Neuer GVU-Trojaner (2.04 ist es nicht)

**geplagter-83** · 18.06.2012, 21:19

Hallo botfrei-Team,

Habe mir heute leider den o.g. Trojaner eingefangen.
Die Lösung zur Version 2.04 funktioniert leider nicht.
Könnt ihr mir bitte weiterhelfen?

Danke!

Grüße
Der Geplagte

Hier noch die Logfiles:
OTL.Txt mbam-log-2012-06-18 (23-24-17).txt Extras.Txt

**geplagter-83** · 19.06.2012, 07:41

Es ist der selbe wie in diesem Thread: http://forum.botfrei.de/showthread.p...r-nicht-v-2-04

Ich brauch Eure Hilfe....

Danke nochmals!

**john.doe** · 19.06.2012, 08:14

Hallo Marcel und

1.) Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Code:

:OTL
MOD - [2012.06.18 20:36:08 | 000,192,992 | ---- | M] () -- C:\Users\Marcel\AppData\Local\Temp\tpl_0_c.exe
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2628785492-4091211904-2507900694-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O33 - MountPoints2\{33280176-6367-11e0-a5e4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{33280176-6367-11e0-a5e4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\ASRSetup.exe
O33 - MountPoints2\{663f0632-70c7-11e0-8f77-002522a4b97a}\Shell - "" = AutoRun
O33 - MountPoints2\{663f0632-70c7-11e0-8f77-002522a4b97a}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
[2012.06.18 21:36:44 | 004,503,728 | ---- | M] () -- C:\ProgramData\c_0_lpt.pad
[2012.06.18 20:36:08 | 000,001,885 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.18 20:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

:Files
C:\Users\Marcel\AppData\Local\Temp

:Commands
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

2.) Rechner startet neu, Windows "normal" starten und berichten, ob der Sperrbildschirm noch erscheint.

ciao, andreas

**geplagter-83** · 19.06.2012, 19:52

Hi Andreas,

herzlichen Dank für deine Hilfe.
Der Sperrbildschirm hat sich bisher nicht mehr gezeigt, super!
Wie geht es jetzt weiter, muss ich noch irgend etwas machen?
Sind meine Passwörter, Zugangs- und Bankdaten etc.
durch diese Aktion gefährdet, oder erkennst du noch Gefährdungspotenzial
in den Logfiles?

Grüße
Marcel, der (deutlich weniger) Geplagte :)

Inhalt des Logfiles nach OTL-Fix:

Code:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2628785492-4091211904-2507900694-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33280176-6367-11e0-a5e4-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33280176-6367-11e0-a5e4-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33280176-6367-11e0-a5e4-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33280176-6367-11e0-a5e4-806e6f6e6963}\ not found.
File D:\ASRSetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{663f0632-70c7-11e0-8f77-002522a4b97a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{663f0632-70c7-11e0-8f77-002522a4b97a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{663f0632-70c7-11e0-8f77-002522a4b97a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{663f0632-70c7-11e0-8f77-002522a4b97a}\ not found.
File move failed. G:\LaunchU3.exe scheduled to be moved on reboot.
C:\ProgramData\c_0_lpt.pad moved successfully.
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
========== FILES ==========
C:\Users\Marcel\AppData\Local\Temp\{EF064F45-B07B-4FAC-975E-EB6953A2128E} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{EE590B3E-9FD3-4CB0-9FA7-D4600B1ED6AC} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{E08A84A8-A0C7-407D-945F-A71103DF01CF} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{ABA35F40-646B-4B71-BF44-8ABFAB4F36D3}\{0CC1DAFB-40C8-4903-953D-471E541477C7} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{ABA35F40-646B-4B71-BF44-8ABFAB4F36D3} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{A35E6DAB-FD06-4E8F-BBD2-9A8EBED64B89} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{8F94FE70-F37E-453B-9535-2864EBC86CDF} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{82C6A287-6232-4070-B7EE-B8B3B3DEC6EA} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{7A94A696-CD95-4D7A-8216-5590386040E6} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{7000C96E-620F-4008-A1CB-C4955A3BFC22} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{44AD2EA6-B602-4178-BD9D-467BE0CFFFFE} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{428ECDE2-1F19-4852-832E-FBFE0D637B71} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{3FE95ED4-31F7-4F89-A7A9-2844EC7A9D13} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{39FB5704-EA28-4F73-8209-A0388C1DDEAE} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{35542CEC-DB88-4099-8B1D-76605A2DEB60} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{35361D9C-278A-465C-8356-C2119C42A815} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\{09676F98-51B4-42F7-9143-BF9B68F50877} folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\_avast_ folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\WPDNSE folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TPG6VYK4 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TDNK249G folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Temporary Internet Files\Content.IE5\IBGNJO6K folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Temporary Internet Files\Content.IE5\0WTBTZMB folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Temporary Internet Files folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\scoped_dir9082 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\scoped_dir22405 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\outlook logging folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\OIS\temp folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\OIS\cacheFiles folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\OIS folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\msohtmlclip1\01 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\msohtmlclip1 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\msohtmlclip folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_10.0.30319 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Low\_avast_ folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Low\hsperfdata_Marcel folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Low folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\is-R2FC7.tmp folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\hsperfdata_Marcel folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\History\History.IE5 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\History folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Cookies folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\B403.dir folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Adobe\Acrobat\10.0 folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Adobe\Acrobat folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\Adobe folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\4144.dir folder moved successfully.
C:\Users\Marcel\AppData\Local\Temp\111110000001011110001101101000 folder moved successfully.
Folder move failed. C:\Users\Marcel\AppData\Local\Temp scheduled to be moved on reboot.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Marcel
->Temp folder emptied: 4616892 bytes
->Temporary Internet Files folder emptied: 155418880 bytes
->Java cache emptied: 71068 bytes
->Flash cache emptied: 470 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2440004 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 155,00 mb
 
