdwareCleaner zweimal laufen lassen, da es seltsamerweise abgestürzt ist.

Logfile 1:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.112 - Datei am 23/02/2013 um 10:21:17 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Mega - MEGA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Mega\Desktop\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0.2 (de)

Datei : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\2saobg8z.Papa\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Opera v11.62.1347.0

Datei : C:\Users\Mega\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [966 octets] - [23/02/2013 10:21:17]

########## EOF - C:\AdwCleaner[S1].txt - [1025 octets] ##########
         

Logfile 2:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.112 - Datei am 23/02/2013 um 13:03:44 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Mega - MEGA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Mega\Desktop\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0 (de)

Datei : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\2saobg8z.Papa\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Opera v11.62.1347.0

Datei : C:\Users\Mega\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1094 octets] - [23/02/2013 10:21:17]
AdwCleaner[S2].txt - [1024 octets] - [23/02/2013 13:03:44]

########## EOF - C:\AdwCleaner[S2].txt - [1084 octets] ##########
         

Des Weiteren ist noch eine neue Werbung aufgetaucht, ich habe sie als Adware.png abgebildet und in einem Archiv namens "Adware.zip" hochgeladen!

Beste Grüße,
Christian!

Bitte noch meine Frage beantworten:

Zitat:

Das passiert nur im Firefox?

Bitte die Plug-Ins mal auflisten:
Extension List Dumper - Download - Filepony

Hallo!

Ich kann dir leider nicht sagen, ob es nur im Firefox passiert, da ich nur Firefox nutze.
Jedoch werde ich heute und morgen mal Opera oder Internet Explorer ausprobieren!

Hier die Auflistung:

Code: Alles auswählenAufklappen

ATTFilter

Anwendung: Firefox 19.0 (20130215130331)
Betriebssystem: WINNT (x86-msvc)

- Adblock Plus 2.2.3
- Auto Refresh 1.0.2
- DownloadHelper 4.9.14
- Easy YouTube Video Downloader 6.7
- Element Hiding Helper für Adblock Plus 1.2.3
- Extension List Dumper 1.15.2
- Fast Video Download (with SearchMenu) 4.2.5 (deaktiviert)
- FireJump 1.0.1.8 (deaktiviert)
- FireShot 0.98.31 (deaktiviert)
- Flash Video Downloader Youtube Downloader 3.8.2
- FlashGot 1.5.4.2
- G Data BankGuard 1.1.11222.991 (deaktiviert, inkompatibel)
- G Data WebFilter 22.1.11207.233 (deaktiviert, inkompatibel)
- Greasemonkey 1.7.1
- HttpFox 0.8.11
- IE Tab 2 (FF 3.6+) 4.12.22.2
- ProfileSwitcher 1.5.0.2 (deaktiviert)
- QuickJava 1.8.0 (deaktiviert)
- RealPlayer Browser Record Plugin 15.0.2 (deaktiviert)
- ReloadEvery 17.0.0
- ShowIP 1.9
- Sitzungs-Manager 0.7.9.5
- Skype Click to Call 5.6.0.8442 (deaktiviert, inkompatibel)
         

Passiert das auch, wenn du den FF so startest:

Hallo t'john!

Ich kann es nicht mit Sicherheit sagen. Habe einen Tag lang im abgesicherten Modus von Firefox ohne Addons gesurft, aber es ist nichts gekommen.
Dies kann jedoch auch Zufall sein!

Hm meinst du es könnte an einem Plugin oder Addon liegen?

Ja, es ist sehr wahrscheinlich.

Du kannst versuchen nach und nach die einzelnen Addons dazuschalten um rauszufinden welcher der Uebeltaeter ist.

Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.