 
OTL by OldTimer - Version 3.2.49.0 log created on 06192012_203835

Files\Folders moved on Reboot...
File move failed. G:\LaunchU3.exe scheduled to be moved on reboot.
C:\Users\Marcel\AppData\Local\Temp folder moved successfully.
File\Folder C:\Users\Marcel\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

**john.doe** · 19.06.2012, 20:16

Hallo Marcel,

Der Sperrbildschirm hat sich bisher nicht mehr gezeigt, super!

Schritt 1: Entsperren, so dass du wieder "normal" starten kannst. Erledigt.

Wie geht es jetzt weiter, muss ich noch irgend etwas machen?

Ja.

Sind meine Passwörter, Zugangs- und Bankdaten etc. durch diese Aktion gefährdet, oder erkennst du noch Gefährdungspotenzial in den Logfiles?

Ja.

Schritt 2: Reste entfernen. Offen.
Schritt 3: Sicherheitsluecken schließen. Offen.
Schritt 4: Aufraeumen und Absicherung. Offen.

Sollte sich beim Packen Avast melden, dann auf Ignorieren klicken! Die Schaedlinge nicht loeschen!

1.) Packe den Ordner C:\_OTL\MovedFiles als Zip- oder Rar-Archiv.

2.) Lade das Archiv bei einem Filehoster hoch (z.B. www.zippyshare.com).

3.) Schicke mir den Link als private Nachricht oder Email (Signatur).

4.) Systemscan mit OTL

Erstelle bitte OTL-Logfiles nach dieser Anleitung. Die Analyse der Logfiles wird uns zeigen, welche Reste noch entfernt werden müssen und welche Lücken ggfs. noch vorhanden sind. Bitte in alle Kategorien "Benutze Safelist" anhaken und oben "Scanne alle Benutzer".

Füge die beiden Logfiles OTL.txt und Extras.txt als Anhang ein, indem Du unterhalb des Textfeldes auf Erweitert klickst und die Logdateien einzeln über Anhänge verwalten hochlädst.

5.) Welcher Browser wird benutzt?

6.) Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Deinstalliere Emsisoft.

7.) ESET Online Scanner

Vorbereitung

Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.

Los geht's

Lade und starte Eset Smartinstaller
Haken setzen bei YES, I accept the Terms of Use.
Klick auf Start.
Haken setzen bei Remove found threads und Scan archives.
Klick auf Start.
Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Finish drücken.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
Logfile hier posten.
Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

ciao, andreas

**geplagter-83** · 20.06.2012, 07:51

So, hab weiter gemacht...

1.) erledigt, Avast hat sich nicht gemeldet
2.) erledigt
3.) erledigt
4.) erledigt, siehe Anhang
5.) Microsoft Internet Explorer (neueste Version?!)
6.) erledigt, siehe Anhang
7.) erledigt, siehe Anhang

log.txt OTL.Txt a2scan_120619-221109.txt Extras.Txt

Ich nehm an, das war jetzt Schritt 2:Reste entfernen.
Was kommt bei Schritt 3 auf mich zu?

Gruß
Marcel

**john.doe** · 20.06.2012, 09:19

Hallo Marcel,

Microsoft Internet Explorer (neueste Version?!)

Dann waehle zum "normalen" Surfen bitte einen Anderen. Chrome oder Opera sind wohl zur Zeit am ehesten zu empfehlen.

1.) Safari ist installiert, wird aber offensichtlich nicht genutzt. Warum wurde es dann installiert?

2.) Zwei Antivirenprogramme zu installieren ist verboten, also entweder Avast oder Ad-Aware (wobei ich eher zu Avast raten wuerde). Deinstalliere eines.

Was kommt bei Schritt 3 auf mich zu?

(Nicht so ganz ernst gemeint) => http://de.wikipedia.org/wiki/Blut-Sc...nd-Tränen-Rede

3.) Wie bist du an eine Office-Enterprise-Version gekommen?

4.) Deinstalliere:

Bonjour
Java(TM) 6 Update 12
Apple Software Update
VLC media player 1.1.11

Welches davon wird denn tatsaechlich noch gebraucht?

WISO Sparbuch 2009
WISO Sparbuch 2010
WISO Steuer-Sparbuch 2012
Steuer 2010

5.) Java aktualisieren

Deine Javaversion ist veraltet. Da einige Schädlinge ueber Java-Exploits in das System eindringen, muss Java aktualisiert werden und alte Versionen müssen vom System entfernt werden, da die alten Versionen ein Sicherheitsrisiko darstellen. Lade JavaRa von SingularLabs herunter und entpacke es auf den Desktop. Nimm die Windows Binary. JavaRA ist geeignet für Windows Windows 9x, 2k, XP, Vista, 7. Vista und Windows 7-User müssen die Benuterkontensteuerung deaktivieren, Anleitung siehe unten.

Schließe alle Browserfenster.
Doppelklicke die JavaRa.exe, um das Programm zu starten.
Die Sprache Deutsch auswählen und klicke "Select".
Klicke auf Weitere Funktionen, mache Haken bei Unnötige JRE Dateien löschen und [b]Sun Download Manager löschen[b].
Klicke auf Start und jeweils auf Ok/Ja und schließe das Fenster "Additional Tasks" wieder.
Klicke auf Ältere Versionen löschen, um alte Java-Versionen, die auf dem Rechner installiert sind, zu entfernen.
Klicke auf Ja wenn es verlangt wird. Wenn JavaRa fertig, erscheint eine Notiz, dass ein Logfile erstellt wurde, klicke OK.
Das Logfile wird im Editor geöffnet, bitte speichern und später hier posten.
Rechner neu starten.

Downloade nun die aktuelle Offline-Version von Java von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

Vista/Windows 7-User: Benutzerkontensteuerung deaktivieren:

Start => msconfig (unten reinschreiben) => ENTER
Es öffnet sich das Fenster Systemkonfiguration.
Reiter "Tools" => suchen nach:
Benutzerkontensteuerung deaktivieren => starten => ok
Rechner neu starten.

Nach dem Lauf von JavaRa die Benutzerkontensteuerung wieder aktivieren.

6.) Installiere:
Toolbars und zus. Programme abwaehlen, immer alle Haken weg!

7.) Fixen mit OTL

Das Skript setzt alle Ausnahmen der Firewall zurueck, die wird in Zukunft haeufiger nachfragen.

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Code:

:Services
AdobeFlashPlayerUpdateSvc

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0C 7F 89 1C 71 F8 CB 01  [binary data]
IE - HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dlx ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLx (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dlx ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dlx (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dlx (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dlx (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dlx (Adobe Systems Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O32 - HKLM CDRom: AutoRun - 1

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035838C4-4A87-4379-8833-4D6183DC5F32}" =-
"{0EB86807-1C42-4107-B2EA-8103D5F6C523}" =-
"{1232EE0D-1CF0-4FD3-A11A-71E906072899}" =-
"{154A3992-92EE-4EFC-A78C-86D2AF318C2E}" =-
"{15BB00D8-BCA4-4F5E-8C6F-70FBB1587642}" =-
"{24222C61-2271-46B8-88E1-ABDAAFED3713}" =-
"{36EA4D83-5D42-4A73-81C0-DAEF82C5744B}" =-
"{394A7E3B-BDE6-4E79-A4F4-078341697E83}" =-
"{48C48847-33FE-4A30-BC1F-04B9758721AC}" =-
"{5107BC02-BB1E-4EF6-97E5-50787BCD4F21}" =-
"{6420288C-DA06-4E84-A97D-12F4242C74A6}" =-
"{AD1A06E1-8A1C-49D7-AFD1-416E8C8CF4BE}" =-
"{B44F71DD-4736-4EA8-87BF-3D766E01BDF8}" =-
"{B55C708E-3A2D-45DE-BC60-11FA0F3EAFA4}" =-
"{B67B01B1-CC3A-4424-9E70-80743B0DA5A3}" =-
"{D72CFA36-0433-4DC4-B4ED-2E14EFB91D50}" =-
"{DBCF8301-366C-4D06-B993-AB4064D78BA7}" =-
"{DD555282-EA4D-4936-960E-D070E3A19FE9}" =-
"{EAA371C1-9060-4B68-864E-5C51467A21BF}" =-
"{EDF4C778-0148-4F54-8CCE-F30D5091288D}" =-
"{F8A709F1-DE88-4A42-AF10-1D2ECA6C3B09}" =-
"{FBC3185B-7935-482D-B83E-4661226CB48A}" =-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0359B88A-0292-4BF5-B3E3-874E710F6821}" =-
"{116218F4-01E0-4F6C-943A-77B0CB14A2F6}" =-
"{13A6E4F4-CB35-4F08-B248-412755B5CF27}" =-
"{1669B5AA-29F2-4890-ABB4-EE088754B534}" =-
"{186A5F8F-2B1D-4988-8030-6380F16ACE75}" =-
"{20CE3BA0-3579-4034-AB5C-061C65D780DA}" =-
"{20DC4EDE-DBAC-4CC9-8BFD-01F81EA886DC}" =-
"{21B1F93D-E3A3-43DA-B502-B71759A05F1E}" =-
"{244B037E-9BF1-42DC-AD2B-CC029F050FC9}" =-
"{2598177D-B891-48B7-83A5-204FE328848D}" =-
"{2B3E3213-8814-4C7F-B267-9D03A2350A8C}" =-
"{2FEFECAD-6E60-4DDE-AB74-42755DEAA34E}" =-
"{3022F8B6-AF7E-4CCF-8287-B27F704B429D}" =-
"{3B1BC63B-4E11-4277-A22D-3DA823665F87}" =-
"{439908B3-8788-43F8-A2C9-C95384EBB3AE}" =-
"{4A191C85-FE53-4799-9C35-57EC095B6025}" =-
"{4FB12418-C3D6-44C4-A76E-192AFB13FC9A}" =-
"{51D81EA2-BD37-4955-BCB4-CF59A852CBC0}" =-
"{53032ED6-B547-4878-8A7E-B6937BA16C8E}" =-
"{582E848E-2AB6-4449-8930-00572C3A8859}" =-
"{59A03035-2068-478E-B84F-D7B75C74E72A}" =-
"{5B166143-F99D-4134-9727-560C40180782}" =-
"{694FDE80-3FC0-4C1A-B9E1-F9419BDC80DC}" =-
"{6D45B82C-19F3-46BC-B8B4-09E7D2162BDE}" =-
"{6F5A5C58-17DD-4004-8523-21B408197CEF}" =-
"{7794CB9D-A074-4625-B7E6-4E086E39DD02}" =-
"{779F45F8-A3DA-4172-9E0A-27CCDB365CEF}" =-
"{7929AD3A-B52B-4A26-A66A-70AC96FE96A5}" =-
"{816BF311-8771-4FB9-BD02-7EA9C0F6824A}" =-
"{8B81E828-DDD3-4B70-B6CF-40D415AE9281}" =-
"{91F36794-3962-42A2-B571-E6F9EDC81838}" =-
"{93DA9A8E-69AC-49FC-866F-53BA0797C657}" =-
"{9AAA78C1-C6DB-498A-A1C7-84193662EAE3}" =-
"{9B91DC61-02B1-4AC1-B40F-427BD46902D2}" =-
"{9D7BB094-F876-4A19-A44D-1D140C9BEE4E}" =-
"{9F389921-1479-4EA7-9EFD-0751F7FDC0D9}" =-
"{A033C82D-EB7B-4B18-9EBD-356544E8BD18}" =-
"{A04A24C5-A1A9-4A9D-81D2-5D6536D039A9}" =-
"{A0B333EF-DE1C-4AA2-81A1-1B288041937C}" =-
"{A389EED5-99C7-4F6E-A020-7E2011570A86}" =-
"{A425C39E-D590-46AD-88E6-A0857ED31A26}" =-
"{AA828076-FB85-40E6-BF82-1079DE73F6F8}" =-
"{AB3B2113-357E-46FD-9390-DFD2519FAB70}" =-
"{BAEF225A-EAEB-421A-8AC3-40253DB3CBA8}" =-
"{BEBD9CF0-E6E7-40B5-B239-1C45BE53A45D}" =-
"{C58E8EF8-3C4A-47EF-B854-8AF93A8D1E25}" =-
"{CE3AA66F-51D4-43BB-8515-91A6AE096DFC}" =-
"{D69B1221-1185-43B0-A7AE-20254FB28C46}" =-
"{D996D506-3EEE-4A7A-A8E5-2397D69BDB4A}" =-
"{DEA0AF5C-3ED3-4604-9732-8532840EF852}" =-
"{E1EBBAB5-D55F-4C6A-BC5F-BC61A7A45917}" =-
"{F347C1DF-B629-4AE5-85AB-5711C3CC1DC3}" =-
"{FB13A579-81C4-4DCC-93C7-5EF9EEC9A800}" =-
"{FB667079-86F4-4DB7-9831-B795D475F91E}" =-
"{FC175B82-1FD4-4A3C-985B-F752EDED94BA}" =-
"TCP Query User{0ACBD376-FCBB-4722-85BE-1B7F87D20CDA}C:\program files (x86)\java\jre6\bin\javaw.exe" =-
"TCP Query User{15F116D5-2671-45C1-B2B0-CE706EB7E946}F:\age of empires 2\empires2.exe" =-
"TCP Query User{23B1B8FE-AF0B-4858-9E2B-1AC7C1416F53}F:\dead space\dead space.exe" =-
"TCP Query User{4E0807A6-3572-4DE4-82D9-3E0BA3F62D4F}F:\quake iii arena\quake3.exe" =-
"TCP Query User{4F51AF55-FDDA-4AD3-86A2-9DAA388EE420}C:\program files (x86)\winamp\winamp.exe" =-
"TCP Query User{632EA45C-E896-4B00-91CC-51FDEA708578}F:\crysis 2\bin32\crysis2.exe" =-
"TCP Query User{73C432AE-0389-4009-BC78-73FB8C859D23}C:\program files (x86)\kathrein dvrmanager\ufs910.exe" =-
"TCP Query User{8D620A9E-4D17-4C9D-BEF9-31ED4AC3ECB8}E:\vlc\vlc.exe" =-
"TCP Query User{A8A9F43F-10C7-4A75-A6A1-4EE93237FBFD}D:\apps und treiber\dreambox control center_e2.exe" =-
"TCP Query User{AEDF2680-C63B-4E2F-848D-82D4F33B1564}D:\apps und treiber\dreambox 7020 hd\dreambox control center_e2.exe" =-
"UDP Query User{12E1973B-C745-4270-8ED1-B2BC057088C3}F:\quake iii arena\quake3.exe" =-
"UDP Query User{65A6E6D1-7FCF-4A8B-A5AA-37E6EBC8EA98}D:\apps und treiber\dreambox control center_e2.exe" =-
"UDP Query User{7FE8AE13-7CAF-4E9A-A4C9-00A4E5F97F89}C:\program files (x86)\winamp\winamp.exe" =-
"UDP Query User{AEDFD67C-2C10-4506-894A-59EBC69A6953}F:\age of empires 2\empires2.exe" =-
"UDP Query User{C03F8FE6-A86D-4852-8237-AD8BBB091BEB}F:\crysis 2\bin32\crysis2.exe" =-
"UDP Query User{C13B4152-D933-4722-B754-719EC6CF6FAB}C:\program files (x86)\java\jre6\bin\javaw.exe" =-
"UDP Query User{CF959BA5-036A-44F3-A9EF-55F3DF0691A3}D:\apps und treiber\dreambox 7020 hd\dreambox control center_e2.exe" =-
"UDP Query User{D5013788-D7FC-4A20-BC35-828C76204701}C:\program files (x86)\kathrein dvrmanager\ufs910.exe" =-
"UDP Query User{DA4DC4D3-BE8B-4786-AA50-106A29C90A44}F:\dead space\dead space.exe" =-
"UDP Query User{FFF6718A-6FD5-4022-B405-3165E9F6E9A3}E:\vlc\vlc.exe" =-

:Files
C:\Windows\SysNative\perf?0??.dat
C:\Users\Marcel\Desktop\_OTL.zip

:Commands
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

8.) Poste neue OTL-Logs.

ciao, andreas

**geplagter-83** · 20.06.2012, 18:47

Hallo Andreas,

nichts Anderes als Blut, Schweiß und Tränen habe ich befürchtet ;)

Ich werde dann wohl auf Opera umsteigen. Empfiehlst du Plugins dazu und wenn ja, welche?

1.) Safari wurde bei der iTunes-Installation mitinstalliert. Habe es entfernt.

2.) Ad-Aware wurde deinstalliert. Habe es nur für gelegentliche Checks auf Malware verwendet. Was kann ich alternativ verwenden?

3.) Über eine Aktion meiner Uni.

4.) Alles deinstalliert. Die Steuer-Softwares brauch ich alle noch.

5.) Benutzerkontensteuerung deaktiviert, JavaRa ausgeführt, Benutzkontensteuerung aktiviert, Offline-Version von Java installiert. Toolbar wurde nicht angeboten. Log im Anhang.
JavaRa.log

6.) VLC und PSI installiert, dabei alle Haken entfernt.

7.) Erledigt, Logfile hier:

Code:

All processes killed
========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-2628785492-4091211904-2507900694-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-2628785492-4091211904-2507900694-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2628785492-4091211904-2507900694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0\ deleted successfully.
File C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dlx not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@canon.com/EPPEX\ deleted successfully.
File C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLx not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\ deleted successfully.
File C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dlx not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5\ deleted successfully.
File C:\Program Files (x86)\Microsoft\Office Live\npOLW.dlx not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nvidia.com/3DVision\ deleted successfully.
File C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dlx not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming\ deleted successfully.
File C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dlx not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\Adobe Reader\ deleted successfully.
File C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dlx not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{035838C4-4A87-4379-8833-4D6183DC5F32} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{035838C4-4A87-4379-8833-4D6183DC5F32}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EB86807-1C42-4107-B2EA-8103D5F6C523} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EB86807-1C42-4107-B2EA-8103D5F6C523}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1232EE0D-1CF0-4FD3-A11A-71E906072899} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1232EE0D-1CF0-4FD3-A11A-71E906072899}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{154A3992-92EE-4EFC-A78C-86D2AF318C2E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{154A3992-92EE-4EFC-A78C-86D2AF318C2E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15BB00D8-BCA4-4F5E-8C6F-70FBB1587642} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15BB00D8-BCA4-4F5E-8C6F-70FBB1587642}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24222C61-2271-46B8-88E1-ABDAAFED3713} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24222C61-2271-46B8-88E1-ABDAAFED3713}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36EA4D83-5D42-4A73-81C0-DAEF82C5744B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36EA4D83-5D42-4A73-81C0-DAEF82C5744B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{394A7E3B-BDE6-4E79-A4F4-078341697E83} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394A7E3B-BDE6-4E79-A4F4-078341697E83}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{48C48847-33FE-4A30-BC1F-04B9758721AC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48C48847-33FE-4A30-BC1F-04B9758721AC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5107BC02-BB1E-4EF6-97E5-50787BCD4F21} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5107BC02-BB1E-4EF6-97E5-50787BCD4F21}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6420288C-DA06-4E84-A97D-12F4242C74A6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6420288C-DA06-4E84-A97D-12F4242C74A6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD1A06E1-8A1C-49D7-AFD1-416E8C8CF4BE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD1A06E1-8A1C-49D7-AFD1-416E8C8CF4BE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B44F71DD-4736-4EA8-87BF-3D766E01BDF8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B44F71DD-4736-4EA8-87BF-3D766E01BDF8}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B55C708E-3A2D-45DE-BC60-11FA0F3EAFA4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B55C708E-3A2D-45DE-BC60-11FA0F3EAFA4}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B67B01B1-CC3A-4424-9E70-80743B0DA5A3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B67B01B1-CC3A-4424-9E70-80743B0DA5A3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D72CFA36-0433-4DC4-B4ED-2E14EFB91D50} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D72CFA36-0433-4DC4-B4ED-2E14EFB91D50}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBCF8301-366C-4D06-B993-AB4064D78BA7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBCF8301-366C-4D06-B993-AB4064D78BA7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD555282-EA4D-4936-960E-D070E3A19FE9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD555282-EA4D-4936-960E-D070E3A19FE9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EAA371C1-9060-4B68-864E-5C51467A21BF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAA371C1-9060-4B68-864E-5C51467A21BF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDF4C778-0148-4F54-8CCE-F30D5091288D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDF4C778-0148-4F54-8CCE-F30D5091288D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8A709F1-DE88-4A42-AF10-1D2ECA6C3B09} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8A709F1-DE88-4A42-AF10-1D2ECA6C3B09}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBC3185B-7935-482D-B83E-4661226CB48A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBC3185B-7935-482D-B83E-4661226CB48A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0359B88A-0292-4BF5-B3E3-874E710F6821} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0359B88A-0292-4BF5-B3E3-874E710F6821}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{116218F4-01E0-4F6C-943A-77B0CB14A2F6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{116218F4-01E0-4F6C-943A-77B0CB14A2F6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13A6E4F4-CB35-4F08-B248-412755B5CF27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13A6E4F4-CB35-4F08-B248-412755B5CF27}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1669B5AA-29F2-4890-ABB4-EE088754B534} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1669B5AA-29F2-4890-ABB4-EE088754B534}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{186A5F8F-2B1D-4988-8030-6380F16ACE75} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{186A5F8F-2B1D-4988-8030-6380F16ACE75}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20CE3BA0-3579-4034-AB5C-061C65D780DA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20CE3BA0-3579-4034-AB5C-061C65D780DA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20DC4EDE-DBAC-4CC9-8BFD-01F81EA886DC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20DC4EDE-DBAC-4CC9-8BFD-01F81EA886DC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21B1F93D-E3A3-43DA-B502-B71759A05F1E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21B1F93D-E3A3-43DA-B502-B71759A05F1E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{244B037E-9BF1-42DC-AD2B-CC029F050FC9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{244B037E-9BF1-42DC-AD2B-CC029F050FC9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2598177D-B891-48B7-83A5-204FE328848D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2598177D-B891-48B7-83A5-204FE328848D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B3E3213-8814-4C7F-B267-9D03A2350A8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B3E3213-8814-4C7F-B267-9D03A2350A8C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2FEFECAD-6E60-4DDE-AB74-42755DEAA34E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FEFECAD-6E60-4DDE-AB74-42755DEAA34E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3022F8B6-AF7E-4CCF-8287-B27F704B429D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3022F8B6-AF7E-4CCF-8287-B27F704B429D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B1BC63B-4E11-4277-A22D-3DA823665F87} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B1BC63B-4E11-4277-A22D-3DA823665F87}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{439908B3-8788-43F8-A2C9-C95384EBB3AE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{439908B3-8788-43F8-A2C9-C95384EBB3AE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A191C85-FE53-4799-9C35-57EC095B6025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A191C85-FE53-4799-9C35-57EC095B6025}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FB12418-C3D6-44C4-A76E-192AFB13FC9A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FB12418-C3D6-44C4-A76E-192AFB13FC9A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51D81EA2-BD37-4955-BCB4-CF59A852CBC0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51D81EA2-BD37-4955-BCB4-CF59A852CBC0}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53032ED6-B547-4878-8A7E-B6937BA16C8E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53032ED6-B547-4878-8A7E-B6937BA16C8E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{582E848E-2AB6-4449-8930-00572C3A8859} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{582E848E-2AB6-4449-8930-00572C3A8859}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59A03035-2068-478E-B84F-D7B75C74E72A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59A03035-2068-478E-B84F-D7B75C74E72A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B166143-F99D-4134-9727-560C40180782} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B166143-F99D-4134-9727-560C40180782}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{694FDE80-3FC0-4C1A-B9E1-F9419BDC80DC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{694FDE80-3FC0-4C1A-B9E1-F9419BDC80DC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D45B82C-19F3-46BC-B8B4-09E7D2162BDE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D45B82C-19F3-46BC-B8B4-09E7D2162BDE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F5A5C58-17DD-4004-8523-21B408197CEF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F5A5C58-17DD-4004-8523-21B408197CEF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7794CB9D-A074-4625-B7E6-4E086E39DD02} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7794CB9D-A074-4625-B7E6-4E086E39DD02}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{779F45F8-A3DA-4172-9E0A-27CCDB365CEF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{779F45F8-A3DA-4172-9E0A-27CCDB365CEF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7929AD3A-B52B-4A26-A66A-70AC96FE96A5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7929AD3A-B52B-4A26-A66A-70AC96FE96A5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{816BF311-8771-4FB9-BD02-7EA9C0F6824A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{816BF311-8771-4FB9-BD02-7EA9C0F6824A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B81E828-DDD3-4B70-B6CF-40D415AE9281} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B81E828-DDD3-4B70-B6CF-40D415AE9281}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91F36794-3962-42A2-B571-E6F9EDC81838} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91F36794-3962-42A2-B571-E6F9EDC81838}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93DA9A8E-69AC-49FC-866F-53BA0797C657} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93DA9A8E-69AC-49FC-866F-53BA0797C657}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AAA78C1-C6DB-498A-A1C7-84193662EAE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AAA78C1-C6DB-498A-A1C7-84193662EAE3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B91DC61-02B1-4AC1-B40F-427BD46902D2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9B91DC61-02B1-4AC1-B40F-427BD46902D2}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D7BB094-F876-4A19-A44D-1D140C9BEE4E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D7BB094-F876-4A19-A44D-1D140C9BEE4E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F389921-1479-4EA7-9EFD-0751F7FDC0D9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F389921-1479-4EA7-9EFD-0751F7FDC0D9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A033C82D-EB7B-4B18-9EBD-356544E8BD18} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A033C82D-EB7B-4B18-9EBD-356544E8BD18}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A04A24C5-A1A9-4A9D-81D2-5D6536D039A9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A04A24C5-A1A9-4A9D-81D2-5D6536D039A9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0B333EF-DE1C-4AA2-81A1-1B288041937C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B333EF-DE1C-4AA2-81A1-1B288041937C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A389EED5-99C7-4F6E-A020-7E2011570A86} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A389EED5-99C7-4F6E-A020-7E2011570A86}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A425C39E-D590-46AD-88E6-A0857ED31A26} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A425C39E-D590-46AD-88E6-A0857ED31A26}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA828076-FB85-40E6-BF82-1079DE73F6F8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA828076-FB85-40E6-BF82-1079DE73F6F8}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB3B2113-357E-46FD-9390-DFD2519FAB70} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB3B2113-357E-46FD-9390-DFD2519FAB70}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BAEF225A-EAEB-421A-8AC3-40253DB3CBA8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAEF225A-EAEB-421A-8AC3-40253DB3CBA8}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BEBD9CF0-E6E7-40B5-B239-1C45BE53A45D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEBD9CF0-E6E7-40B5-B239-1C45BE53A45D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C58E8EF8-3C4A-47EF-B854-8AF93A8D1E25} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C58E8EF8-3C4A-47EF-B854-8AF93A8D1E25}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE3AA66F-51D4-43BB-8515-91A6AE096DFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE3AA66F-51D4-43BB-8515-91A6AE096DFC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D69B1221-1185-43B0-A7AE-20254FB28C46} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D69B1221-1185-43B0-A7AE-20254FB28C46}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D996D506-3EEE-4A7A-A8E5-2397D69BDB4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D996D506-3EEE-4A7A-A8E5-2397D69BDB4A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DEA0AF5C-3ED3-4604-9732-8532840EF852} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DEA0AF5C-3ED3-4604-9732-8532840EF852}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1EBBAB5-D55F-4C6A-BC5F-BC61A7A45917} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1EBBAB5-D55F-4C6A-BC5F-BC61A7A45917}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F347C1DF-B629-4AE5-85AB-5711C3CC1DC3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F347C1DF-B629-4AE5-85AB-5711C3CC1DC3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB13A579-81C4-4DCC-93C7-5EF9EEC9A800} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB13A579-81C4-4DCC-93C7-5EF9EEC9A800}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB667079-86F4-4DB7-9831-B795D475F91E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB667079-86F4-4DB7-9831-B795D475F91E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC175B82-1FD4-4A3C-985B-F752EDED94BA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC175B82-1FD4-4A3C-985B-F752EDED94BA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0ACBD376-FCBB-4722-85BE-1B7F87D20CDA}C:\program files (x86)\java\jre6\bin\javaw.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{15F116D5-2671-45C1-B2B0-CE706EB7E946}F:\age of empires 2\empires2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{23B1B8FE-AF0B-4858-9E2B-1AC7C1416F53}F:\dead space\dead space.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4E0807A6-3572-4DE4-82D9-3E0BA3F62D4F}F:\quake iii arena\quake3.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4F51AF55-FDDA-4AD3-86A2-9DAA388EE420}C:\program files (x86)\winamp\winamp.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{632EA45C-E896-4B00-91CC-51FDEA708578}F:\crysis 2\bin32\crysis2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73C432AE-0389-4009-BC78-73FB8C859D23}C:\program files (x86)\kathrein dvrmanager\ufs910.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8D620A9E-4D17-4C9D-BEF9-31ED4AC3ECB8}E:\vlc\vlc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A8A9F43F-10C7-4A75-A6A1-4EE93237FBFD}D:\apps und treiber\dreambox control center_e2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AEDF2680-C63B-4E2F-848D-82D4F33B1564}D:\apps und treiber\dreambox 7020 hd\dreambox control center_e2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12E1973B-C745-4270-8ED1-B2BC057088C3}F:\quake iii arena\quake3.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{65A6E6D1-7FCF-4A8B-A5AA-37E6EBC8EA98}D:\apps und treiber\dreambox control center_e2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7FE8AE13-7CAF-4E9A-A4C9-00A4E5F97F89}C:\program files (x86)\winamp\winamp.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AEDFD67C-2C10-4506-894A-59EBC69A6953}F:\age of empires 2\empires2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C03F8FE6-A86D-4852-8237-AD8BBB091BEB}F:\crysis 2\bin32\crysis2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C13B4152-D933-4722-B754-719EC6CF6FAB}C:\program files (x86)\java\jre6\bin\javaw.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CF959BA5-036A-44F3-A9EF-55F3DF0691A3}D:\apps und treiber\dreambox 7020 hd\dreambox control center_e2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D5013788-D7FC-4A20-BC35-828C76204701}C:\program files (x86)\kathrein dvrmanager\ufs910.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DA4DC4D3-BE8B-4786-AA50-106A29C90A44}F:\dead space\dead space.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FFF6718A-6FD5-4022-B405-3165E9F6E9A3}E:\vlc\vlc.exe deleted successfully.
========== FILES ==========
C:\Windows\SysNative\perfc007.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
C:\Windows\SysNative\perfd007.dat moved successfully.
C:\Windows\SysNative\perfd009.dat moved successfully.
C:\Windows\SysNative\perfh007.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfi007.dat moved successfully.
C:\Windows\SysNative\perfi009.dat moved successfully.
C:\Users\Marcel\Desktop\_OTL.zip moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Marcel
->Temp folder emptied: 212684 bytes
->Temporary Internet Files folder emptied: 5946961 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 470 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9987 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 6,00 mb
 
 
OTL by OldTimer - Version 3.2.49.0 log created on 06202012_191019

Files\Folders moved on Reboot...
C:\Users\Marcel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

8.) Neue OTL-Logs folgen hier: Extras.Txt OTL.Txt

So, weiter gehts :)

Gruß
Marcel

**john.doe** · 20.06.2012, 19:14

Hallo Marcel,

Ich werde dann wohl auf Opera umsteigen. Empfiehlst du Plugins dazu und wenn ja, welche?

Gute Wahl.

Du brauchst eigentlich nur den Adobe Flash Player. Auf jeden Fall ist irgendeine Filterliste zu empfehlen, wie z.B. die beiden von Fanboy. Opera unterstuetzt kein ActiveX, dafuer musst du dann den MSIE benutzen.

Was kann ich alternativ verwenden?

Malwarebytes ist weit vorne. SuperAntiSpyware ohne Waechter ist auch OK.

Sowohl Spybot als auch Ad-Adware sind nicht zu empfehlen.

Die Steuer-Softwares brauch ich alle noch.

Kein Thema, du hattest nur etwa 726 Versionen installiert (ich neige zu minimalen, kaum wahrnehmbaren Uebertreibungen).

Logs sind sauber. Wie geht es dem Rechner, noch irgendwelche Auffaelligkeiten oder Probleme?

ciao, andreas

**geplagter-83** · 20.06.2012, 20:35

Gute Wahl.

Danke :)

Malwarebytes lass ich dann mal installiert und ab und zu durchlaufen.

Für was brauche ich denn "PSI" und muss das in den Autostart rein?

Kein Thema, du hattest nur etwa 726 Versionen installiert (ich neige zu minimalen, kaum wahrnehmbaren Uebertreibungen).

Ist ja nur knapp daneben;)
Man braucht halt für jedes Jahr 'ne Neue. Und leider hab ich noch nicht alles erledigt...

Der Rechner läuft ohne Auffälligkeiten.
Allerdings hatte ich ein paar nicht enden wollende Hänger nach dem Bootvorgang,
beim ersten Anblick des Desktops. Die Reset-Taste war die einzige Lösung.
Das werd ich mal weiter beobachten, aber die letzten 5 oder 6 Starts waren normal.

Kann ich erstmal beruhigt sein, oder kommt noch was?